OurSurfing eingefangen nach Installation von SUPER

Kris_ · 29.06.2015, 20:45

Hallo ,
melde mich wieder aus dem Urlaub zurück und wollte gleich mal alle Logdatein posten.
Der Malewarebytes Scan ist etwas älter, dazwischen war der PC aber nicht an.

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.06.2015
Suchlauf-Zeit: 23:48:14
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.22.06
Rootkit Datenbank: v2015.06.22.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Modi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 499736
Verstrichene Zeit: 42 Min, 42 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 2
PUP.Optional.MultiPlug.Gen, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\nslE6DE.tmpfs, 2036, Löschen bei Neustart, [2c9204b9098172c49d5eed9dab5abf41]
PUP.Optional.MultiPlug.Gen, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\hnsr426E.tmp, 2652, Löschen bei Neustart, [2c9204b9098172c49d5eed9dab5abf41]

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 20
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [8737fcc11f6b191d4ec8fb730af9d42c], 
PUP.Optional.MultiPlug.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fogynomy, In Quarantäne, [2c9204b9098172c49d5eed9dab5abf41], 
PUP.Optional.MultiPlug.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zedepory, In Quarantäne, [2c9204b9098172c49d5eed9dab5abf41], 
PUP.Optional.Flashbeat.A, HKLM\SOFTWARE\Flashbeat, In Quarantäne, [d4eaf6c75d2d171fa1fdd1337292ed13], 
PUP.Optional.SuperClick.A, HKLM\SOFTWARE\WOW6432NODE\SuperClick_1.10.0.16, In Quarantäne, [49758538d4b673c3fb2d6e2365a0de22], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, In Quarantäne, [b905ae0f5f2b9f974670c83d0df7f709], 
PUP.Optional.Zoom.A, HKLM\SOFTWARE\WOW6432NODE\ZoomWebLists, In Quarantäne, [3589615c0c7e37ff1c12bf39fe0539c7], 
PUP.Optional.TabNav.A, HKLM\SOFTWARE\WOW6432NODE\TABNAV, In Quarantäne, [a01ec2fbabdf3105032a4dad0ef56d93], 
PUP.Optional.SuperClick.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\scfd_1_10_0_16, In Quarantäne, [b00ec2fb632743f3c465c0d18c798878], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\WajIEnhance, In Quarantäne, [645aefce4b3fa88e870a28e263a16a96], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\WajIntEnhance, In Quarantäne, [17a7f1cc7b0fd3630aadb74eeb19a858], 
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [893555681674a591c6de9eeeae579967], 
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, In Quarantäne, [c6f83687f39748ee287ca2ea45c05ba5], 
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, In Quarantäne, [f7c779447b0fe4525f456f1df60fe818], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantäne, [2f8f05b8d0bad561beb0ee11cf34af51], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantäne, [3a848f2eb7d359dda7c843bc04ff946c], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, In Quarantäne, [ac129528e1a97abcb0151677a2635fa1], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantäne, [e5d92a931e6cf1450d6533cc07fc40c0], 
PUP.Optional.FastSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [35893f7e4e3cb77f745118df0df6b050], 
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\SIMPLYTECH\HomeTab, In Quarantäne, [13ab4c71cebc3ff78f6142004eb6738d], 

Registrierungswerte: 8
PUP.Optional.TabNav.A, HKLM\SOFTWARE\WOW6432NODE\TABNAV|affid, 4435, In Quarantäne, [a01ec2fbabdf3105032a4dad0ef56d93]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\fogynomy|ImagePath, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\nslE6DE.tmpfs, In Quarantäne, [3688714ce4a62e081869abde0104c43c]
PUP.Optional.MultiPlug.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\zedepory|ImagePath, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\hnsr426E.tmp, In Quarantäne, [0bb36e4f2169b086fa888009788d5ea2]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&ts=1434746861&type=default&q={searchTerms}, In Quarantäne, [893555681674a591c6de9eeeae579967]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&ts=1434746861&type=default&q={searchTerms}, In Quarantäne, [c6f83687f39748ee287ca2ea45c05ba5]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, hxxp://www.mystartsearch.com//favicon.ico, In Quarantäne, [c6f8e9d45733270f178d4448bf46af51]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cmi&utm_campaign=install_ie&utm_content=ds&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&ts=1434746861&type=default&q={searchTerms}, In Quarantäne, [f7c779447b0fe4525f456f1df60fe818]
PUP.Optional.FastSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MOZILLA\EXTENDS|appid, searchffv2@gmail.com, In Quarantäne, [35893f7e4e3cb77f745118df0df6b050]

Registrierungsdaten: 20
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[c3fbb904cdbd3204441f08387a8c57a9]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1434386941&z=7925338853c26b360e5df0cgaz7cezacdb5qctdzfe&from=fsf&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1434386941&z=7925338853c26b360e5df0cgaz7cezacdb5qctdzfe&from=fsf&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[d8e6d7e6593157dfcc1080cd8a7c11ef]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}),Ersetzt,[427cf6c733570432f6e7e05f63a31ee2]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[d0ee6c51cfbb3006cf0e0f30976f7888]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[7e403a832862ec4ac21bdc63a2640000]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}),Ersetzt,[744a1ca181099a9ca33ac976897d56aa]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}),Ersetzt,[1da1febfe3a7e353904fc47ba95d37c9]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}),Ersetzt,[f5c98934a4e66bcb904fd46b72943ec2]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[ab13ebd2f09a999dd9f9410a33d3d030]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (Chrome.exe), Schlecht: ("C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://www.mystartsearch.com/?type=sc&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[d3eb95286a20c274ea7992ae61a55da3]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1434386941&z=7925338853c26b360e5df0cgaz7cezacdb5qctdzfe&from=fsf&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.oursurfing.com/?type=sc&ts=1434386941&z=7925338853c26b360e5df0cgaz7cezacdb5qctdzfe&from=fsf&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[dee0e1dc55353df9c5177ecf96709d63]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}),Ersetzt,[516df4c9e1a964d2aa3388b749bd9b65]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[734b0eaf1d6dfe38558864db34d233cd]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[ad11e7d6c1c93303a4397dc2e3238878]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}),Ersetzt,[4e70c3fab9d153e34499e75860a63ec2]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}),Ersetzt,[2d912c911278fc3a8659102fbf474ab6]
PUP.Optional.MyStartSearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}),Ersetzt,[4876ead37515171f726d99a69a6c3cc4]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[b00ec4f9e7a3db5bebe7262529dd6b95]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[b00eb805f892e254a836df6057af45bb]
PUP.Optional.MyStartSearch.A, HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX),Ersetzt,[8a349b22088256e0ce10fe419e68b749]

Ordner: 26
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.MultiPlug.Gen, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14, Löschen bei Neustart, [2c9204b9098172c49d5eed9dab5abf41], 
PUP.Optional.OpenCandy, C:\Users\Modi\AppData\Roaming\OpenCandy, In Quarantäne, [96285b6290fa142242cb6e55b350f907], 
PUP.Optional.OpenCandy, C:\Users\Modi\AppData\Roaming\OpenCandy\48D6CFF02E44431DBF7C25BC99A30096, In Quarantäne, [96285b6290fa142242cb6e55b350f907], 
PUP.Optional.MBot.A, C:\Program Files (x86)\mbot_de_014010002, In Quarantäne, [a7171da02763ce68229d706a2fd40bf5], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\DE, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.AnyProtect.A, C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup, In Quarantäne, [9a244b72870374c2565f3eb3996a0000], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\skin, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\tools, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 

Dateien: 151 
PUP.Optional.JellySplit.Gen, C:\ProgramData\37e30e59d1a7430da05c726d0388106f\37e30e59d1a7430da05c726d0388106f.exe, In Quarantäne, [2f8fb00d2e5c71c51c51f1780df5fd03], 
Trojan.Agent, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\jnsg20A9.tmp, In Quarantäne, [6f4f8c312c5eb97d4b6b8fdde220d32d], 
PUP.Optional.Winsock.HijackBoot.A, C:\Program Files (x86)\HighlightSearches\ABDLL.dll, In Quarantäne, [2b939825d8b277bfd1102a32b64c1ce4], 
PUP.Optional.Winsock.HijackBoot.A, C:\Program Files (x86)\HighlightSearches\ABDLL64.dll, In Quarantäne, [ac123d8099f184b29a4770ec41c142be], 
PUP.Optional.Winsock.HijackBoot.A, C:\Program Files (x86)\HighlightSearches\ABDLL64.exe, In Quarantäne, [3c82625b3654ba7c558c302c11f12ad6], 
PUP.Optional.Winsock.HijackBoot.A, C:\Program Files (x86)\HighlightSearches\abengine.dll, In Quarantäne, [d3ebd6e7a4e667cf8b569ac2cf337b85], 
PUP.Optional.Winsock.HijackBoot.A, C:\Program Files (x86)\HighlightSearches\abengine64.dll, In Quarantäne, [b20c06b70882aa8c7f6291cb639f1ce4], 
PUP.Optional.Winsock.HijackBoot.A, C:\Program Files (x86)\HighlightSearches\abenginecert.dll, In Quarantäne, [d5e9d8e53e4ccd6911d05a02f0127789], 
PUP.Optional.Winsock.HijackBoot.A, C:\Program Files (x86)\HighlightSearches\abenginep.exe, In Quarantäne, [724c942937533cfa6d74e37960a250b0], 
PUP.Optional.Winsock.HijackBoot.A, C:\Program Files (x86)\HighlightSearches\abenginew.exe, In Quarantäne, [e1dd932a0387241237aafb61e31f19e7], 
PUP.Optional.Winsock.HijackBoot.A, C:\Program Files (x86)\HighlightSearches\abenginewd.dll, In Quarantäne, [e6d8ebd294f6bf778e539dbf4fb3da26], 
PUP.Optional.Winsock.HijackBoot.A, C:\Windows\System32\abengine64.dll, Löschen bei Neustart, [a5198f2efc8e2b0bde0385d70af8e917], 
PUP.Optional.MyStartSearch.A, C:\Users\Modi\AppData\Local\Temp\nsbAE2D.tmp, In Quarantäne, [6559a01d0e7c60d628d91c6bfb0bfd03], 
PUP.Optional.Amonetize.A, C:\Users\Modi\AppData\Local\Temp\amiupdater1858.exe, In Quarantäne, [dae44e6f7416bf779f570a5ac53b3ac6], 
PUP.Optional.Clara.A, C:\Users\Modi\AppData\Local\Temp\f3074e2a-b970-49c5-9c03-c410986d50d6.exe, In Quarantäne, [2a94af0ec2c864d22d53effa32cf956b], 
PUP.Optional.OurSeaching.A, C:\Users\Modi\AppData\Local\Temp\is-8GNAM.tmp\fsf_oursurfing.exe, In Quarantäne, [13ab8e2f05855cdae4459ee950b68f71], 
PUP.Optional.Bundle, C:\Users\Modi\AppData\Local\Temp\is-EAC4K.tmp\sam__2268_il461.exe, In Quarantäne, [b20c3b82bbcfa690934a323f59a9936d], 
PUP.Optional.Clara.A, C:\Users\Modi\AppData\Local\Temp\ClaraDwl\0619e2f0-7717-4355-ba2f-f6f20a5b5f0c.exe, In Quarantäne, [b10d8c3165250234e928d9af778fa55b], 
PUP.Optional.AnyProtect, C:\Users\Modi\AppData\Local\nsn6EE4.tmp, In Quarantäne, [8b33813cb6d4290d5c9488e2a65dfc04], 
PUP.Optional.FlashBeat.A, C:\Windows\System32\Tasks\WTKXPWLM1, In Quarantäne, [fdc1e3daee9cc571eb6a8175cb382ad6], 
PUP.Optional.FlashBeat.A, C:\Windows\Tasks\WTKXPWLM1.job, In Quarantäne, [f7c7833aa8e27db984d2bd3951b2f60a], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\abengine.tlb, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\freebl3.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\dc.exe, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\lengine.ini, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\lengine64.exe, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\libnspr4.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\libplc4.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\libplds4.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\nss3.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\nssckbi.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\nssdbm3.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\nssutil3.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\slite.exe, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\smime3.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\softokn3.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\sqlite3.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\ssl3.dll, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\term.txt, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Winsock.HijackBoot, C:\Program Files (x86)\HighlightSearches\uninstall.exe, In Quarantäne, [12acf5c83c4ec07607f5f9fe867dc53b], 
PUP.Optional.Clara.A, C:\claraInstaller.txt, In Quarantäne, [fec0b50854366ec803dc0bf01fe4758b], 
PUP.Optional.ICQPlugin.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\searchplugins\icqplugin-1.xml, In Quarantäne, [c0fe407deb9fef479d6a39c9ad577987], 
PUP.Optional.ICQPlugin.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\searchplugins\icqplugin.xml, In Quarantäne, [8737f3caeb9fb77fed1aa35fd52ff709], 
PUP.Optional.MyStartSearch.A, C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, Löschen bei Neustart, [348a1f9e7e0c90a696efdf29e61e2ad6], 
PUP.Optional.MyStartSearch.A, C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, Löschen bei Neustart, [8f2f6855286268ce6b1aa56301037f81], 
PUP.Optional.MultiPlug.Gen, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\nslE6DE.tmpfs, Löschen bei Neustart, [2c9204b9098172c49d5eed9dab5abf41], 
PUP.Optional.MultiPlug.Gen, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\hnsr426E.tmp, Löschen bei Neustart, [2c9204b9098172c49d5eed9dab5abf41], 
PUP.Optional.MultiPlug.Gen, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\jnsg20A9.tmp, In Quarantäne, [2c9204b9098172c49d5eed9dab5abf41], 
PUP.Optional.MultiPlug.Gen, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\rnsb136C.exe, In Quarantäne, [2c9204b9098172c49d5eed9dab5abf41], 
PUP.Optional.MultiPlug.Gen, C:\Users\Modi\AppData\Roaming\C0E77873-1434387928-DE11-902B-B4CABCB10D14\Uninstall.exe, In Quarantäne, [2c9204b9098172c49d5eed9dab5abf41], 
PUP.Optional.OurSurfing.A, C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.oursurfing.com_0.localstorage, In Quarantäne, [96282b920d7de3539dc7deb09a6bb749], 
PUP.Optional.OurSurfing.A, C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.oursurfing.com_0.localstorage-journal, In Quarantäne, [6c521ba2cfbb5ed83232a7e7be47e41c], 
PUP.Optional.Abengine.A, C:\Users\Modi\AppData\Local\Temp\lengine.ini.log, In Quarantäne, [86386a53f892d066027c454cac59cb35], 
PUP.Optional.OpenCandy, C:\Users\Modi\AppData\Roaming\OpenCandy\48D6CFF02E44431DBF7C25BC99A30096\speedupmypcDE.exe, In Quarantäne, [96285b6290fa142242cb6e55b350f907], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\Configuration.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\OptionDlg.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\RegionalSettings.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\UserInterface.xml, In Quarantäne, [85396f4e5d2d52e4abd7658ab053cc34], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\config.xml, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\Icons.bmp, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\icq6Toolbar.ico, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\logo_small.gif, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ServiceStarter.exe, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\short.wav, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\Version.txt, In Quarantäne, [cef0dce1c2c857df3e45ec0343c051af], 
PUP.Optional.AnyProtect.A, C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup\AnyProtect.lnk, In Quarantäne, [9a244b72870374c2565f3eb3996a0000], 
PUP.Optional.AnyProtect.A, C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup\Uninstall.lnk, In Quarantäne, [9a244b72870374c2565f3eb3996a0000], 
PUP.Optional.MyStartSearch, C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: ("session":{"restore_on_startup":5}}), Schlecht: ("session":{"restore_on_startup":4,"startup_urls":["hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX"]},"sync":{"remaining_rollback_tries":0}}), Ersetzt,[78463c81d6b4a4927a375e3059ad8878]
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome.manifest, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\install.rdf, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\content.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\html5slider.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\jquery-1.8.3.min.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\li.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\main.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\main.xul, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\options.html, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\options.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\test.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\tools.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\tr.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\upcpier.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\vgValidator.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\content\zoom.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\skin\button.png, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\skin\icon32x32-disabled.png, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\skin\icon32x32.png, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\skin\options.css, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\skin\options_bg.png, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\skin\otaznik.png, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\chrome\skin\slider.png, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\addon_d.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\addon_info.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\file_cacher.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\guid.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\observer.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\pref_man.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\pu_upd.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\timer.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\time_passed.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\xcipher.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\tools\days_passed.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\tools\ff_info.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\tools\firstrun.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.ZoomIt.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\extensions\{1d3fae6c-d5ab-cbea-ff66-027fe9c8c9dd}\modules\tools\os.js, In Quarantäne, [cdf124995e2c7cbac82b5f2a9175d729], 
PUP.Optional.QuickStart.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Ersetzt,[9628b10c305a75c1ce61eca0d43215eb]
PUP.Optional.Conduit.A, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\prefs.js, Gut: (), Schlecht: (user_pref("CT2124320.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2124320&q=");), Ersetzt,[e1dd8c312763d6609ea91875e52106fa]
PUP.Optional.MyStartSearch, C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "mystartsearch");), Ersetzt,[3b83fdc09eecd066c08c820c5ea83bc5]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

# AdwCleaner v4.207 - Bericht erstellt 29/06/2015 um 20:58:06
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-06-21.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Modi - MODI-PC
# Gestarted von : C:\Users\Modi\Desktop\AdwCleaner_4.207.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\MyPCBU
Ordner Gelöscht : C:\Program Files (x86)\app_setup
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Ordner Gelöscht : C:\Users\Modi\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Program Files\vghd
Ordner Gelöscht : C:\Users\Modi\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Modi\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar
Ordner Gelöscht : C:\Users\Modi\AppData\Roaming\vghd
Ordner Gelöscht : C:\Users\Modi\AppData\Roaming\ProgSense
Datei Gelöscht : C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Datei Gelöscht : C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Datei Gelöscht : C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\invalidprefs.js
Datei Gelöscht : C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\searchplugins\safeguard-secure-search.xml

***** [ Geplante Tasks ] *****

Task Gelöscht : amiupdaterExd
Task Gelöscht : amiupdaterExi

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Modi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Modi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Modi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Profil.lnk
Verknüpfung Desinfiziert : C:\Users\Modi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\ProgSense
Schlüssel Gelöscht : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\Clara
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBit
Schlüssel Gelöscht : HKLM\SOFTWARE\searchult
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D7D6742-5B49-4454-9E9B-748E731E741A}_is1
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v38.0.6 (x86 de)

[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.SearchInNewTabServiceUrl", "hxxp://hosting.conduit-services.com/newtab/?ctid=EB_TOOLBAR_ID");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.ct2467819.SearchEngine", "Suchenhxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=ct2467819&octid=EB_ORIGINAL_CTID");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.myStuffSearchUrl", "hxxp://search.conduit.com/Results.aspx?q=SEARCH_TERM&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&SearchType=ToolbarComponents");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CT2124320.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.1&q=");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2124320");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2124320");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Feb 26 2010 02:32:24 GMT+0100");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "mystartsearch");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.mystartsearch.com/favicon.ico");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "mystartsearch");
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={sear[...]
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[b20e40qm.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v43.0.2357.130

[C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX&q={searchTerms}
[C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.mystartsearch.com/?type=hp&ts=1434746797&z=88969c166b7cdf23f061aa8gdz2cfzdm1z4qem2tfe&from=cmi&uid=ST9750422AS_5WS3WRHXXXXX5WS3WRHX

-\\ Opera v30.0.1835.59


*************************

AdwCleaner[R0].txt - [10629 Bytes] - [29/06/2015 20:55:26]
AdwCleaner[S0].txt - [10152 Bytes] - [29/06/2015 20:58:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10212  Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.2.1 (06.28.2015:2)
OS: Windows 7 Home Premium x64
Ran by Modi on 29.06.2015 at 21:15:29,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\Modi\appdata\local\google\chrome\user data\default\local storage\hxxp_lyrics.wikia.com_0.localstorage
Successfully deleted: [File] C:\Users\Modi\appdata\local\google\chrome\user data\default\local storage\hxxp_lyrics.wikia.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\ProgramData\tuneup software
Successfully deleted: [Folder] C:\Users\Modi\AppData\Roaming\tuneup software
Successfully deleted: [Folder] C:\ProgramData\28341ff220e0446c9fff27c4493d622e
Successfully deleted: [Folder] C:\ProgramData\37e30e59d1a7430da05c726d0388106f



~~~ FireFox




~~~ Chrome


[C:\Users\Modi\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Modi\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Modi\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Modi\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.06.2015 at 21:20:59,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Modi (administrator) on MODI-PC on 29-06-2015 21:22:52
Running from C:\Users\Modi\Desktop
Loaded Profiles: Modi & UpdatusUser (Available Profiles: Modi & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Locktime Software) C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [370176 2010-06-17] (shbox.de)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2127896 2012-11-22] (Microsoft Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-10-30] (Samsung Electronics)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Modi\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1010\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\S-1-5-21-3319006498-4150260777-3634854002-1010\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [438272 2009-07-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-08-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll [2010-06-17] (IE Download Helper)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {99FE5072-78AA-4FEE-89BA-69A5FA55343F} hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: 
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-04] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-11-05] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-06-03] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-11-05] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-15] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009-05-01] (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009-05-01] (The OpenSSL Project, hxxp://www.openssl.org/)
FF Extension: Avira Browser Safety - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\abs@avira.com [2015-06-04]
FF Extension: [verify-U]-Add-on - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\verify-u_2@cybits.de [2012-11-15]
FF Extension: Firebug - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\firebug@software.joehewitt.com.xpi [2011-04-02]
FF Extension: ProxTube - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\ich@maltegoetz.de.xpi [2014-09-12]
FF Extension: TinEye Reverse Image Search - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\tineye@ideeinc.com.xpi [2011-08-15]
FF Extension: NoScript - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-16]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-01-15]
FF Extension: Adblock Plus - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2015-06-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-06-04]

Chrome: 
=======
CHR Profile: C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-15]
CHR Extension: (Google Drive) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-15]
CHR Extension: (YouTube) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-15]
CHR Extension: (Adblock Plus) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-15]
CHR Extension: (Google Search) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-31]
CHR Extension: (Google Wallet) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Gmail) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe [571160 2007-08-23] (Acronis)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-19] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-19] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
S2 GtDetectSc; C:\Program Files\T-Mobile\GlobeTrotter Connect\GtDetectSc.exe [314880 2008-05-08] (OptionNV) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 nlsvc; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [867840 2007-05-13] (Locktime Software) [File not signed]
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2009-11-18] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2009-08-26] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2009-08-26] () [File not signed]
S3 EuDisk; C:\Windows\System32\DRIVERS\EuDisk.sys [137608 2009-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2009-09-16] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2009-09-16] () [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] () [File not signed]
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [124928 2008-02-18] (Option N.V.)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2008-02-08] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-03-30] (Option N.V.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-29] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89320 2007-05-13] (Locktime Software)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2011-05-13] () [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [119552 2005-03-24] (Microsoft Corporation) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2009-02-13] (Western Digital Technologies) [File not signed]
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\7A20.tmp [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 TVICPORT; \??\C:\Windows\system32\DRIVERS\TVICPORT.SYS [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-29 21:22 - 2015-06-29 21:23 - 00026144 _____ C:\Users\Modi\Desktop\FRST.txt
2015-06-29 21:20 - 2015-06-29 21:20 - 00001742 _____ C:\Users\Modi\Desktop\JRT.txt
2015-06-29 21:16 - 2015-06-29 21:16 - 00000000 ____D C:\Users\Modi\Desktop\alt
2015-06-29 21:15 - 2015-06-29 21:15 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MODI-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-29 21:15 - 2015-06-29 21:15 - 00000000 ____D C:\RegBackup
2015-06-29 21:13 - 2015-06-29 21:13 - 02950645 _____ (Malwarebytes Corporation) C:\Users\Modi\Desktop\JRT.exe
2015-06-29 20:55 - 2015-06-29 20:58 - 00000000 ____D C:\AdwCleaner
2015-06-29 20:40 - 2015-06-29 20:40 - 02244096 _____ C:\Users\Modi\Desktop\AdwCleaner_4.207.exe
2015-06-22 23:46 - 2015-06-29 20:42 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-22 23:45 - 2015-06-22 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-22 23:45 - 2015-06-22 23:45 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-22 23:45 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-22 23:45 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-22 23:41 - 2015-06-22 23:42 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Modi\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-20 16:43 - 2015-06-20 16:43 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-20 16:43 - 2015-06-20 16:43 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-20 16:42 - 2015-06-20 16:43 - 40114248 _____ C:\Users\Modi\Downloads\Firefox_Setup_38.0.6de.exe
2015-06-20 16:42 - 2015-06-20 16:43 - 40114248 _____ C:\Users\Modi\Downloads\Firefox_Setup_38.0.6de (1).exe
2015-06-20 16:41 - 2015-06-20 16:41 - 01198368 _____ C:\Users\Modi\Downloads\Firefox - CHIP-Installer.exe
2015-06-19 22:49 - 2015-06-19 22:49 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434746935
2015-06-19 22:49 - 2015-06-19 22:49 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Opera Software
2015-06-19 22:49 - 2015-06-19 22:49 - 00000000 ____D C:\Users\Modi\AppData\Local\Opera Software
2015-06-19 22:49 - 2015-06-19 22:48 - 00001103 _____ C:\Users\Public\Desktop\Opera.lnk
2015-06-19 22:49 - 2015-06-19 22:48 - 00001103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-19 22:48 - 2015-06-29 21:11 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-19 22:25 - 2015-06-19 22:25 - 00001232 _____ C:\Users\Modi\Desktop\Revo Uninstaller.lnk
2015-06-19 22:25 - 2015-06-19 22:25 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-19 22:24 - 2015-06-19 22:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Modi\Desktop\revosetup95.exe
2015-06-19 18:07 - 2015-06-29 21:22 - 00000000 ____D C:\FRST
2015-06-19 18:07 - 2015-06-19 18:07 - 02109952 _____ (Farbar) C:\Users\Modi\Desktop\FRST64.exe
2015-06-15 19:06 - 2012-08-27 23:48 - 00000027 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-15 18:53 - 2015-06-19 22:46 - 00000000 ____D C:\Users\Modi\AppData\Local\CrashDumps
2015-06-15 18:51 - 2015-06-15 18:51 - 00000000 _____ C:\Windows\prleth.sys
2015-06-15 18:51 - 2015-06-15 18:51 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-15 18:48 - 2015-06-15 18:48 - 00003552 _____ C:\Windows\System32\Tasks\DWBTM
2015-06-15 18:46 - 2015-06-15 18:46 - 00000000 ____D C:\Users\Modi\Documents\eRightSoft
2015-06-15 18:42 - 2015-06-15 18:44 - 69207083 _____ (eRightSoft ) C:\Users\Modi\Downloads\SUPERsetup.exe
2015-06-11 20:13 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-11 20:13 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-11 20:13 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-11 20:13 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-11 20:13 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-11 20:13 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-11 20:13 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-11 20:13 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-11 20:13 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-11 20:13 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-11 20:13 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-11 20:13 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-11 20:13 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-11 20:12 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-11 20:12 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-11 20:12 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-11 20:12 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-11 20:12 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-11 20:12 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-11 20:12 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-11 20:12 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-11 20:12 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-11 20:12 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-11 20:12 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-11 20:12 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-11 20:12 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-11 20:12 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-11 20:12 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-11 20:12 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-11 20:12 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-11 20:12 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-11 20:12 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-11 20:12 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-11 20:12 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-11 20:12 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-11 20:12 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-11 20:12 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-11 20:12 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-11 20:12 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-11 20:12 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-11 20:12 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-11 20:12 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-11 20:12 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-11 20:12 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-11 20:12 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-11 20:12 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-11 20:12 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-11 20:12 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-11 20:12 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-11 20:12 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-11 20:12 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-11 20:12 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-11 20:12 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-11 20:12 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-11 20:12 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-11 20:12 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-11 20:12 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-11 20:12 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-11 20:12 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-11 20:12 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-11 20:12 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-11 20:12 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-11 20:12 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-11 20:12 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-11 20:12 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-11 20:12 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-11 20:12 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-11 20:12 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-11 20:12 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-11 20:12 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-11 20:12 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-11 20:12 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-11 20:12 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-11 20:11 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-11 20:11 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-11 20:11 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-11 20:11 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-11 20:11 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-11 20:11 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-11 20:11 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-11 20:11 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-11 20:11 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-11 20:11 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-11 20:11 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-11 20:11 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-11 20:11 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-11 20:11 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-11 20:11 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-11 20:11 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-11 20:11 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-11 20:11 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-11 20:10 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 20:10 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 20:10 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-11 20:10 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-11 19:48 - 2015-06-11 19:49 - 00000000 ____D C:\Users\Modi\Downloads\Sarah Connor
2015-06-11 19:35 - 2015-06-11 19:39 - 00000000 ____D C:\Users\Modi\Downloads\Yvonne Catterfeld Lieber so
2015-06-11 19:32 - 2015-06-11 19:34 - 142133139 _____ C:\Users\Modi\Downloads\Yvonne Catterfeld_lieber so .rar
2015-06-11 19:29 - 2015-06-11 19:48 - 123839695 _____ C:\Users\Modi\Downloads\Sarah Connor - Muttersprache (mp3boo.me).zip
2015-06-04 21:51 - 2015-06-04 21:51 - 00000000 ____D C:\Users\Modi\AppData\Local\GWX
2015-06-04 01:36 - 2015-06-20 16:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-29 21:16 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-29 21:16 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-29 21:15 - 2010-02-25 22:48 - 01515842 _____ C:\Windows\WindowsUpdate.log
2015-06-29 21:07 - 2014-06-22 16:30 - 00000000 ____D C:\Users\Modi\AppData\Local\Adobe
2015-06-29 21:07 - 2013-05-24 18:59 - 00116316 _____ C:\Windows\setupact.log
2015-06-29 21:06 - 2012-09-27 17:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-29 21:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-29 21:05 - 2013-10-28 00:26 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-29 20:58 - 2014-01-15 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-29 20:58 - 2010-02-25 22:50 - 00000997 _____ C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-29 20:20 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-29 20:19 - 2013-08-23 15:02 - 00684838 _____ C:\Windows\PFRO.log
2015-06-23 00:40 - 2012-07-20 21:38 - 00198656 ___SH C:\Users\Modi\Desktop\Thumbs.db
2015-06-23 00:38 - 2010-02-26 02:54 - 00000000 ____D C:\ProgramData\ICQ
2015-06-22 23:59 - 2012-09-27 17:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-22 23:45 - 2012-08-21 21:20 - 00001070 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-22 23:45 - 2012-08-21 21:20 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Malwarebytes
2015-06-22 23:45 - 2012-08-21 21:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-22 23:31 - 2010-02-25 22:49 - 00119064 _____ C:\Users\Modi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-22 23:26 - 2009-07-14 06:45 - 05300440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-22 23:25 - 2012-04-26 20:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-22 23:25 - 2009-10-28 19:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-20 16:24 - 2010-11-04 18:29 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2015-06-20 16:11 - 2010-04-07 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nemetschek
2015-06-20 16:07 - 2012-06-17 17:07 - 00000000 ____D C:\Users\Modi\AppData\Roaming\com.unitedinternet.ums.sms-mms-manager
2015-06-20 16:07 - 2010-02-26 02:49 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GMX
2015-06-20 16:07 - 2010-02-26 02:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMX
2015-06-20 16:06 - 2012-06-17 17:07 - 00000000 ____D C:\Program Files (x86)\GMX SMS-MMS-Manager
2015-06-20 16:06 - 2010-02-26 03:21 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Gadu-Gadu 10
2015-06-20 16:06 - 2010-02-26 03:21 - 00000000 ____D C:\ProgramData\Gadu-Gadu 10
2015-06-20 16:04 - 2012-11-17 20:50 - 00000000 ____D C:\Program Files (x86)\Brotherhood Software
2015-06-20 16:03 - 2012-11-17 20:49 - 00000000 ____D C:\Users\Modi\AppData\Local\Captcha_Brotherhood
2015-06-20 16:02 - 2011-11-30 11:22 - 00000000 ____D C:\Program Files (x86)\HEITKER
2015-06-20 15:52 - 2010-03-28 18:00 - 00000000 ____D C:\ProgramData\Codemasters
2015-06-20 15:52 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-20 15:49 - 2011-11-06 17:09 - 00000000 ____D C:\Program Files (x86)\MAXON
2015-06-20 15:48 - 2011-11-06 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2015-06-20 15:37 - 2010-04-22 11:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-20 15:36 - 2009-10-28 19:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-20 15:35 - 2010-07-15 17:12 - 00000000 ____D C:\Program Files\Adobe
2015-06-19 23:00 - 2014-01-07 23:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-06-19 21:36 - 2014-11-07 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-19 21:33 - 2013-03-28 23:33 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-19 21:33 - 2013-03-28 23:33 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-19 21:30 - 2010-02-26 07:34 - 00700720 _____ C:\Windows\system32\perfh007.dat
2015-06-19 21:30 - 2010-02-26 07:34 - 00150326 _____ C:\Windows\system32\perfc007.dat
2015-06-19 21:30 - 2009-07-14 07:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-19 18:45 - 2015-04-22 23:22 - 00000000 __SHD C:\Users\Modi\AppData\Local\EmieBrowserModeList
2015-06-19 18:45 - 2014-08-13 22:10 - 00000000 __SHD C:\Users\Modi\AppData\Local\EmieUserList
2015-06-19 18:45 - 2014-08-13 22:10 - 00000000 __SHD C:\Users\Modi\AppData\Local\EmieSiteList
2015-06-17 21:08 - 2014-08-13 22:06 - 00000652 _____ C:\Windows\wiso.ini
2015-06-17 21:05 - 2010-02-26 02:45 - 00000000 ____D C:\Users\Modi\AppData\Roaming\FileZilla
2015-06-17 20:37 - 2011-04-01 13:29 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-15 19:22 - 2014-12-15 22:02 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-15 19:22 - 2014-05-01 13:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-15 19:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-15 19:18 - 2009-10-29 07:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 18:46 - 2012-01-18 01:07 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Mp3tag
2015-06-15 18:35 - 2013-08-19 15:28 - 00000000 ____D C:\Windows\system32\MRT
2015-06-15 18:34 - 2010-02-26 18:00 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-04 21:43 - 2012-03-31 16:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-04 21:43 - 2011-05-18 08:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-04 01:10 - 2010-11-22 22:06 - 00000000 ____D C:\Users\Modi\Graphisoft
2015-06-04 00:54 - 2010-07-21 01:11 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-04 00:54 - 2010-07-21 01:11 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Kris_ · 29.06.2015, 20:46

1. Teil

Code:

ATTFilter

Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Modi (administrator) on MODI-PC on 29-06-2015 21:22:52
Running from C:\Users\Modi\Desktop
Loaded Profiles: Modi & UpdatusUser (Available Profiles: Modi & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Locktime Software) C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [370176 2010-06-17] (shbox.de)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2127896 2012-11-22] (Microsoft Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-10-30] (Samsung Electronics)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Modi\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1010\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\S-1-5-21-3319006498-4150260777-3634854002-1010\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [438272 2009-07-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-08-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll [2010-06-17] (IE Download Helper)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {99FE5072-78AA-4FEE-89BA-69A5FA55343F} hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: 
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-04] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-11-05] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-06-03] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-11-05] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-15] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009-05-01] (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009-05-01] (The OpenSSL Project, hxxp://www.openssl.org/)
FF Extension: Avira Browser Safety - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\abs@avira.com [2015-06-04]
FF Extension: [verify-U]-Add-on - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\verify-u_2@cybits.de [2012-11-15]
FF Extension: Firebug - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\firebug@software.joehewitt.com.xpi [2011-04-02]
FF Extension: ProxTube - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\ich@maltegoetz.de.xpi [2014-09-12]
FF Extension: TinEye Reverse Image Search - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\tineye@ideeinc.com.xpi [2011-08-15]
FF Extension: NoScript - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-16]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-01-15]
FF Extension: Adblock Plus - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2015-06-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-06-04]

Chrome: 
=======
CHR Profile: C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-15]
CHR Extension: (Google Drive) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-15]
CHR Extension: (YouTube) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-15]
CHR Extension: (Adblock Plus) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-15]
CHR Extension: (Google Search) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-31]
CHR Extension: (Google Wallet) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Gmail) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe [571160 2007-08-23] (Acronis)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-19] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-19] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
S2 GtDetectSc; C:\Program Files\T-Mobile\GlobeTrotter Connect\GtDetectSc.exe [314880 2008-05-08] (OptionNV) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 nlsvc; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [867840 2007-05-13] (Locktime Software) [File not signed]
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2009-11-18] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2009-08-26] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2009-08-26] () [File not signed]
S3 EuDisk; C:\Windows\System32\DRIVERS\EuDisk.sys [137608 2009-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2009-09-16] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2009-09-16] () [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] () [File not signed]
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [124928 2008-02-18] (Option N.V.)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2008-02-08] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-03-30] (Option N.V.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-29] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89320 2007-05-13] (Locktime Software)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2011-05-13] () [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [119552 2005-03-24] (Microsoft Corporation) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2009-02-13] (Western Digital Technologies) [File not signed]
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\7A20.tmp [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 TVICPORT; \??\C:\Windows\system32\DRIVERS\TVICPORT.SYS [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-29 21:22 - 2015-06-29 21:23 - 00026144 _____ C:\Users\Modi\Desktop\FRST.txt
2015-06-29 21:20 - 2015-06-29 21:20 - 00001742 _____ C:\Users\Modi\Desktop\JRT.txt
2015-06-29 21:16 - 2015-06-29 21:16 - 00000000 ____D C:\Users\Modi\Desktop\alt
2015-06-29 21:15 - 2015-06-29 21:15 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MODI-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-29 21:15 - 2015-06-29 21:15 - 00000000 ____D C:\RegBackup
2015-06-29 21:13 - 2015-06-29 21:13 - 02950645 _____ (Malwarebytes Corporation) C:\Users\Modi\Desktop\JRT.exe
2015-06-29 20:55 - 2015-06-29 20:58 - 00000000 ____D C:\AdwCleaner
2015-06-29 20:40 - 2015-06-29 20:40 - 02244096 _____ C:\Users\Modi\Desktop\AdwCleaner_4.207.exe
2015-06-22 23:46 - 2015-06-29 20:42 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-22 23:45 - 2015-06-22 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-22 23:45 - 2015-06-22 23:45 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-22 23:45 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-22 23:45 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-22 23:41 - 2015-06-22 23:42 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Modi\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-20 16:43 - 2015-06-20 16:43 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-20 16:43 - 2015-06-20 16:43 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-20 16:42 - 2015-06-20 16:43 - 40114248 _____ C:\Users\Modi\Downloads\Firefox_Setup_38.0.6de.exe
2015-06-20 16:42 - 2015-06-20 16:43 - 40114248 _____ C:\Users\Modi\Downloads\Firefox_Setup_38.0.6de (1).exe
2015-06-20 16:41 - 2015-06-20 16:41 - 01198368 _____ C:\Users\Modi\Downloads\Firefox - CHIP-Installer.exe
2015-06-19 22:49 - 2015-06-19 22:49 - 00003838 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434746935
2015-06-19 22:49 - 2015-06-19 22:49 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Opera Software
2015-06-19 22:49 - 2015-06-19 22:49 - 00000000 ____D C:\Users\Modi\AppData\Local\Opera Software
2015-06-19 22:49 - 2015-06-19 22:48 - 00001103 _____ C:\Users\Public\Desktop\Opera.lnk
2015-06-19 22:49 - 2015-06-19 22:48 - 00001103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-19 22:48 - 2015-06-29 21:11 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-19 22:25 - 2015-06-19 22:25 - 00001232 _____ C:\Users\Modi\Desktop\Revo Uninstaller.lnk
2015-06-19 22:25 - 2015-06-19 22:25 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-19 22:24 - 2015-06-19 22:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Modi\Desktop\revosetup95.exe
2015-06-19 18:07 - 2015-06-29 21:22 - 00000000 ____D C:\FRST
2015-06-19 18:07 - 2015-06-19 18:07 - 02109952 _____ (Farbar) C:\Users\Modi\Desktop\FRST64.exe
2015-06-15 19:06 - 2012-08-27 23:48 - 00000027 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-15 18:53 - 2015-06-19 22:46 - 00000000 ____D C:\Users\Modi\AppData\Local\CrashDumps
2015-06-15 18:51 - 2015-06-15 18:51 - 00000000 _____ C:\Windows\prleth.sys
2015-06-15 18:51 - 2015-06-15 18:51 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-15 18:48 - 2015-06-15 18:48 - 00003552 _____ C:\Windows\System32\Tasks\DWBTM
2015-06-15 18:46 - 2015-06-15 18:46 - 00000000 ____D C:\Users\Modi\Documents\eRightSoft
2015-06-15 18:42 - 2015-06-15 18:44 - 69207083 _____ (eRightSoft ) C:\Users\Modi\Downloads\SUPERsetup.exe
2015-06-11 20:13 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-11 20:13 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-11 20:13 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-11 20:13 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-11 20:13 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-11 20:13 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-11 20:13 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-11 20:13 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-11 20:13 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-11 20:13 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-11 20:13 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-11 20:13 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-11 20:13 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-11 20:12 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-11 20:12 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-11 20:12 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-11 20:12 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-11 20:12 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-11 20:12 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-11 20:12 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-11 20:12 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-11 20:12 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-11 20:12 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-11 20:12 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-11 20:12 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-11 20:12 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-11 20:12 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-11 20:12 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-11 20:12 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-11 20:12 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-11 20:12 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-11 20:12 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-11 20:12 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-11 20:12 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-11 20:12 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-11 20:12 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-11 20:12 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-11 20:12 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-11 20:12 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-11 20:12 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-11 20:12 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-11 20:12 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-11 20:12 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-11 20:12 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-11 20:12 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-11 20:12 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-11 20:12 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-11 20:12 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-11 20:12 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-11 20:12 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-11 20:12 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-11 20:12 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-11 20:12 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-11 20:12 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-11 20:12 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-11 20:12 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-11 20:12 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-11 20:12 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-11 20:12 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-11 20:12 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-11 20:12 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-11 20:12 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-11 20:12 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-11 20:12 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-11 20:12 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-11 20:12 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-11 20:12 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-11 20:12 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-11 20:12 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-11 20:12 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-11 20:12 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-11 20:12 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-11 20:12 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-11 20:11 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-11 20:11 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-11 20:11 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-11 20:11 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-11 20:11 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-11 20:11 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-11 20:11 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-11 20:11 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-11 20:11 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-11 20:11 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-11 20:11 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-11 20:11 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-11 20:11 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-11 20:11 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-11 20:11 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-11 20:11 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-11 20:11 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-11 20:11 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-11 20:10 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 20:10 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 20:10 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-11 20:10 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-11 19:48 - 2015-06-11 19:49 - 00000000 ____D C:\Users\Modi\Downloads\Sarah Connor
2015-06-11 19:35 - 2015-06-11 19:39 - 00000000 ____D C:\Users\Modi\Downloads\Yvonne Catterfeld Lieber so
2015-06-11 19:32 - 2015-06-11 19:34 - 142133139 _____ C:\Users\Modi\Downloads\Yvonne Catterfeld_lieber so .rar
2015-06-11 19:29 - 2015-06-11 19:48 - 123839695 _____ C:\Users\Modi\Downloads\Sarah Connor - Muttersprache (mp3boo.me).zip
2015-06-04 21:51 - 2015-06-04 21:51 - 00000000 ____D C:\Users\Modi\AppData\Local\GWX
2015-06-04 01:36 - 2015-06-20 16:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-29 21:16 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-29 21:16 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-29 21:15 - 2010-02-25 22:48 - 01515842 _____ C:\Windows\WindowsUpdate.log
2015-06-29 21:07 - 2014-06-22 16:30 - 00000000 ____D C:\Users\Modi\AppData\Local\Adobe
2015-06-29 21:07 - 2013-05-24 18:59 - 00116316 _____ C:\Windows\setupact.log
2015-06-29 21:06 - 2012-09-27 17:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-29 21:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-29 21:05 - 2013-10-28 00:26 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-29 20:58 - 2014-01-15 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-29 20:58 - 2010-02-25 22:50 - 00000997 _____ C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-29 20:20 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-29 20:19 - 2013-08-23 15:02 - 00684838 _____ C:\Windows\PFRO.log
2015-06-23 00:40 - 2012-07-20 21:38 - 00198656 ___SH C:\Users\Modi\Desktop\Thumbs.db
2015-06-23 00:38 - 2010-02-26 02:54 - 00000000 ____D C:\ProgramData\ICQ
2015-06-22 23:59 - 2012-09-27 17:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-22 23:45 - 2012-08-21 21:20 - 00001070 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-22 23:45 - 2012-08-21 21:20 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Malwarebytes
2015-06-22 23:45 - 2012-08-21 21:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-22 23:31 - 2010-02-25 22:49 - 00119064 _____ C:\Users\Modi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-22 23:26 - 2009-07-14 06:45 - 05300440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-22 23:25 - 2012-04-26 20:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-22 23:25 - 2009-10-28 19:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-20 16:24 - 2010-11-04 18:29 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2015-06-20 16:11 - 2010-04-07 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nemetschek
2015-06-20 16:07 - 2012-06-17 17:07 - 00000000 ____D C:\Users\Modi\AppData\Roaming\com.unitedinternet.ums.sms-mms-manager
2015-06-20 16:07 - 2010-02-26 02:49 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GMX
2015-06-20 16:07 - 2010-02-26 02:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMX
2015-06-20 16:06 - 2012-06-17 17:07 - 00000000 ____D C:\Program Files (x86)\GMX SMS-MMS-Manager
2015-06-20 16:06 - 2010-02-26 03:21 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Gadu-Gadu 10
2015-06-20 16:06 - 2010-02-26 03:21 - 00000000 ____D C:\ProgramData\Gadu-Gadu 10
2015-06-20 16:04 - 2012-11-17 20:50 - 00000000 ____D C:\Program Files (x86)\Brotherhood Software
2015-06-20 16:03 - 2012-11-17 20:49 - 00000000 ____D C:\Users\Modi\AppData\Local\Captcha_Brotherhood
2015-06-20 16:02 - 2011-11-30 11:22 - 00000000 ____D C:\Program Files (x86)\HEITKER
2015-06-20 15:52 - 2010-03-28 18:00 - 00000000 ____D C:\ProgramData\Codemasters
2015-06-20 15:52 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-20 15:49 - 2011-11-06 17:09 - 00000000 ____D C:\Program Files (x86)\MAXON
2015-06-20 15:48 - 2011-11-06 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2015-06-20 15:37 - 2010-04-22 11:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-20 15:36 - 2009-10-28 19:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-20 15:35 - 2010-07-15 17:12 - 00000000 ____D C:\Program Files\Adobe
2015-06-19 23:00 - 2014-01-07 23:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-06-19 21:36 - 2014-11-07 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-19 21:33 - 2013-03-28 23:33 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-19 21:33 - 2013-03-28 23:33 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-19 21:30 - 2010-02-26 07:34 - 00700720 _____ C:\Windows\system32\perfh007.dat
2015-06-19 21:30 - 2010-02-26 07:34 - 00150326 _____ C:\Windows\system32\perfc007.dat
2015-06-19 21:30 - 2009-07-14 07:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-19 18:45 - 2015-04-22 23:22 - 00000000 __SHD C:\Users\Modi\AppData\Local\EmieBrowserModeList
2015-06-19 18:45 - 2014-08-13 22:10 - 00000000 __SHD C:\Users\Modi\AppData\Local\EmieUserList
2015-06-19 18:45 - 2014-08-13 22:10 - 00000000 __SHD C:\Users\Modi\AppData\Local\EmieSiteList
2015-06-17 21:08 - 2014-08-13 22:06 - 00000652 _____ C:\Windows\wiso.ini
2015-06-17 21:05 - 2010-02-26 02:45 - 00000000 ____D C:\Users\Modi\AppData\Roaming\FileZilla
2015-06-17 20:37 - 2011-04-01 13:29 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-15 19:22 - 2014-12-15 22:02 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-15 19:22 - 2014-05-01 13:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-15 19:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-15 19:18 - 2009-10-29 07:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 18:46 - 2012-01-18 01:07 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Mp3tag
2015-06-15 18:35 - 2013-08-19 15:28 - 00000000 ____D C:\Windows\system32\MRT
2015-06-15 18:34 - 2010-02-26 18:00 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-04 21:43 - 2012-03-31 16:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-04 21:43 - 2011-05-18 08:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-04 01:10 - 2010-11-22 22:06 - 00000000 ____D C:\Users\Modi\Graphisoft
2015-06-04 00:54 - 2010-07-21 01:11 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-04 00:54 - 2010-07-21 01:11 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Kris_ · 29.06.2015, 20:47

2. Teil

Code:

ATTFilter

Scan result of ==================== Files in the root of some directories =======

2012-08-29 23:44 - 2012-08-29 23:42 - 0021494 _____ () C:\Program Files\0x0409.ini
2012-08-29 23:44 - 2012-08-29 23:42 - 0003584 _____ () C:\Program Files\1033.MST
2012-08-29 23:44 - 2012-08-29 23:43 - 93130240 _____ () C:\Program Files\Samsung Kies.msi
2010-11-08 22:15 - 2010-11-08 22:15 - 0000132 _____ () C:\Users\Modi\AppData\Roaming\Adobe BMP Format CS5 Prefs
2011-02-13 17:22 - 2012-11-01 21:04 - 0000132 _____ () C:\Users\Modi\AppData\Roaming\Adobe GIF Format CS5 Prefs
2010-04-23 14:31 - 2011-06-21 18:52 - 0002910 _____ () C:\Users\Modi\AppData\Roaming\hexplorer.dat
2010-04-23 14:31 - 2011-06-21 18:52 - 0000127 _____ () C:\Users\Modi\AppData\Roaming\mclip.dat
2010-10-22 13:05 - 2014-03-30 21:09 - 0001044 _____ () C:\Users\Modi\AppData\Roaming\wklnhst.dat
2010-07-23 17:31 - 2014-10-28 08:47 - 0001456 _____ () C:\Users\Modi\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2010-11-23 09:34 - 2010-11-23 10:42 - 0004608 _____ () C:\Users\Modi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-04-01 18:35 - 2012-08-22 17:52 - 0007612 _____ () C:\Users\Modi\AppData\Local\Resmon.ResmonCfg
2010-10-22 13:41 - 2010-10-22 14:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempa46888.html
2010-12-02 23:04 - 2010-12-03 00:32 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempab2068.html
2011-05-17 01:24 - 2011-05-17 01:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempab3704.html
2011-09-26 17:39 - 2011-09-26 18:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAC4396.html
2011-04-27 17:51 - 2011-04-27 18:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAe1784.html
2010-05-17 22:08 - 2010-05-17 22:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempaE4484.html
2011-05-06 11:26 - 2011-05-06 18:08 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempAF1088.html
2010-10-31 13:18 - 2010-10-31 15:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempaf5620.html
2010-11-04 17:12 - 2010-11-04 17:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAH6028.html
2011-04-26 00:20 - 2011-04-26 00:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempaI1972.html
2010-05-09 16:18 - 2010-05-09 22:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempaI5052.html
2011-09-08 17:14 - 2011-09-08 17:26 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempAj3420.html
2010-08-16 00:18 - 2010-08-16 00:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempaJd252.html
2010-10-28 00:37 - 2010-10-28 00:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAKj408.html
2010-12-20 19:27 - 2010-12-20 19:55 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempAL1540.html
2011-10-17 21:25 - 2011-10-17 21:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempal3920.html
2010-09-19 15:22 - 2010-09-19 17:08 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempam1440.html
2011-09-01 22:14 - 2011-09-01 22:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAm2364.html
2010-03-18 14:26 - 2010-03-18 18:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempaM3232.html
2010-10-13 12:42 - 2010-10-13 14:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempam5128.html
2010-09-18 16:26 - 2010-09-18 18:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempan4732.html
2011-12-06 22:43 - 2011-12-06 23:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempan5288.html
2010-04-01 19:45 - 2010-04-01 20:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAQ4288.html
2011-05-23 16:52 - 2011-05-23 16:52 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempAq4704.html
2010-02-26 20:25 - 2010-02-26 20:39 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempaQ4840.html
2011-06-16 20:03 - 2011-06-16 20:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAR4824.html
2011-02-20 11:31 - 2011-02-20 13:21 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempaR4992.html
2010-04-25 16:37 - 2010-04-25 19:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAs1984.html
2010-02-26 20:25 - 2010-02-26 20:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAs4840.html
2010-05-05 14:29 - 2010-05-05 14:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAt5332.html
2010-06-21 13:28 - 2010-06-21 15:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempaV4476.html
2011-06-07 18:30 - 2011-06-08 02:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempav4964.html
2010-04-20 19:19 - 2010-04-20 21:40 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempAW4376.html
2011-08-23 21:24 - 2011-08-23 21:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAW4960.html
2010-04-17 22:31 - 2010-04-18 00:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAw5388.html
2011-04-28 23:09 - 2011-04-28 23:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempaWK976.html
2010-08-09 21:50 - 2010-08-09 23:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAX2980.html
2010-09-20 16:11 - 2010-09-20 17:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAx4548.html
2011-08-04 21:31 - 2011-08-04 22:22 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempaY2752.html
2011-01-17 11:53 - 2011-01-17 13:28 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempay5092.html
2011-11-12 01:53 - 2011-11-12 01:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempaZ4180.html
2010-09-09 21:46 - 2010-09-09 21:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempaZ4780.html
2010-03-25 18:50 - 2010-03-25 19:07 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempaz5448.html
2010-05-07 13:04 - 2010-05-07 16:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempAzV516.html
2011-11-04 16:45 - 2011-11-04 21:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBa3588.html
2012-09-06 20:00 - 2012-09-06 20:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempba3668.html
2010-08-04 20:12 - 2010-08-04 20:18 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempBb3240.html
2010-11-21 18:33 - 2010-11-21 19:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBB3792.html
2011-10-17 18:21 - 2011-10-17 20:19 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempBd4292.html
2010-06-21 13:26 - 2010-06-21 13:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBd4476.html
2011-10-16 16:28 - 2011-10-16 16:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempbE2864.html
2010-08-04 19:54 - 2010-08-04 20:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempbE3260.html
2010-09-07 14:47 - 2010-09-07 19:19 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempbe3732.html
2010-04-04 12:47 - 2010-04-04 12:56 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempbE4732.html
2010-03-25 18:50 - 2010-03-25 19:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBe5448.html
2011-10-23 18:36 - 2011-10-23 18:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempbF1448.html
2011-11-24 16:55 - 2011-11-24 17:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBF3800.html
2010-09-15 22:19 - 2010-09-15 23:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempbg1760.html
2010-06-05 18:28 - 2010-06-05 18:48 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempbH5936.html
2010-08-07 16:45 - 2010-08-07 17:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempbJ3668.html
2010-03-03 19:10 - 2010-03-03 20:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempbL1736.html
2012-05-23 21:41 - 2012-05-23 21:45 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempbl3408.html
2011-11-10 18:24 - 2011-11-10 18:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempbm3528.html
2012-02-14 01:01 - 2012-02-14 01:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempbM4292.html
2011-06-21 19:06 - 2011-06-21 19:09 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempbN1956.html
2010-04-08 19:14 - 2010-04-08 20:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBN4976.html
2011-07-30 17:25 - 2011-07-30 17:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBnc680.html
2010-08-03 21:37 - 2010-08-03 21:38 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempBP5712.html
2010-04-24 13:17 - 2010-04-24 20:34 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempBq1284.html
2011-02-22 00:24 - 2011-02-22 00:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBq6500.html
2010-09-22 23:55 - 2010-09-23 00:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBr4180.html
2010-12-27 20:38 - 2010-12-27 20:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempbS5696.html
2010-09-19 03:26 - 2010-09-19 07:14 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempBT2436.html
2010-04-15 13:41 - 2010-04-15 15:31 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempBt4180.html
2011-09-28 17:32 - 2011-09-28 19:03 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempBU2756.html
2010-04-05 11:34 - 2010-04-05 16:54 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempbU4432.html
2011-09-28 17:32 - 2011-09-28 19:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBV2756.html
2010-05-02 16:30 - 2010-05-02 19:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempBV3152.html
2010-04-06 20:55 - 2010-04-06 23:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBW4700.html
2011-01-20 12:49 - 2011-01-20 13:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBY4696.html
2010-05-30 23:04 - 2010-05-30 23:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempBY5392.html
2010-05-15 01:41 - 2010-05-15 01:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempca2968.html
2010-08-10 11:02 - 2010-08-10 11:09 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempCa3716.html
2010-04-16 13:32 - 2010-04-16 16:55 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempCb1008.html
2010-06-10 20:48 - 2010-06-10 21:33 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcB2300.html
2011-11-10 18:24 - 2011-11-10 18:29 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempcb3528.html
2010-09-03 19:21 - 2010-09-03 19:26 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempCB3912.html
2010-07-22 13:20 - 2010-07-22 13:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCB6136.html
2012-01-11 19:23 - 2012-01-11 20:50 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempCc2580.html
2010-06-15 13:41 - 2010-06-15 14:20 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcCF396.html
2011-09-28 21:20 - 2011-09-29 01:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCe1376.html
2011-05-18 22:15 - 2011-05-18 22:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempce3444.html
2011-03-11 00:39 - 2011-03-11 22:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempce3980.html
2011-02-15 23:01 - 2011-02-16 01:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempce4268.html
2010-06-20 19:42 - 2010-06-20 19:50 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcE4996.html
2010-11-04 17:12 - 2010-11-04 17:26 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempCE6028.html
2010-11-22 22:44 - 2010-11-23 00:47 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcF1916.html
2010-08-13 00:45 - 2010-08-13 01:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCF4860.html
2010-06-21 15:50 - 2010-06-21 16:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcfB352.html
2011-09-24 17:24 - 2011-09-24 17:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcH5088.html
2011-06-21 19:20 - 2011-06-21 19:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCi3884.html
2010-04-15 18:10 - 2010-04-15 19:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempCj1076.html
2011-02-06 22:24 - 2011-02-06 23:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCJ5488.html
2010-06-12 23:14 - 2010-06-13 01:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCK1836.html
2011-09-09 16:14 - 2011-09-09 16:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempck4380.html
2010-11-23 01:08 - 2010-11-23 01:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempckM460.html
2010-08-29 22:05 - 2010-08-29 22:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempCl2592.html
2011-11-12 02:15 - 2011-11-12 02:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCL2736.html
2011-01-30 15:53 - 2011-01-30 17:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempcl4972.html
2011-02-14 17:17 - 2011-02-14 19:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcL5696.html
2011-04-29 02:18 - 2011-04-29 04:08 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempCLc728.html
2010-03-17 15:16 - 2010-03-17 15:16 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcN1484.html
2010-06-02 00:29 - 2010-06-02 00:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcN2636.html
2011-09-22 23:29 - 2011-09-23 01:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcN3208.html
2010-06-10 15:27 - 2010-06-10 15:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCo3368.html
2010-05-22 17:29 - 2010-05-22 18:14 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempco3432.html
2011-06-28 14:28 - 2011-06-28 14:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempcq1584.html
2011-02-13 16:26 - 2011-02-14 00:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempcq2544.html
2010-04-03 18:40 - 2010-04-03 22:19 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcQ4800.html
2011-10-28 17:53 - 2011-10-28 17:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcR5392.html
2011-03-16 22:49 - 2011-03-17 01:28 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempcs3640.html
2011-04-16 21:18 - 2011-04-17 03:17 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcS4960.html
2011-06-19 19:40 - 2011-06-19 19:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempct1808.html
2010-10-13 12:39 - 2010-10-13 12:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCT2272.html
2011-10-21 18:31 - 2011-10-21 18:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempct3988.html
2010-03-07 16:47 - 2010-03-07 19:22 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcT4884.html
2011-07-01 21:47 - 2011-07-01 21:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCU1440.html
2010-04-22 10:07 - 2010-04-22 15:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCu3780.html
2011-07-03 20:18 - 2011-07-03 21:47 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempCU4948.html
2010-09-20 23:00 - 2010-09-20 23:34 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempcu5968.html
2011-10-09 22:50 - 2011-10-09 23:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCUm792.html
2011-02-13 16:26 - 2011-02-14 00:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCv2544.html
2011-01-22 05:41 - 2011-01-22 05:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcV6872.html
2011-11-24 18:30 - 2011-11-24 22:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempcw4696.html
2010-07-22 18:30 - 2010-07-22 18:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcW6140.html
2010-08-16 00:18 - 2010-08-16 00:42 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcWw252.html
2010-08-18 00:06 - 2010-08-18 10:51 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempcX5084.html
2010-04-23 13:51 - 2010-04-23 13:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcY3472.html
2011-11-12 01:54 - 2011-11-12 01:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempCZ4180.html
2010-10-13 12:24 - 2010-10-13 12:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempcz5396.html
2011-06-20 18:17 - 2011-06-20 20:27 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempcZ5436.html
2010-04-13 15:46 - 2010-04-13 16:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempDB2008.html
2011-10-26 17:27 - 2011-10-26 17:58 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempDB3924.html
2012-02-06 22:11 - 2012-02-06 22:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdB5216.html
2011-01-28 04:43 - 2011-01-28 04:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempdc3488.html
2011-11-12 01:54 - 2011-11-12 01:58 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDC4180.html
2010-04-23 13:47 - 2010-04-23 13:48 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempDd4280.html
2011-11-06 12:13 - 2011-11-06 12:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdD4288.html
2011-01-01 20:31 - 2011-01-01 23:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdD5524.html
2010-10-16 18:47 - 2010-10-16 19:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDE6036.html
2012-08-09 12:44 - 2012-08-09 12:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdF1324.html
2011-07-25 17:38 - 2011-07-25 19:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempDf3492.html
2011-03-08 22:25 - 2011-03-08 23:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDG1236.html
2010-07-14 14:40 - 2010-07-14 14:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempdg4636.html
2010-04-02 18:14 - 2010-04-02 19:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDg5032.html
2010-09-26 18:28 - 2010-09-26 19:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdH3048.html
2010-07-20 20:28 - 2010-07-20 21:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempdi4188.html
2011-02-01 00:36 - 2011-02-01 01:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempdi6896.html
2010-04-30 14:35 - 2010-04-30 15:20 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempdj3260.html
2010-11-14 19:45 - 2010-11-14 21:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDj4068.html
2010-10-31 13:18 - 2010-10-31 15:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempdJ5620.html
2011-11-13 16:35 - 2011-11-13 17:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDK4920.html
2010-04-08 10:09 - 2010-04-08 14:16 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempDL1780.html
2010-05-18 11:23 - 2010-05-18 11:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDn2812.html
2011-06-26 18:02 - 2011-06-26 22:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdNU380.html
2010-05-19 13:45 - 2010-05-19 19:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdO3188.html
2010-12-09 23:43 - 2010-12-09 23:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempdp4584.html
2010-07-12 00:46 - 2010-07-12 01:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdQ5196.html
2010-12-20 02:15 - 2010-12-20 02:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDQv244.html
2010-06-11 16:36 - 2010-06-11 17:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDr1836.html
2012-05-22 23:08 - 2012-05-22 23:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdR4152.html
2010-04-17 14:32 - 2010-04-17 21:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDS1580.html
2010-04-26 21:29 - 2010-04-26 22:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDs2880.html
2011-04-28 13:20 - 2011-04-28 16:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempdt2228.html
2010-04-01 19:45 - 2010-04-01 20:36 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempdt4288.html
2010-05-14 01:00 - 2010-05-14 01:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempdu1984.html
2011-07-28 00:10 - 2011-07-28 00:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDW3264.html
2010-03-16 23:26 - 2010-03-17 01:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdW5204.html
2010-09-21 14:06 - 2010-09-21 14:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempdx3248.html
2011-12-04 23:42 - 2011-12-05 00:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdX3792.html
2010-04-04 12:47 - 2010-04-04 12:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempdY4732.html
2011-08-12 22:56 - 2011-08-12 22:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempDyt536.html
2011-05-13 18:12 - 2011-05-13 18:38 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempe70448.html
2010-04-07 13:30 - 2010-04-07 13:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempea1856.html
2010-03-24 00:05 - 2010-03-24 00:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempeb4808.html
2010-04-18 16:15 - 2010-04-18 16:20 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempEC1524.html
2010-11-29 23:47 - 2010-11-30 02:06 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempec5084.html
2010-04-15 10:45 - 2010-04-15 12:31 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempeD1280.html
2010-09-14 13:20 - 2010-09-14 14:14 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temped2344.html
2011-09-04 20:26 - 2011-09-04 21:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temped4880.html
2010-04-08 16:57 - 2010-04-08 16:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEe5508.html
2010-12-12 23:30 - 2010-12-12 23:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempee6124.html
2010-11-15 23:02 - 2010-11-15 23:58 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempEe6940.html
2011-06-19 19:41 - 2011-06-19 19:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempeg1612.html
2010-06-09 19:50 - 2010-06-09 19:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEG2116.html
2010-04-14 17:16 - 2010-04-14 18:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempeg2176.html
2010-08-24 10:36 - 2010-08-24 10:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEG4788.html
2011-06-23 21:29 - 2011-06-23 21:46 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempeH2332.html
2011-10-12 19:46 - 2011-10-12 21:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEH3708.html
2011-11-02 15:35 - 2011-11-02 15:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEh4496.html
2011-11-06 19:41 - 2011-11-06 19:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEh4648.html
2010-11-16 20:20 - 2010-11-16 21:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempeh4908.html
2011-07-04 01:30 - 2011-07-04 01:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempei1236.html
2010-04-14 19:16 - 2010-04-15 10:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempei1728.html
2010-06-03 23:38 - 2010-06-03 23:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempeI3432.html
2011-08-29 15:26 - 2011-08-29 16:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEIi108.html
2011-02-27 21:54 - 2011-02-27 23:47 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempEJ2860.html
2011-05-04 14:30 - 2011-05-04 20:12 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempeJ2904.html
2010-11-02 17:57 - 2010-11-02 18:55 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempeJ4644.html
2010-06-09 19:54 - 2010-06-09 19:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEk2116.html
2010-12-21 21:24 - 2010-12-21 23:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEL5632.html
2011-08-24 21:32 - 2011-08-24 21:39 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempem3120.html
2011-06-20 18:17 - 2011-06-20 20:27 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempem5436.html
2011-03-19 22:09 - 2011-03-19 22:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempeN5920.html
2010-10-13 12:32 - 2010-10-13 12:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEO5792.html
2010-03-05 14:37 - 2010-03-05 20:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempeP2088.html
2010-11-14 13:46 - 2010-11-14 17:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempeP3828.html
2010-04-16 01:28 - 2010-04-16 01:28 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempep4272.html
2010-08-08 07:48 - 2010-08-08 08:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempeR4180.html
2011-11-03 00:40 - 2011-11-03 00:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempeU2740.html
2010-07-19 20:33 - 2010-07-19 20:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEU5116.html
2012-06-10 22:30 - 2012-06-10 23:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempev3508.html
2010-04-11 15:36 - 2010-04-11 15:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempeVz704.html
2011-07-04 18:03 - 2011-07-04 18:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempEw1836.html
2011-01-24 01:11 - 2011-01-24 01:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempex5596.html
2010-04-05 21:17 - 2010-04-05 22:54 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempeY1672.html
2010-04-10 17:30 - 2010-04-10 19:49 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempEY3912.html
2011-01-01 20:31 - 2011-01-01 23:45 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempey5524.html
2010-12-18 18:21 - 2010-12-18 22:34 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempeY5608.html
2010-10-21 12:14 - 2010-10-21 23:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempf27852.html
2011-12-13 21:14 - 2011-12-13 22:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfak372.html
2011-11-20 23:01 - 2011-11-20 23:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFb4104.html
2010-04-23 15:10 - 2010-04-23 15:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFD4088.html
2011-08-23 18:55 - 2011-08-23 19:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfe4180.html
2010-11-29 00:07 - 2010-11-29 00:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempfF3176.html
2010-12-20 23:35 - 2010-12-21 00:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfg2044.html
2011-02-25 22:02 - 2011-02-25 23:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfh3076.html
2010-12-22 00:32 - 2010-12-22 01:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfh5996.html
2010-08-25 08:04 - 2010-08-25 08:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFi4104.html
2010-09-14 12:08 - 2010-09-14 12:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFJ4376.html
2010-06-14 20:21 - 2010-06-14 20:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFj4456.html
2010-05-14 19:57 - 2010-05-14 23:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFJ4680.html
2011-02-16 21:50 - 2011-02-16 23:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFL4076.html
2010-09-20 23:00 - 2010-09-20 23:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFL5968.html
2010-05-20 12:54 - 2010-05-21 00:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempfM4992.html
2011-12-02 19:31 - 2011-12-03 02:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfm5960.html
2011-10-04 00:33 - 2011-10-04 00:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempfmX560.html
2010-06-04 10:14 - 2010-06-04 17:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFn2828.html
2011-03-04 01:10 - 2011-03-04 01:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFN5924.html
2010-03-15 22:09 - 2010-03-15 22:45 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempfo6112.html
2010-12-20 19:27 - 2010-12-20 19:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempfQ1540.html
2010-04-07 13:30 - 2010-04-07 13:32 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempFq1856.html
2010-12-01 00:48 - 2010-12-01 00:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfq3124.html
2010-04-15 19:33 - 2010-04-15 19:58 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempfQ3916.html
2011-07-04 21:30 - 2011-07-04 22:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfq4816.html
2010-06-01 14:01 - 2010-06-01 15:11 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempFR1168.html
2010-05-11 23:33 - 2010-05-12 00:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFr3000.html
2010-04-11 05:09 - 2010-04-11 05:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempFR4892.html
2010-09-03 22:07 - 2010-09-03 23:07 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempfS2000.html
2010-06-07 21:26 - 2010-06-07 22:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFS2784.html
2010-05-08 13:57 - 2010-05-08 20:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFT1400.html
2011-09-23 17:18 - 2011-09-23 21:04 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempft4788.html
2010-05-27 10:19 - 2010-05-27 18:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempfU2320.html
2011-11-12 02:15 - 2011-11-12 02:39 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempFu2736.html
2010-03-06 19:17 - 2010-03-06 20:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFu3364.html
2011-10-25 22:51 - 2011-10-26 00:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFV2296.html
2010-10-31 17:01 - 2010-10-31 17:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempfV3424.html
2011-06-20 15:03 - 2011-06-20 15:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFw3008.html
2010-11-17 23:10 - 2010-11-18 00:58 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfw5112.html
2010-09-15 19:06 - 2010-09-15 19:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFW5368.html
2010-05-11 14:02 - 2010-05-11 17:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempfX2252.html
2010-05-05 23:38 - 2010-05-06 00:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfx5284.html
2010-08-10 23:18 - 2010-08-11 01:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFY1712.html
2010-09-06 00:34 - 2010-09-06 00:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempfy1896.html
2011-03-15 20:26 - 2011-03-15 20:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempfY5444.html
2010-09-14 21:33 - 2010-09-14 22:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFY5676.html
2010-04-28 12:54 - 2010-04-28 13:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempFZ4196.html
2010-10-26 17:56 - 2010-10-26 18:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempFz5456.html
2011-10-13 20:50 - 2011-10-13 21:04 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempgA3472.html
2011-02-04 23:58 - 2011-02-05 00:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGa5628.html
2010-06-05 18:28 - 2010-06-05 18:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempga5936.html
2011-10-14 21:06 - 2011-10-14 21:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgax916.html
2010-04-11 05:09 - 2010-04-11 05:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGB4892.html
2010-06-09 19:55 - 2010-06-09 19:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgC2116.html
2011-06-21 18:31 - 2011-06-21 18:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgC2808.html
2011-05-17 23:07 - 2011-05-18 00:00 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempgc4184.html
2011-11-12 01:58 - 2011-11-12 02:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgC5232.html
2010-06-09 00:27 - 2010-06-09 01:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempgd4880.html
2010-10-10 00:29 - 2010-10-10 01:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGD6556.html
2010-08-04 19:49 - 2010-08-04 19:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgE1652.html
2010-04-23 16:08 - 2010-04-23 17:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGE3812.html
2011-09-09 16:55 - 2011-09-09 17:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgf2572.html
2010-06-09 00:27 - 2010-06-09 01:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGf4880.html
2011-06-21 18:44 - 2011-06-21 18:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgfb372.html
2011-06-13 19:04 - 2011-06-13 20:22 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempgG3648.html
2010-09-07 20:30 - 2010-09-07 22:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgG4976.html
2011-11-16 20:39 - 2011-11-16 23:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgh3300.html
2011-08-27 00:01 - 2011-08-27 00:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgh4168.html
2010-03-17 01:29 - 2010-03-17 01:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGhz452.html
2010-08-04 19:36 - 2010-08-04 19:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGi3276.html
2011-04-11 22:21 - 2011-04-11 22:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGI4752.html
2010-12-18 18:21 - 2010-12-18 22:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgj5608.html
2011-02-02 01:11 - 2011-02-02 01:18 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempGk5316.html
2010-08-03 08:42 - 2010-08-03 08:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGK5364.html
2011-02-27 21:54 - 2011-02-27 23:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgM2860.html
2010-03-02 21:49 - 2010-03-02 22:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGm4712.html
2011-07-31 05:20 - 2011-07-31 05:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGm5428.html
2010-08-21 00:13 - 2010-08-21 00:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGn3908.html
2010-05-18 13:28 - 2010-05-18 13:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgo4280.html
2010-04-15 20:06 - 2010-04-15 20:38 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempgr4468.html
2010-06-21 13:27 - 2010-06-21 13:27 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGR4476.html
2011-03-20 23:23 - 2011-03-21 00:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgr5140.html
2011-10-06 12:59 - 2011-10-06 15:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgS3816.html
2010-12-02 00:01 - 2010-12-02 00:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGS5928.html
2010-06-09 19:56 - 2010-06-09 19:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGU2116.html
2011-06-15 15:45 - 2011-06-15 18:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGu2960.html
2012-12-11 22:49 - 2012-12-12 00:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGu5328.html
2010-04-23 14:43 - 2010-04-23 14:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGU5780.html
2010-08-13 11:04 - 2010-08-13 12:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgw3748.html
2010-06-21 22:25 - 2010-06-21 23:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgW4284.html
2010-11-12 19:23 - 2010-11-12 19:44 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgW5468.html
2011-05-06 11:26 - 2011-05-06 18:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgX1088.html
2011-04-26 19:29 - 2011-04-27 00:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempgX2820.html
2010-06-28 01:38 - 2010-06-28 02:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempgx5296.html
2010-04-26 22:52 - 2010-04-27 00:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGY2880.html
2010-12-24 16:26 - 2010-12-24 17:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempGY3712.html
2011-10-10 20:58 - 2011-10-10 23:17 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempgy5020.html
2010-02-26 22:15 - 2010-02-26 23:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempgz3160.html
2011-04-14 00:30 - 2011-04-14 01:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempGz4276.html
2010-04-15 18:10 - 2010-04-15 19:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHA1076.html
2010-10-30 17:38 - 2010-10-30 21:49 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempha2176.html
2011-04-02 00:13 - 2011-04-02 00:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemphA2560.html
2010-04-02 18:14 - 2010-04-02 19:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempHa5032.html
2010-07-09 19:33 - 2010-07-09 21:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temphb4400.html
2010-05-08 21:48 - 2010-05-08 23:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temphb5096.html
2010-11-03 14:02 - 2010-11-03 15:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHD4776.html
2011-03-21 00:23 - 2011-03-21 00:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemphE4156.html
2010-08-01 15:24 - 2010-08-01 20:06 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempHE4468.html
2011-11-24 18:30 - 2011-11-24 22:17 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temphe4696.html
2011-01-29 19:05 - 2011-01-30 04:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempHE4716.html
2010-11-02 10:35 - 2010-11-02 11:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temphf4104.html
2010-09-27 21:12 - 2010-09-27 22:27 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHG1392.html
2011-07-25 04:40 - 2011-07-25 04:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHg3664.html
2010-09-11 00:58 - 2010-09-11 01:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHg4204.html
2011-05-03 18:43 - 2011-05-04 01:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemphG5780.html
2011-07-07 23:33 - 2011-07-07 23:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHh2568.html
2010-04-16 00:40 - 2010-04-16 00:43 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempHi5040.html
2010-08-07 16:45 - 2010-08-07 17:02 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempHK3668.html
2010-10-18 20:53 - 2010-10-18 21:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemphK5380.html
2011-01-02 00:36 - 2011-01-02 01:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHL3188.html
2010-10-31 20:25 - 2010-11-01 00:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemphL3556.html
2010-04-03 14:03 - 2010-04-03 14:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHp2960.html
2010-04-15 15:35 - 2010-04-15 18:01 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temphp3184.html
2012-05-28 14:05 - 2012-05-28 14:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHP4212.html
2010-08-12 01:38 - 2010-08-12 01:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemphP4372.html
2010-09-20 18:41 - 2010-09-20 21:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temphp4416.html
2011-01-18 19:27 - 2011-01-18 21:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHp6080.html
2010-08-19 21:32 - 2010-08-19 23:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHq3176.html
2010-07-01 11:02 - 2010-07-01 11:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemphR3984.html
2012-04-22 21:10 - 2012-04-22 21:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHtu276.html
2010-06-10 15:27 - 2010-06-10 15:43 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temphv3368.html
2010-05-03 23:42 - 2010-05-03 23:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemphVw856.html
2010-11-01 17:01 - 2010-11-01 21:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temphw3388.html
2010-05-28 14:17 - 2010-05-29 01:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHw4588.html
2010-10-25 23:50 - 2010-10-26 00:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temphw4960.html
2011-10-17 16:40 - 2011-10-17 16:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHW5100.html
2010-06-10 09:50 - 2010-06-10 11:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHX4480.html
2010-08-26 10:43 - 2010-08-26 10:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHy2340.html
2010-05-05 21:42 - 2010-05-05 23:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHy2956.html
2011-09-02 13:08 - 2011-09-02 15:27 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemphY3268.html
2010-04-04 14:06 - 2010-04-04 14:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHY5520.html
2011-12-04 20:51 - 2011-12-04 20:55 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temphy5796.html
2010-09-19 15:22 - 2010-09-19 17:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHz1440.html
2010-07-26 19:04 - 2010-07-26 19:30 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemphZ4752.html
2011-01-08 01:36 - 2011-01-08 01:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempHz5156.html
2010-05-18 13:20 - 2010-05-18 13:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIa4280.html
2010-04-22 15:10 - 2010-04-22 17:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempiA4824.html
2011-04-28 22:55 - 2011-04-28 23:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempib4260.html
2011-01-06 18:45 - 2011-01-06 20:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempiC2176.html
2011-09-05 16:50 - 2011-09-05 23:47 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempIcn372.html
2010-03-05 14:37 - 2010-03-05 20:47 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempiD2088.html
2010-02-28 15:08 - 2010-02-28 17:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempie1536.html
2010-04-30 14:35 - 2010-04-30 15:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempiF3260.html
2010-05-05 14:15 - 2010-05-05 14:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempiF3872.html
2010-10-13 12:20 - 2010-10-13 12:22 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempIF5412.html
2011-06-16 01:14 - 2011-06-16 01:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIG3256.html
2010-11-24 23:30 - 2010-11-25 01:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempiG5080.html
2011-06-23 16:10 - 2011-06-23 17:23 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempiH4984.html
2010-07-25 14:41 - 2010-07-25 18:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIi2036.html
2010-08-26 10:43 - 2010-08-26 10:47 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempiI2340.html
2011-01-20 12:49 - 2011-01-20 13:00 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempII4696.html
2010-04-09 13:32 - 2010-04-09 15:32 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempii4860.html
2011-10-28 17:53 - 2011-10-28 17:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempII5392.html
2011-12-13 21:14 - 2011-12-13 22:30 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempiiA372.html
2010-04-26 22:47 - 2010-04-26 22:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempij2880.html
2010-04-08 10:09 - 2010-04-08 14:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempik1780.html
2011-02-15 22:50 - 2011-02-15 23:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempik5380.html
2010-10-12 12:05 - 2010-10-12 12:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIl2276.html
2010-05-16 19:46 - 2010-05-16 21:11 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempIM1668.html
2010-06-22 17:07 - 2010-06-22 17:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempim4496.html
2010-08-11 21:27 - 2010-08-11 22:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIN2208.html
2010-12-27 13:49 - 2010-12-27 13:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIo2656.html
2011-09-03 17:42 - 2011-09-03 18:00 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempIO4920.html
2011-06-21 19:42 - 2011-06-21 21:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIo5080.html
2010-08-22 14:02 - 2010-08-22 14:46 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempiR3316.html
2010-08-16 00:01 - 2010-08-16 00:15 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempIr4660.html
2011-05-17 17:12 - 2011-05-17 18:18 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempiS2808.html
2010-11-14 04:17 - 2010-11-14 04:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempIs3408.html
2011-08-24 21:32 - 2011-08-24 21:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIt3120.html
2011-10-26 17:27 - 2011-10-26 17:58 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIT3924.html
2011-04-27 21:59 - 2011-04-27 23:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIU1856.html
2010-11-29 23:47 - 2010-11-30 02:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIu5084.html
2010-07-18 10:28 - 2010-07-18 11:04 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempIV3168.html
2010-12-21 10:52 - 2010-12-21 11:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIV5724.html
2010-05-11 19:06 - 2010-05-11 20:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempiw4524.html
2010-12-29 01:49 - 2010-12-29 01:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIx3736.html
2010-06-13 17:15 - 2010-06-13 18:26 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempiy3220.html
2010-05-18 18:31 - 2010-05-18 19:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIY6436.html
2010-09-06 15:45 - 2010-09-06 16:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIz3564.html
2010-10-08 14:55 - 2010-10-08 17:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempIz3996.html
2010-11-05 01:25 - 2010-11-05 01:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjB5116.html
2011-10-31 19:15 - 2011-10-31 20:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjC4892.html
2010-12-14 20:27 - 2010-12-14 20:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJC5880.html
2011-08-20 00:38 - 2011-08-20 00:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJd2628.html
2011-09-18 18:21 - 2011-09-18 19:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjDc680.html
2011-06-29 22:03 - 2011-06-29 23:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJE2440.html
2011-01-17 23:52 - 2011-01-18 01:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempjf3796.html
2011-08-17 12:57 - 2011-08-17 13:20 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempjF3824.html
2011-09-06 20:46 - 2011-09-06 20:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempjf5056.html
2011-12-22 23:10 - 2011-12-23 02:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJF6064.html
2011-04-11 12:27 - 2011-04-11 13:09 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempjG4404.html
2011-07-03 20:18 - 2011-07-03 21:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJH4948.html
2011-10-29 13:56 - 2011-10-29 13:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJi1600.html
2010-11-28 16:24 - 2010-11-28 22:44 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJj2316.html
2010-11-15 18:23 - 2010-11-15 22:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjJ4412.html
2011-08-02 19:10 - 2011-08-02 23:05 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempJK4408.html
2012-04-24 22:11 - 2012-04-24 22:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempjk4472.html
2011-02-14 22:33 - 2011-02-14 22:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjM1552.html
2010-07-28 12:13 - 2010-07-28 15:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempjn4844.html
2010-08-14 19:25 - 2010-08-14 19:44 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjO2324.html
2011-11-12 02:48 - 2011-11-12 02:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJp3152.html
2010-04-07 13:49 - 2010-04-07 14:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempJP4716.html
2010-12-13 22:29 - 2010-12-14 01:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJP5552.html
2010-08-04 20:05 - 2010-08-04 20:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjP5880.html
2010-12-12 20:46 - 2010-12-12 21:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJq3812.html
2010-05-25 20:08 - 2010-05-26 00:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempjq3936.html
2010-05-28 14:17 - 2010-05-29 01:35 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempjq4588.html
2011-06-06 22:09 - 2011-06-06 22:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjQ5004.html
2010-08-13 19:48 - 2010-08-13 20:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJr2364.html
2010-08-10 20:37 - 2010-08-10 23:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJR3340.html
2012-02-07 11:33 - 2012-02-07 11:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJr3468.html
2011-02-19 18:49 - 2011-02-19 19:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJR4776.html
2010-12-27 13:49 - 2010-12-27 13:50 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempJs2656.html
2010-06-23 10:29 - 2010-06-23 11:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJs4704.html
2010-07-27 17:12 - 2010-07-28 00:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempjt4776.html
2011-11-13 16:35 - 2011-11-13 17:06 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempJT4920.html
2010-12-23 00:18 - 2010-12-23 00:58 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjT5808.html
2010-08-02 00:48 - 2010-08-02 00:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJu1244.html
2011-12-16 22:25 - 2011-12-16 22:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjU5412.html
2011-01-13 17:54 - 2011-01-13 22:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempju5632.html
2011-04-05 23:55 - 2011-04-06 00:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJv2232.html
2010-09-18 00:18 - 2010-09-18 00:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJv4248.html
2010-07-16 14:07 - 2010-07-16 15:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJW1632.html
2010-07-23 21:33 - 2010-07-23 22:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempjw4812.html
2011-11-17 21:13 - 2011-11-17 21:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempjX3684.html
2011-06-27 16:17 - 2011-06-27 16:44 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempjx4596.html
2011-04-16 21:18 - 2011-04-17 03:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJX4960.html
2010-02-26 03:22 - 2010-02-26 03:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempjy1776.html
2011-11-10 19:37 - 2011-11-10 19:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJY4444.html
2010-04-26 11:50 - 2010-04-26 15:50 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempJy4524.html
2011-09-04 20:26 - 2011-09-04 21:29 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempJy4880.html
2010-10-13 16:32 - 2010-10-13 17:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempJy5032.html
2011-02-25 22:02 - 2011-02-25 23:08 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempjZ3076.html
2011-09-27 00:34 - 2011-09-27 00:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempjz4748.html
2010-04-29 13:42 - 2010-04-29 14:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempkA1868.html
2010-05-09 04:30 - 2010-05-09 04:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempka4188.html
2010-10-27 14:46 - 2010-10-27 18:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKa4300.html
2010-09-07 02:11 - 2010-09-07 02:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKC3712.html
2010-05-31 17:28 - 2010-05-31 17:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempkd2144.html
2011-11-30 19:49 - 2011-11-30 21:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKd2708.html
2010-06-25 22:46 - 2010-06-25 22:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKdp640.html
2011-07-04 21:07 - 2011-07-04 21:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKe4684.html
2011-03-18 21:04 - 2011-03-19 00:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempkeY220.html
2011-06-16 00:38 - 2011-06-16 00:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKF3796.html
2010-10-13 12:20 - 2010-10-13 12:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKF5412.html
2010-12-25 13:30 - 2010-12-25 13:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKG1760.html
2010-04-10 17:30 - 2010-04-10 19:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempkG3912.html
2010-09-01 19:54 - 2010-09-01 21:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempkh3068.html
2010-11-03 15:30 - 2010-11-03 16:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKI3288.html
2010-06-12 23:14 - 2010-06-13 01:05 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempKj1836.html
2010-04-22 19:14 - 2010-04-22 23:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempkK1048.html
2011-06-21 23:19 - 2011-06-21 23:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempkk2024.html
2010-07-17 01:20 - 2010-07-17 01:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempkk3676.html
2010-04-24 13:17 - 2010-04-24 20:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKl1284.html
2011-05-26 17:54 - 2011-05-26 18:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempkl3820.html
2010-08-03 21:37 - 2010-08-03 21:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempkL5712.html
2010-02-26 22:15 - 2010-02-26 23:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempkM3160.html
2010-10-15 15:52 - 2010-10-15 19:28 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempkM3624.html
2010-04-09 18:29 - 2010-04-09 21:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempkM4404.html
2011-09-25 19:21 - 2011-09-25 22:16 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempKMZ596.html
2010-10-16 18:47 - 2010-10-16 18:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKQ3864.html
2010-11-27 17:10 - 2010-11-27 17:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempkr2764.html
2012-04-22 17:18 - 2012-04-22 17:27 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempkR2920.html
2010-11-22 22:44 - 2010-11-23 00:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKS1916.html
2010-05-28 03:19 - 2010-05-28 03:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempks3408.html
2011-10-03 18:52 - 2011-10-03 21:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKs5016.html
2011-05-03 16:45 - 2011-05-03 16:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempkSa400.html
2010-04-23 00:21 - 2010-04-23 01:12 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempkU1432.html
2010-08-12 21:50 - 2010-08-12 22:27 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempku2232.html
2010-10-18 23:19 - 2010-10-18 23:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempku4420.html
2011-02-08 00:48 - 2011-02-08 00:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKU6004.html
2010-03-05 21:41 - 2010-03-06 00:53 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempKW2484.html
2010-12-25 13:13 - 2010-12-25 13:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKx5820.html
2011-05-18 21:10 - 2011-05-18 22:09 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempky3100.html
2010-11-16 23:42 - 2010-11-17 00:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKy4816.html
2010-06-20 19:42 - 2010-06-20 19:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempKz4996.html
2010-04-07 18:08 - 2010-04-07 19:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLa1220.html
2010-09-21 14:06 - 2010-09-21 14:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplB3248.html
2010-10-25 09:08 - 2010-10-25 16:04 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemplC4388.html
2011-02-16 14:56 - 2011-02-16 14:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplC5892.html
2010-05-05 14:28 - 2010-05-05 14:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\Templd2192.html
2010-08-04 19:13 - 2010-08-04 19:13 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempldU148.html
2011-06-15 15:45 - 2011-06-15 18:37 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temple2960.html
2010-11-24 00:36 - 2010-11-24 00:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temple4108.html
2010-10-10 13:12 - 2010-10-10 18:57 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemplE4420.html
2010-12-05 23:12 - 2010-12-06 00:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplE6064.html
2011-06-01 01:59 - 2011-06-01 02:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLfM700.html
2011-01-14 01:12 - 2011-01-14 01:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLg4644.html
2010-10-19 13:39 - 2010-10-19 23:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplG6496.html
2012-02-17 19:56 - 2012-02-17 20:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLh5040.html
2011-11-08 17:20 - 2011-11-08 22:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\Templk1172.html
2011-06-15 22:35 - 2011-06-15 22:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplK2968.html
2011-01-06 00:08 - 2011-01-06 00:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLl4584.html
2011-03-20 18:59 - 2011-03-20 20:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\Templm2288.html
2011-07-24 01:10 - 2011-07-24 01:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplN4584.html
2010-07-18 10:28 - 2010-07-18 11:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLO3168.html
2011-09-03 23:38 - 2011-09-03 23:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemplO5084.html
2010-04-15 15:35 - 2010-04-15 18:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\Templq3184.html
2011-06-23 18:48 - 2011-06-23 19:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLQ4528.html
2010-04-12 13:26 - 2010-04-12 19:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemplQU320.html
2010-08-08 07:48 - 2010-08-08 08:17 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemplR4180.html
2011-09-25 19:21 - 2011-09-25 22:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\Templrt596.html
2010-12-29 13:52 - 2010-12-29 13:55 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemplS4940.html
2010-06-11 11:28 - 2010-06-11 14:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\Templs5924.html
2010-08-05 01:38 - 2010-08-05 01:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLT4980.html
2011-03-20 18:59 - 2011-03-20 20:21 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempLu2288.html
2011-09-11 22:55 - 2011-09-12 00:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\Templu2736.html
2011-11-06 16:27 - 2011-11-06 16:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLu3044.html
2010-04-01 20:36 - 2010-04-02 00:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplU4568.html
2010-04-08 20:18 - 2010-04-08 20:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLV1680.html
2010-09-20 10:00 - 2010-09-20 13:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplV4376.html
2011-04-10 23:55 - 2011-04-11 00:46 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempLV4828.html
2011-01-09 10:23 - 2011-01-09 10:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplV4876.html
2010-08-10 20:37 - 2010-08-10 23:15 - 0002089 _____ () C:\Users\Modi\AppData\Local\Templw3340.html
2010-07-30 00:06 - 2010-07-30 00:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempLW3720.html
2011-08-12 16:44 - 2011-08-12 16:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplX3152.html
2010-05-05 23:38 - 2010-05-06 00:18 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempLx5284.html
2011-07-04 18:03 - 2011-07-04 18:08 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemplY1836.html
2011-11-13 17:55 - 2011-11-13 18:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temply3076.html
2010-09-14 12:08 - 2010-09-14 12:31 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temply4376.html
2010-05-16 22:37 - 2010-05-16 23:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplY4952.html
2011-10-17 17:29 - 2011-10-17 17:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplZ1220.html
2011-11-12 02:04 - 2011-11-12 02:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemplZ2736.html
2010-10-12 14:39 - 2010-10-12 14:52 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemplZ4900.html
2010-12-07 23:00 - 2010-12-07 23:23 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemplZ5336.html
2010-12-18 18:12 - 2010-12-18 18:18 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempLZ5704.html
2010-09-06 20:04 - 2010-09-06 20:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempmb3860.html
2011-08-16 19:22 - 2011-08-16 20:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMc2516.html
2010-04-12 11:49 - 2010-04-12 12:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempmd2616.html
2010-06-09 10:33 - 2010-06-09 12:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMd4052.html
2011-05-08 22:19 - 2011-05-08 23:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempmd4432.html
2010-05-02 05:36 - 2010-05-02 05:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMD4808.html
2010-11-14 19:45 - 2010-11-14 21:36 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempmE4068.html
2010-12-23 12:11 - 2010-12-23 12:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempmEW476.html
2010-08-03 23:41 - 2010-08-04 00:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempMG2400.html
2010-08-16 00:01 - 2010-08-16 00:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMG4660.html
2010-04-14 19:16 - 2010-04-15 10:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempmh1728.html
2011-04-10 23:55 - 2011-04-11 00:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMI4828.html
2011-09-06 15:43 - 2011-09-06 19:44 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempmj3276.html
2011-02-15 23:01 - 2011-02-16 01:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMj4268.html
2011-11-18 21:19 - 2011-11-18 23:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempmJ4944.html
2010-04-15 19:33 - 2010-04-15 19:58 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempmk3916.html
2010-09-04 22:43 - 2010-09-04 22:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempmK6012.html
2010-09-17 06:07 - 2010-09-17 06:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempML3020.html
2010-11-12 19:23 - 2010-11-12 19:44 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempmL5468.html
2011-08-22 21:01 - 2011-08-22 21:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempml5784.html
2011-06-21 19:06 - 2011-06-21 19:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMm1956.html
2010-12-21 19:45 - 2010-12-21 20:58 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempmm2164.html
2011-09-06 15:43 - 2011-09-06 19:44 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMm3276.html
2011-05-22 14:05 - 2011-05-22 16:17 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempMN4440.html
2011-10-30 05:33 - 2011-10-30 05:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMp1756.html
2011-09-11 22:55 - 2011-09-12 00:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempMp2736.html
2010-03-08 13:58 - 2010-03-08 21:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMR2924.html
2010-08-29 17:43 - 2010-08-29 19:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMR3780.html
2011-09-27 19:06 - 2011-09-27 20:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMr4160.html
2010-08-27 22:21 - 2010-08-27 23:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempmS2352.html
2010-08-05 09:55 - 2010-08-05 10:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempmS5100.html
2011-11-12 01:59 - 2011-11-12 02:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMs5232.html
2010-12-07 23:00 - 2010-12-07 23:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMS5336.html
2010-04-09 21:50 - 2010-04-09 23:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMT4380.html
2011-05-07 19:04 - 2011-05-07 19:04 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempMu2488.html
2011-05-18 21:10 - 2011-05-18 22:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMU3100.html
2012-05-25 01:36 - 2012-05-25 01:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempmU5544.html
2010-04-23 14:56 - 2010-04-23 15:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempmv2080.html
2010-09-06 18:11 - 2010-09-06 19:51 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempMV4400.html
2011-02-09 00:31 - 2011-02-09 00:35 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempMV4948.html
2010-08-05 19:43 - 2010-08-05 20:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempmw3828.html
2011-09-27 19:06 - 2011-09-27 20:09 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempmw4160.html
2010-12-11 21:55 - 2010-12-12 00:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMw5952.html
2010-10-31 19:23 - 2010-10-31 19:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMx1616.html
2010-05-05 17:45 - 2010-05-05 19:49 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempmX3468.html
2010-08-14 17:35 - 2010-08-14 19:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempmy3124.html
2010-06-14 14:01 - 2010-06-14 15:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempmY5108.html
2010-07-24 16:32 - 2010-07-24 19:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMy5864.html
2010-11-02 10:35 - 2010-11-02 11:43 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempMZ4104.html
2010-10-14 21:01 - 2010-10-14 22:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempMz4236.html
2010-06-16 20:28 - 2010-06-16 21:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempmz4296.html
2010-04-29 23:25 - 2010-04-29 23:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempmz5604.html
2010-12-02 23:04 - 2010-12-03 00:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNa2068.html
2011-04-14 22:20 - 2011-04-14 22:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNc1056.html
2010-04-26 11:50 - 2010-04-26 15:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNc4524.html
2011-04-25 21:16 - 2011-04-25 23:21 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempNC4852.html
2010-10-05 16:28 - 2010-10-05 18:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnc6288.html
2010-04-04 22:17 - 2010-04-05 00:01 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempND5392.html
2010-08-20 19:28 - 2010-08-20 21:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempne2784.html
2011-11-02 15:45 - 2011-11-02 15:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempnF1928.html
2011-10-17 18:21 - 2011-10-17 20:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnf4292.html
2012-09-27 18:17 - 2012-09-27 18:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNf4564.html
2010-10-24 15:54 - 2010-10-24 22:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNf5532.html
2011-01-17 23:52 - 2011-01-18 01:02 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempNG3796.html
2010-04-15 20:49 - 2010-04-16 00:03 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempNG4728.html
2010-09-18 16:26 - 2010-09-18 18:13 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempNg4732.html
2010-08-03 23:41 - 2010-08-04 00:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnh2400.html
2010-11-23 19:54 - 2010-11-23 22:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnh2920.html
2011-06-13 19:04 - 2011-06-13 20:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNH3648.html
2010-07-30 00:05 - 2010-07-30 00:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNH3720.html
2010-10-14 13:24 - 2010-10-14 19:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempnH4224.html
2010-06-02 17:37 - 2010-06-02 19:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNK2572.html
2011-06-16 15:07 - 2011-06-16 15:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnk3892.html
2010-03-08 13:58 - 2010-03-08 21:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempnL2924.html
2011-05-08 22:19 - 2011-05-08 23:37 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempNL4432.html
2010-06-01 14:01 - 2010-06-01 15:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNm1168.html
2010-05-04 23:44 - 2010-05-05 00:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNM3716.html
2010-11-28 16:24 - 2010-11-28 22:44 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempnN2316.html
2010-08-10 11:02 - 2010-08-10 11:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnn3716.html
2010-06-10 20:48 - 2010-06-10 21:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNo2300.html
2010-04-21 18:56 - 2010-04-21 18:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempno5468.html
2010-12-21 12:57 - 2010-12-21 18:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnp3488.html
2010-04-27 23:05 - 2010-04-27 23:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNQ4932.html
2011-01-05 00:49 - 2011-01-05 00:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnr4760.html
2011-01-28 16:41 - 2011-01-29 02:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNr5564.html
2010-03-22 18:47 - 2010-03-22 23:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempns3096.html
2010-05-22 17:29 - 2010-05-22 18:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempns3432.html
2011-06-19 19:29 - 2011-06-19 19:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempnS3596.html
2011-05-07 19:04 - 2011-05-07 19:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNt2488.html
2010-08-04 19:13 - 2010-08-04 19:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempntr148.html
2010-04-21 23:24 - 2010-04-22 00:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnu1788.html
2011-06-08 14:30 - 2011-06-08 22:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNU3432.html
2010-10-15 15:52 - 2010-10-15 19:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNu3624.html
2011-10-04 22:49 - 2011-10-04 23:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNv1496.html
2010-06-06 20:53 - 2010-06-06 23:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnv5052.html
2011-01-08 00:17 - 2011-01-08 00:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempnv5556.html
2011-01-20 22:58 - 2011-01-21 01:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempnW5768.html
2010-09-22 00:17 - 2010-09-22 00:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempnX2200.html
2010-12-15 17:36 - 2010-12-15 21:03 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempNx6280.html
2011-01-25 00:39 - 2011-01-25 00:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNY2472.html
2010-08-14 17:35 - 2010-08-14 19:18 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempnY3124.html
2010-07-20 20:28 - 2010-07-20 21:32 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempNY4188.html
2011-02-18 15:56 - 2011-02-18 15:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempNz1888.html
2010-05-12 11:22 - 2010-05-12 11:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOA4328.html
2010-08-16 21:24 - 2010-08-17 01:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempoA5564.html
2010-06-22 23:23 - 2010-06-22 23:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOB2000.html
2011-01-18 16:19 - 2011-01-18 16:58 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOb2192.html
2010-05-19 12:55 - 2010-05-19 13:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOB2196.html
2010-04-23 13:57 - 2010-04-23 13:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempob3332.html
2010-04-07 13:49 - 2010-04-07 14:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoB4716.html
2010-11-15 23:02 - 2010-11-15 23:58 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempob6940.html
2010-11-07 18:01 - 2010-11-08 01:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempObj944.html
2010-08-10 23:18 - 2010-08-11 01:42 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempOC1712.html
2012-02-18 19:34 - 2012-02-18 19:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempoc5948.html
2010-04-21 23:24 - 2010-04-22 00:04 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempOd1788.html
2010-04-23 16:08 - 2010-04-23 17:08 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempoD3812.html
2011-07-04 21:30 - 2011-07-04 22:15 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempOD4816.html
2010-04-28 16:25 - 2010-04-28 16:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOD5012.html
2011-10-21 17:52 - 2011-10-21 18:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOe1980.html

Kris_ · 29.06.2015, 20:53

3. Teil

Code:

ATTFilter

2010-11-07 04:30 - 2010-11-07 04:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempoe3816.html
2010-04-16 18:55 - 2010-04-16 20:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOE4788.html
2012-01-11 19:23 - 2012-01-11 20:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoF2580.html
2010-09-17 22:42 - 2010-09-17 23:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOF5600.html
2010-04-19 13:16 - 2010-04-19 17:22 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempoG2288.html
2011-05-17 17:12 - 2011-05-17 18:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoG2808.html
2011-10-28 17:39 - 2011-10-28 17:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOh6016.html
2010-10-09 16:15 - 2010-10-09 16:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempoi1620.html
2011-04-14 22:20 - 2011-04-14 22:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempOJ1056.html
2010-09-05 19:28 - 2010-09-05 21:26 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempok4876.html
2012-12-13 13:54 - 2012-12-13 15:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoK5204.html
2011-09-03 23:38 - 2011-09-03 23:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoL5084.html
2010-04-22 19:14 - 2010-04-22 23:22 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempOM1048.html
2010-03-17 15:16 - 2010-03-17 15:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoN1484.html
2011-06-23 01:34 - 2011-06-23 01:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoO1088.html
2011-03-16 22:49 - 2011-03-17 01:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempop3640.html
2010-07-26 15:40 - 2010-07-26 15:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOP5184.html
2010-10-08 14:55 - 2010-10-08 17:21 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempOQ3996.html
2010-09-15 13:21 - 2010-09-15 14:15 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempor2404.html
2011-06-21 14:06 - 2011-06-21 16:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoR3800.html
2010-04-11 20:17 - 2010-04-11 21:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoS4532.html
2010-10-25 23:50 - 2010-10-26 00:08 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempos4960.html
2010-05-19 11:35 - 2010-05-19 11:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempos4964.html
2011-02-15 14:53 - 2011-02-15 15:53 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempOS5852.html
2011-04-27 17:51 - 2011-04-27 18:07 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempOV1784.html
2010-09-10 23:56 - 2010-09-11 00:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOV2492.html
2011-08-04 21:31 - 2011-08-04 22:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoV2752.html
2011-03-23 02:37 - 2011-03-23 02:37 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempOv4316.html
2010-05-21 15:09 - 2010-05-21 18:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOwq760.html
2010-12-29 13:52 - 2010-12-29 13:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempoY4940.html
2010-10-24 13:57 - 2010-10-24 15:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempoy5336.html
2011-10-19 21:32 - 2011-10-19 23:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOY6088.html
2011-01-10 18:54 - 2011-01-11 01:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempOy6440.html
2010-07-30 00:07 - 2010-07-30 00:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppA3720.html
2010-12-27 16:53 - 2010-12-27 16:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPb1576.html
2010-05-17 10:49 - 2010-05-17 16:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppB1684.html
2011-09-08 18:44 - 2011-09-08 19:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temppb4784.html
2010-09-06 15:45 - 2010-09-06 16:36 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempPC3564.html
2010-11-04 18:16 - 2010-11-04 19:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temppd2612.html
2010-08-06 19:51 - 2010-08-07 00:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPD3040.html
2010-04-29 16:17 - 2010-04-29 16:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppD4284.html
2011-06-21 19:05 - 2011-06-21 19:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppE4208.html
2010-04-23 14:00 - 2010-04-23 14:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPF3784.html
2011-06-23 16:10 - 2011-06-23 17:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPf4984.html
2010-12-07 00:52 - 2010-12-07 01:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temppgg248.html
2010-03-15 22:09 - 2010-03-15 22:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppH6112.html
2010-08-04 20:09 - 2010-08-04 20:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPi2296.html
2011-07-26 14:20 - 2011-07-26 19:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPi4704.html
2011-07-30 01:50 - 2011-07-30 05:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppI5764.html
2010-05-16 19:46 - 2010-05-16 21:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPj1668.html
2010-03-05 21:41 - 2010-03-06 00:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppJ2484.html
2010-03-15 00:26 - 2010-03-15 00:26 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temppk2260.html
2010-04-08 19:14 - 2010-04-08 20:09 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temppk4976.html
2010-05-16 21:39 - 2010-05-16 22:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppL2980.html
2010-12-09 23:43 - 2010-12-09 23:46 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempPl4584.html
2011-04-12 01:39 - 2011-04-12 01:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temppl5096.html
2011-05-22 13:16 - 2011-05-22 13:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPm3248.html
2010-04-23 11:17 - 2010-04-23 13:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPM4644.html
2010-08-14 19:25 - 2010-08-14 19:44 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempPn2324.html
2011-04-14 23:47 - 2011-04-15 00:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppN2732.html
2010-04-23 16:06 - 2010-04-23 16:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPO4144.html
2011-02-09 00:31 - 2011-02-09 00:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPo4948.html
2011-02-02 01:11 - 2011-02-02 01:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppP5316.html
2011-06-26 23:21 - 2011-06-26 23:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temppp5416.html
2010-11-13 17:45 - 2010-11-13 20:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppQ2904.html
2010-12-24 16:26 - 2010-12-24 17:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temppq3712.html
2010-08-19 02:14 - 2010-08-19 02:37 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempPR3360.html
2011-10-24 21:33 - 2011-10-24 21:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPr3948.html
2010-11-14 04:17 - 2010-11-14 04:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPs3408.html
2010-04-11 20:17 - 2010-04-11 21:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempps4532.html
2010-02-26 03:30 - 2010-02-26 03:32 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemppV1972.html
2011-09-21 18:24 - 2011-09-21 19:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPvc404.html
2010-06-12 16:53 - 2010-06-12 21:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPW2656.html
2011-09-21 18:24 - 2011-09-21 19:23 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempPWx404.html
2010-04-07 18:08 - 2010-04-07 19:16 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemppX1220.html
2012-01-20 17:09 - 2012-01-20 17:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempPy5876.html
2010-06-02 17:37 - 2010-06-02 19:33 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemppZ2572.html
2010-09-05 19:28 - 2010-09-05 21:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemppZ4876.html
2010-03-22 18:47 - 2010-03-22 23:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempqa3096.html
2010-08-04 19:37 - 2010-08-04 19:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQa5204.html
2011-04-12 23:34 - 2011-04-12 23:44 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQb5096.html
2011-10-08 15:23 - 2011-10-08 15:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQC1676.html
2011-05-17 23:07 - 2011-05-18 00:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQc4184.html
2010-05-06 16:52 - 2010-05-06 17:46 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempqc4772.html
2011-01-17 11:53 - 2011-01-17 13:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQC5092.html
2010-10-26 17:56 - 2010-10-26 18:51 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempqC5456.html
2010-08-15 12:17 - 2010-08-15 14:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQd3680.html
2010-09-17 14:29 - 2010-09-17 18:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempqez588.html
2010-09-23 11:19 - 2010-09-23 12:00 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempqF2408.html
2012-01-03 11:40 - 2012-01-03 13:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQf4488.html
2011-07-31 23:16 - 2011-08-01 00:28 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempqF4620.html
2010-02-26 03:25 - 2010-02-26 03:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqH1360.html
2010-04-05 10:38 - 2010-04-05 10:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQH1468.html
2010-04-20 00:19 - 2010-04-20 02:07 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempqH3020.html
2010-04-23 11:17 - 2010-04-23 13:46 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempqH4644.html
2010-12-26 20:06 - 2010-12-27 02:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQH6032.html
2010-04-04 10:46 - 2010-04-04 11:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempQI4272.html
2010-09-11 23:38 - 2010-09-11 23:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQi5508.html
2010-09-16 10:14 - 2010-09-16 11:40 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempqJ2532.html
2010-05-19 12:55 - 2010-05-19 13:42 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempQK2196.html
2010-05-18 13:29 - 2010-05-18 14:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempqk4280.html
2011-09-22 13:56 - 2011-09-22 20:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempqk5040.html
2010-09-25 17:06 - 2010-09-25 20:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqL4732.html
2010-07-26 19:04 - 2010-07-26 19:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQM4752.html
2010-04-16 00:40 - 2010-04-16 00:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqM5040.html
2010-06-20 23:40 - 2010-06-20 23:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempqn2568.html
2010-04-12 11:49 - 2010-04-12 12:45 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempQP2616.html
2010-04-20 11:02 - 2010-04-20 12:52 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempQp4080.html
2010-04-04 10:46 - 2010-04-04 11:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqP4272.html
2011-07-31 23:16 - 2011-08-01 00:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqP4620.html
2011-02-28 21:46 - 2011-02-28 22:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQS3232.html
2010-09-07 20:30 - 2010-09-07 22:11 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempqs4976.html
2010-08-25 18:06 - 2010-08-25 19:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqS5072.html
2010-05-18 19:51 - 2010-05-18 23:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqT5528.html
2010-07-10 18:33 - 2010-07-10 19:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqT6084.html
2011-06-27 01:13 - 2011-06-27 01:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQU1284.html
2011-09-06 12:26 - 2011-09-06 13:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQU4976.html
2011-11-17 21:13 - 2011-11-17 21:14 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempQv3684.html
2010-06-15 23:58 - 2010-06-16 00:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqW1956.html
2010-09-03 00:34 - 2010-09-03 00:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQx4512.html
2010-10-15 00:16 - 2010-10-15 00:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempqX5096.html
2010-05-29 09:30 - 2010-05-29 09:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempqy4964.html
2012-06-19 22:35 - 2012-06-19 22:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempQz4244.html
2011-09-01 22:14 - 2011-09-01 22:19 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemprA2364.html
2012-01-05 23:24 - 2012-01-05 23:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprA4988.html
2011-12-23 23:35 - 2011-12-24 01:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRa5712.html
2011-11-17 15:04 - 2011-11-17 19:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRB1412.html
2011-10-17 12:02 - 2011-10-17 12:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRbo240.html
2011-09-02 13:08 - 2011-09-02 15:27 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempRc3268.html
2011-05-02 22:20 - 2011-05-02 22:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRD4264.html
2010-04-14 14:13 - 2010-04-14 16:30 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemprD4476.html
2010-03-23 16:19 - 2010-03-23 17:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprD4712.html
2010-07-15 20:16 - 2010-07-15 20:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRDc568.html
2012-01-02 19:10 - 2012-01-02 19:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprE6020.html
2010-11-05 02:20 - 2010-11-05 02:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprEg992.html
2011-04-02 00:24 - 2011-04-02 00:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRF4864.html
2010-07-31 12:34 - 2010-07-31 13:27 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprFy400.html
2010-09-14 13:20 - 2010-09-14 14:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temprg2344.html
2010-09-16 17:32 - 2010-09-16 18:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRg4332.html
2010-10-07 00:01 - 2010-10-07 00:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temprg5976.html
2010-04-23 15:21 - 2010-04-23 15:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRg6120.html
2010-04-23 14:53 - 2010-04-23 14:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRH1588.html
2011-12-16 18:28 - 2011-12-16 18:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRh3636.html
2010-05-06 11:35 - 2010-05-06 11:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempri2804.html
2011-05-23 16:52 - 2011-05-23 16:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprI4704.html
2010-12-17 22:38 - 2010-12-17 23:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRI5180.html
2010-05-18 19:51 - 2010-05-18 23:48 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempRI5528.html
2010-11-03 20:35 - 2010-11-03 21:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprJ1420.html
2010-12-21 19:45 - 2010-12-21 20:58 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempRJ2164.html
2010-12-18 23:14 - 2010-12-18 23:32 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempRJ2908.html
2010-04-06 19:56 - 2010-04-06 20:07 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemprJ4024.html
2011-08-05 16:33 - 2011-08-05 21:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRJ5612.html
2010-04-15 20:06 - 2010-04-15 20:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temprl4468.html
2011-01-18 19:27 - 2011-01-18 21:37 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temprl6080.html
2010-10-10 19:49 - 2010-10-10 19:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRM1080.html
2011-04-14 17:33 - 2011-04-14 20:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRm4100.html
2010-04-23 13:47 - 2010-04-23 13:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRm4280.html
2010-04-05 11:34 - 2010-04-05 16:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRm4432.html
2011-01-31 19:29 - 2011-01-31 23:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temprm7148.html
2010-04-15 10:45 - 2010-04-15 12:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRO1280.html
2011-02-15 18:20 - 2011-02-15 18:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprO1920.html
2010-12-22 19:32 - 2010-12-22 19:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempro2608.html
2010-12-30 23:49 - 2010-12-31 01:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRo3468.html
2010-07-15 22:13 - 2010-07-15 22:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRp3588.html
2012-08-24 15:09 - 2012-08-24 15:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRp5868.html
2010-09-03 19:21 - 2010-09-03 19:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprQ3912.html
2010-04-15 13:41 - 2010-04-15 15:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprQ4180.html
2011-09-23 17:18 - 2011-09-23 21:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprQ4788.html
2011-10-02 20:03 - 2011-10-02 20:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprQ4856.html
2011-03-07 22:56 - 2011-03-08 00:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRq5732.html
2010-11-08 22:29 - 2010-11-08 22:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temprr1764.html
2010-06-28 01:38 - 2010-06-28 02:00 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temprr5296.html
2010-12-21 12:00 - 2010-12-21 12:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temprs4972.html
2010-07-26 15:51 - 2010-07-26 15:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprS5184.html
2010-04-05 08:53 - 2010-04-05 08:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprT1672.html
2010-06-21 13:27 - 2010-06-21 13:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRt4476.html
2011-03-18 16:33 - 2011-03-18 16:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temprt5212.html
2010-05-04 16:32 - 2010-05-04 22:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempru5496.html
2011-04-28 17:01 - 2011-04-28 17:31 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempRv2768.html
2010-09-08 10:41 - 2010-09-08 12:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRV3144.html
2010-08-03 21:40 - 2010-08-03 21:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temprv4312.html
2011-05-18 22:15 - 2011-05-18 22:52 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temprw3444.html
2011-09-03 17:42 - 2011-09-03 18:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemprW4920.html
2011-04-19 17:12 - 2011-04-19 20:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRW5964.html
2010-08-04 19:37 - 2010-08-04 19:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temprw5992.html
2011-06-19 18:48 - 2011-06-19 19:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRX4544.html
2011-03-20 17:24 - 2011-03-20 17:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempry4244.html
2011-06-21 18:59 - 2011-06-21 19:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempRYl252.html
2010-10-05 16:28 - 2010-10-05 18:55 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemprZ6288.html
2010-10-20 11:17 - 2010-10-20 23:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temps56632.html
2010-09-15 16:10 - 2010-09-15 16:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSa1544.html
2011-06-23 21:29 - 2011-06-23 21:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSa2332.html
2010-10-01 18:45 - 2010-10-01 19:23 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempSA3144.html
2012-02-18 18:37 - 2012-02-18 18:44 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempsa5812.html
2010-06-10 00:22 - 2010-06-10 00:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempsB1776.html
2010-08-23 16:59 - 2010-08-24 00:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSb2144.html
2011-09-09 16:55 - 2011-09-09 17:06 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempsb2572.html
2010-09-11 00:58 - 2010-09-11 01:32 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempsb4204.html
2010-11-21 19:57 - 2010-11-21 22:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSB6276.html
2011-04-17 15:38 - 2011-04-17 22:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSc1568.html
2010-08-11 21:27 - 2010-08-11 22:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempsc2208.html
2011-06-28 20:52 - 2011-06-28 21:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempsc3164.html
2010-06-21 18:31 - 2010-06-21 19:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempsD5992.html
2010-12-22 13:55 - 2010-12-22 16:40 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempSe1852.html
2011-12-22 11:35 - 2011-12-22 15:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempSf2092.html
2011-05-30 00:00 - 2011-05-30 01:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSF2684.html
2010-03-06 19:17 - 2010-03-06 20:53 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempsf3364.html
2010-08-25 08:04 - 2010-08-25 08:08 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempsG4104.html
2011-05-05 22:33 - 2011-05-05 23:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSg5808.html
2011-05-10 17:27 - 2011-05-10 19:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempShd988.html
2010-05-05 14:19 - 2010-05-05 14:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSHT840.html
2010-06-12 00:25 - 2010-06-12 00:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempsI3788.html
2010-03-09 22:04 - 2010-03-09 23:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempsK2052.html
2010-03-24 00:05 - 2010-03-24 00:52 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempsk4808.html
2010-10-10 22:06 - 2010-10-11 00:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSL1712.html
2011-12-22 11:35 - 2011-12-22 15:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSL2092.html
2010-04-19 13:16 - 2010-04-19 17:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempsm2288.html
2011-06-15 14:42 - 2011-06-15 15:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempsM4132.html
2011-09-30 21:52 - 2011-09-30 22:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempsM5144.html
2010-08-04 19:15 - 2010-08-04 19:36 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempSm5944.html
2010-06-29 20:18 - 2010-06-29 21:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempsN1664.html
2010-05-05 17:45 - 2010-05-05 19:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSN3468.html
2010-08-27 22:21 - 2010-08-27 23:19 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempSO2352.html
2010-06-05 00:01 - 2010-06-05 00:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSO5656.html
2011-01-03 22:18 - 2011-01-04 01:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempso6096.html
2010-04-16 18:55 - 2010-04-16 20:29 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempSp4788.html
2011-04-01 00:19 - 2011-04-01 00:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSR2872.html
2010-12-30 01:11 - 2010-12-30 01:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSS2748.html
2010-11-07 16:49 - 2010-11-07 17:39 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempssL980.html
2010-03-18 14:26 - 2010-03-18 18:19 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempsU3232.html
2011-08-24 17:47 - 2011-08-24 19:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempsU4892.html
2010-05-05 13:51 - 2010-05-05 14:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSU4984.html
2010-08-04 19:15 - 2010-08-04 19:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSu5944.html
2010-07-13 20:44 - 2010-07-13 21:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSv4844.html
2010-09-11 17:00 - 2010-09-11 22:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempsw3248.html
2010-04-16 16:55 - 2010-04-16 17:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempsx4540.html
2010-07-26 15:53 - 2010-07-26 16:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempsx5184.html
2010-06-15 21:56 - 2010-06-15 22:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempSX5308.html
2011-08-10 15:44 - 2011-08-10 18:12 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempsY5932.html
2010-03-09 22:04 - 2010-03-09 23:39 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempSz2052.html
2011-10-25 17:53 - 2011-10-25 18:50 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempsZ4276.html
2010-05-19 13:45 - 2010-05-19 19:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempTA3188.html
2010-04-14 14:13 - 2010-04-14 16:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptA4476.html
2010-05-16 21:39 - 2010-05-16 22:35 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempTb2980.html
2011-09-06 12:26 - 2011-09-06 13:04 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temptb4976.html
2010-03-15 00:26 - 2010-03-15 00:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptC2260.html
2010-06-03 12:33 - 2010-06-03 17:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptD2004.html
2010-09-23 11:19 - 2010-09-23 12:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTD2408.html
2011-02-24 00:01 - 2011-02-24 00:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempte4980.html
2010-04-13 15:46 - 2010-04-13 16:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temptf2008.html
2010-12-18 18:12 - 2010-12-18 18:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptG5704.html
2010-09-15 13:21 - 2010-09-15 14:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temptk2404.html
2011-09-01 13:32 - 2011-09-01 18:29 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTl1348.html
2011-06-21 23:19 - 2011-06-21 23:19 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempTl2024.html
2010-12-22 12:14 - 2010-12-22 13:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTl4252.html
2012-01-03 17:36 - 2012-01-03 18:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temptm4344.html
2011-10-06 00:11 - 2011-10-06 00:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temptm4708.html
2011-02-14 22:33 - 2011-02-14 22:37 - 0002089 _____ () C:\Users\Modi\AppData\Local\Temptn1552.html
2010-06-21 18:31 - 2010-06-21 19:07 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemptO5992.html
2011-09-05 16:50 - 2011-09-05 23:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempToa372.html
2010-04-05 10:38 - 2010-04-05 10:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempTr1468.html
2010-12-15 14:32 - 2010-12-15 15:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTR5196.html
2011-11-23 20:13 - 2011-11-24 01:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptR5592.html
2011-06-12 22:33 - 2011-06-12 22:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTs2176.html
2010-09-06 11:23 - 2010-09-06 14:15 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemptS3272.html
2010-09-15 21:34 - 2010-09-15 22:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTS3280.html
2010-08-04 19:51 - 2010-08-04 19:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptT1988.html
2012-01-03 20:21 - 2012-01-03 20:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTt3688.html
2010-07-17 23:30 - 2010-07-17 23:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTU3404.html
2011-05-22 14:05 - 2011-05-22 16:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptU4440.html
2011-10-27 13:44 - 2011-10-27 13:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptU4776.html
2011-08-09 12:16 - 2011-08-09 12:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptU5552.html
2011-05-16 17:41 - 2011-05-16 20:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\TemptV3996.html
2010-05-02 20:44 - 2010-05-02 21:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptV5808.html
2010-05-26 17:02 - 2010-05-26 23:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTV7280.html
2010-08-28 15:07 - 2010-08-28 19:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTx4892.html
2011-10-30 22:09 - 2011-10-30 22:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTX4916.html
2010-11-30 20:08 - 2010-12-01 00:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptX5596.html
2010-04-15 20:49 - 2010-04-16 00:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTy4728.html
2011-11-08 23:23 - 2011-11-08 23:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTZ2532.html
2011-04-28 17:01 - 2011-04-28 17:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTz2768.html
2011-08-15 16:58 - 2011-08-15 18:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTZ4196.html
2011-06-13 12:37 - 2011-06-13 14:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TemptZ4316.html
2011-09-21 19:52 - 2011-09-21 20:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempTZ4992.html
2011-05-03 17:00 - 2011-05-03 18:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUB1352.html
2010-08-26 22:41 - 2010-08-27 00:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUB4840.html
2010-04-10 20:34 - 2010-04-10 22:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempuc5404.html
2010-08-17 15:31 - 2010-08-17 19:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempud2728.html
2010-06-16 14:38 - 2010-06-16 18:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempud3332.html
2010-08-13 20:30 - 2010-08-13 21:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempud4452.html
2011-06-27 16:17 - 2011-06-27 16:44 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempUD4596.html
2010-04-10 20:34 - 2010-04-10 22:57 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempUd5404.html
2010-04-11 15:36 - 2010-04-11 15:38 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempUfh704.html
2012-06-01 19:52 - 2012-06-01 21:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUh1416.html
2011-02-08 10:30 - 2011-02-08 10:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempuI3404.html
2010-10-10 13:12 - 2010-10-10 18:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUI4420.html
2010-12-31 16:36 - 2010-12-31 18:20 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempUi4732.html
2011-06-26 18:02 - 2011-06-26 22:11 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempuIE380.html
2010-10-12 14:39 - 2010-10-12 14:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempuJ4900.html
2010-09-15 22:10 - 2010-09-15 22:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUK3708.html
2010-06-14 20:21 - 2010-06-14 20:39 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempUk4456.html
2010-04-01 20:36 - 2010-04-02 00:06 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempuk4568.html
2011-07-28 11:55 - 2011-07-28 11:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUL1960.html
2011-10-02 23:49 - 2011-10-02 23:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUl4140.html
2010-02-26 03:30 - 2010-02-26 03:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempuM1972.html
2010-12-22 10:35 - 2010-12-22 10:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUm2332.html
2011-08-10 15:44 - 2011-08-10 18:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempuM5932.html
2010-04-17 14:32 - 2010-04-17 21:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempun1580.html
2011-07-08 17:58 - 2011-07-08 18:20 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempUN4300.html
2010-09-03 22:07 - 2010-09-03 23:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUo2000.html
2010-11-17 23:10 - 2010-11-18 00:58 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempuo5112.html
2010-08-18 00:06 - 2010-08-18 10:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempup5084.html
2011-10-27 19:18 - 2011-10-27 19:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUP5840.html
2010-12-25 22:16 - 2010-12-25 22:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUq1784.html
2010-04-16 13:32 - 2010-04-16 16:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempur1008.html
2011-08-09 18:04 - 2011-08-09 21:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUr3008.html
2011-12-04 20:51 - 2011-12-04 20:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUr5796.html
2010-04-22 15:10 - 2010-04-22 17:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempuS4824.html
2011-12-08 18:26 - 2011-12-08 18:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUT3992.html
2010-03-07 16:47 - 2010-03-07 19:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\Temput4884.html
2011-05-14 01:13 - 2011-05-14 01:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempuU3436.html
2010-11-08 12:32 - 2010-11-08 17:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUu3992.html
2010-03-15 13:30 - 2010-03-15 21:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempuw3132.html
2010-09-10 12:09 - 2010-09-10 12:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempuW4672.html
2010-11-15 00:08 - 2010-11-15 00:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempuX1452.html
2010-04-28 20:14 - 2010-04-28 20:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUX3648.html
2010-04-09 21:50 - 2010-04-09 23:14 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempUX4380.html
2011-06-17 15:16 - 2011-06-17 20:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempUY2488.html
2010-04-23 15:07 - 2010-04-23 15:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempuyf656.html
2010-11-14 13:46 - 2010-11-14 17:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempuZ3828.html
2010-04-28 12:54 - 2010-04-28 13:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempva4196.html
2010-05-12 11:22 - 2010-05-12 11:55 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempVB4328.html
2010-04-30 00:49 - 2010-04-30 00:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVb5996.html
2010-04-20 19:19 - 2010-04-20 21:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVC4376.html
2010-11-06 13:13 - 2010-11-06 13:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempvC4392.html
2010-08-07 17:07 - 2010-08-07 17:11 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempVD4184.html
2011-05-16 22:35 - 2011-05-16 23:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempve1940.html
2010-11-02 15:49 - 2010-11-02 17:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempvE2664.html
2012-05-23 21:41 - 2012-05-23 21:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempve3408.html
2010-04-04 22:17 - 2010-04-05 00:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempvI5392.html
2010-09-04 22:43 - 2010-09-04 22:47 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempVl6012.html
2010-04-21 00:28 - 2010-04-21 01:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVM4208.html
2011-10-28 18:15 - 2011-10-28 19:35 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVn2528.html
2011-08-17 12:57 - 2011-08-17 13:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempvn3824.html
2010-09-06 20:04 - 2010-09-06 20:36 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempVN3860.html
2011-08-02 19:10 - 2011-08-02 23:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempvN4408.html
2010-09-02 20:47 - 2010-09-02 21:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVn6064.html
2010-08-04 19:48 - 2010-08-04 19:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVP2772.html
2010-06-13 17:15 - 2010-06-13 18:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempvp3220.html
2011-06-21 18:57 - 2011-06-21 18:58 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVP4168.html
2010-08-08 18:37 - 2010-08-09 00:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVp4816.html
2011-03-04 18:22 - 2011-03-04 19:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVQ5536.html
2010-05-02 16:30 - 2010-05-02 19:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempvR3152.html
2011-05-16 17:41 - 2011-05-16 20:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempvs3996.html
2011-02-15 14:53 - 2011-02-15 15:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVS5852.html
2011-08-23 18:55 - 2011-08-23 19:26 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempvt4180.html
2011-06-22 19:25 - 2011-06-22 22:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVt4300.html
2010-06-18 00:28 - 2010-06-18 00:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempvt4460.html
2010-05-10 20:17 - 2010-05-10 23:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempvT4916.html
2010-12-14 20:27 - 2010-12-14 20:32 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempVt5880.html
2010-10-25 09:08 - 2010-10-25 16:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempvU4388.html
2011-03-01 23:57 - 2011-03-02 00:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVU5768.html
2011-11-09 20:11 - 2011-11-09 20:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempvV1028.html
2010-05-22 02:02 - 2010-05-22 02:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVv1356.html
2011-12-01 16:45 - 2011-12-01 16:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVv3224.html
2010-04-03 18:40 - 2010-04-03 22:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVV4800.html
2011-05-25 21:51 - 2011-05-26 01:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVV5028.html
2010-12-19 19:32 - 2010-12-19 21:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVX1368.html
2010-06-28 23:53 - 2010-06-29 00:05 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVx2252.html
2011-09-22 23:29 - 2011-09-23 01:15 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempvY3208.html
2010-09-20 10:00 - 2010-09-20 13:49 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempvY4376.html
2010-12-31 16:36 - 2010-12-31 18:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempvY4732.html
2010-05-12 00:04 - 2010-05-12 00:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVY5744.html
2010-04-14 17:16 - 2010-04-14 18:18 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempvz2176.html
2011-04-11 22:21 - 2011-04-11 22:21 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempvz4752.html
2011-11-19 20:46 - 2011-11-19 20:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempVz5672.html
2010-02-26 03:22 - 2010-02-26 03:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWb1776.html
2010-12-20 12:27 - 2010-12-20 13:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwB2240.html
2010-05-15 01:12 - 2010-05-15 01:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwB3032.html
2010-05-03 16:22 - 2010-05-03 18:43 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwBb644.html
2010-05-26 11:54 - 2010-05-26 14:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWc2580.html
2010-10-17 20:51 - 2010-10-17 22:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwc5000.html
2010-04-23 00:21 - 2010-04-23 01:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWD1432.html
2011-06-03 22:07 - 2011-06-03 22:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWd4076.html
2010-12-22 12:14 - 2010-12-22 13:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempWD4252.html
2011-01-02 15:18 - 2011-01-03 00:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwE4624.html
2010-11-07 16:49 - 2010-11-07 17:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwes980.html
2010-08-29 17:43 - 2010-08-29 19:01 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempWF3780.html
2010-04-17 22:31 - 2010-04-18 00:28 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempwf5388.html
2010-07-23 11:35 - 2010-07-23 15:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwg3832.html
2010-03-02 21:49 - 2010-03-02 22:53 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempWG4712.html
2011-01-29 19:05 - 2011-01-30 04:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwG4716.html
2011-10-13 20:50 - 2011-10-13 21:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWI3472.html
2010-04-16 01:28 - 2010-04-16 01:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwI4272.html
2011-08-03 20:56 - 2011-08-03 22:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWI6124.html
2010-10-03 21:40 - 2010-10-03 22:31 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWj2432.html
2010-05-24 01:35 - 2010-05-24 15:48 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwj3240.html
2010-10-13 12:30 - 2010-10-13 12:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWJ6020.html
2010-05-24 21:10 - 2010-05-24 23:34 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWjj520.html
2010-04-23 15:08 - 2010-04-23 15:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwl3688.html
2010-09-10 12:09 - 2010-09-10 12:21 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempwL4672.html
2010-06-07 15:08 - 2010-06-07 17:14 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempWL7740.html
2011-06-29 22:03 - 2011-06-29 23:12 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempwm2440.html
2010-10-07 18:04 - 2010-10-08 00:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWm5748.html
2010-04-26 01:18 - 2010-04-26 01:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWn4656.html
2010-12-24 02:28 - 2010-12-24 02:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWN5512.html
2010-08-29 22:05 - 2010-08-29 22:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWO2592.html
2010-12-19 22:16 - 2010-12-19 22:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwO4200.html
2011-10-13 21:55 - 2011-10-13 23:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwo4648.html
2011-06-06 00:53 - 2011-06-06 00:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWOg980.html
2010-11-02 00:55 - 2010-11-02 00:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWp4720.html
2011-11-07 16:24 - 2011-11-07 16:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwpn148.html
2011-06-12 22:33 - 2011-06-12 22:51 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempWQ2176.html
2010-04-11 13:56 - 2010-04-11 13:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWq2328.html
2010-08-04 19:50 - 2010-08-04 19:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWq2660.html
2010-10-06 21:01 - 2010-10-06 22:44 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwq4640.html
2011-01-15 20:05 - 2011-01-15 22:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWQ5412.html
2010-11-27 01:20 - 2010-11-27 01:27 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWr1760.html
2011-05-24 22:28 - 2011-05-24 23:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwR2716.html
2010-10-09 17:02 - 2010-10-09 17:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwR4548.html
2011-01-07 01:51 - 2011-01-07 02:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwS5468.html
2012-09-04 19:07 - 2012-09-04 19:59 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWt1616.html
2010-09-19 03:26 - 2010-09-19 07:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWu2436.html
2010-11-06 19:00 - 2010-11-06 20:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwu2988.html
2011-11-13 21:16 - 2011-11-13 21:16 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWU5016.html
2011-06-14 00:29 - 2011-06-14 00:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwU6028.html
2010-04-26 16:48 - 2010-04-26 18:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempWW3404.html
2010-06-07 15:08 - 2010-06-07 17:14 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwW7740.html
2010-02-28 15:08 - 2010-02-28 17:57 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempwY1536.html
2010-06-15 19:24 - 2010-06-15 21:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwy2592.html
2011-04-03 14:08 - 2011-04-03 14:33 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempwYu828.html
2010-06-09 17:26 - 2010-06-09 19:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempwz2116.html
2011-06-21 19:20 - 2011-06-21 19:26 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempWZ3884.html
2011-05-13 18:12 - 2011-05-13 18:38 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempx70448.html
2010-04-23 14:14 - 2010-04-23 14:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXA3648.html
2011-08-14 18:52 - 2011-08-14 18:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXB2040.html
2010-04-21 00:28 - 2010-04-21 01:14 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempXB4208.html
2010-06-02 00:29 - 2010-06-02 00:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempxc2636.html
2010-05-17 22:10 - 2010-05-17 22:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxd4484.html
2010-11-02 23:27 - 2010-11-03 01:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXe2104.html
2010-09-07 14:47 - 2010-09-07 19:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempxE3732.html
2010-03-16 23:26 - 2010-03-17 01:29 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempxE5204.html
2010-10-30 17:38 - 2010-10-30 21:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempxF2176.html
2010-11-02 17:57 - 2010-11-02 18:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxf4644.html
2010-04-09 13:32 - 2010-04-09 15:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXF4860.html
2010-07-24 16:12 - 2010-07-24 16:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXg4560.html
2010-10-01 18:45 - 2010-10-01 19:23 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXh3144.html
2010-04-08 20:18 - 2010-04-08 20:32 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempXi1680.html
2011-12-28 17:57 - 2011-12-28 19:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxi3908.html
2010-05-05 14:37 - 2010-05-05 14:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXi4352.html
2010-08-01 20:10 - 2010-08-01 21:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxi5068.html
2011-01-14 16:53 - 2011-01-14 23:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxi5608.html
2010-08-20 19:28 - 2010-08-20 21:34 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempxJ2784.html
2011-07-27 19:31 - 2011-07-27 20:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXJ3268.html
2011-02-15 18:20 - 2011-02-15 18:23 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempXK1920.html
2010-05-18 13:29 - 2010-05-18 14:46 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempxl4280.html
2010-12-02 00:01 - 2010-12-02 00:07 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempXL5928.html
2010-11-16 22:19 - 2010-11-16 22:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXM4016.html
2011-02-03 17:31 - 2011-02-03 20:22 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXm4400.html
2012-12-13 13:54 - 2012-12-13 15:36 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempxm5204.html
2010-04-11 13:56 - 2010-04-11 13:57 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempxN2328.html
2010-11-05 15:33 - 2010-11-05 18:56 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXN4492.html
2010-12-15 17:36 - 2010-12-15 21:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxp6280.html
2011-06-16 00:39 - 2011-06-16 00:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXQ2332.html
2011-08-25 13:38 - 2011-08-25 17:47 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXr4220.html
2011-04-11 12:27 - 2011-04-11 13:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempxR4404.html
2010-08-20 22:00 - 2010-08-20 22:01 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxso956.html
2010-04-22 10:07 - 2010-04-22 15:07 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempXT3780.html
2011-03-11 00:39 - 2011-03-11 22:11 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempxt3980.html
2011-02-17 23:57 - 2011-02-18 01:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempxT4720.html
2010-04-07 22:08 - 2010-04-07 23:19 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempxv3876.html
2010-05-22 02:02 - 2010-05-22 02:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXW1356.html
2011-09-18 20:55 - 2011-09-18 21:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXw4136.html
2011-10-10 20:58 - 2011-10-10 23:17 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXW5020.html
2011-09-24 17:24 - 2011-09-24 17:24 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempxW5088.html
2011-01-13 00:52 - 2011-01-13 01:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXw6124.html
2010-06-15 13:41 - 2010-06-15 14:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxxb396.html
2010-09-06 11:23 - 2010-09-06 14:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxy3272.html
2010-05-06 18:50 - 2010-05-06 21:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxy5396.html
2011-03-30 21:58 - 2011-03-30 22:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempxY5964.html
2011-05-04 14:30 - 2011-05-04 20:12 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempXZ2904.html
2010-08-22 14:02 - 2010-08-22 14:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempxz3316.html
2010-09-16 10:14 - 2010-09-16 11:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempya2532.html
2010-05-02 22:07 - 2010-05-02 22:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempyA3528.html
2011-05-08 15:12 - 2011-05-08 18:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYa3588.html
2010-06-09 10:33 - 2010-06-09 12:54 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempya4052.html
2010-04-05 21:17 - 2010-04-05 22:54 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYb1672.html
2010-08-19 02:14 - 2010-08-19 02:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempyB3360.html
2010-09-29 15:07 - 2010-09-29 19:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempyb3840.html
2011-06-22 19:25 - 2011-06-22 22:03 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempYB4300.html
2011-01-25 22:41 - 2011-01-26 00:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempyb5972.html
2010-09-10 23:56 - 2010-09-11 00:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempYc2492.html
2010-12-19 22:16 - 2010-12-19 22:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempYC4200.html
2011-10-25 17:53 - 2011-10-25 18:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempyD4276.html
2011-08-22 21:01 - 2011-08-22 21:01 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempyd5784.html
2010-04-07 22:08 - 2010-04-07 23:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYe3876.html
2011-03-23 02:37 - 2011-03-23 02:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYe4316.html
2011-12-06 22:43 - 2011-12-06 23:06 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempyE5288.html
2012-11-17 20:05 - 2012-11-17 20:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempyf1344.html
2010-09-09 12:24 - 2010-09-09 12:30 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYF1544.html
2010-09-06 10:13 - 2010-09-06 10:45 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempyF3980.html
2010-05-29 09:30 - 2010-05-29 09:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYf4964.html
2011-02-26 19:10 - 2011-02-26 21:50 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempyg2564.html
2010-03-15 13:30 - 2010-03-15 21:24 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYg3132.html
2011-09-08 17:14 - 2011-09-08 17:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYG3420.html
2011-05-22 17:38 - 2011-05-22 18:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempyi2360.html
2012-02-15 19:40 - 2012-02-15 21:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYJ2436.html
2011-10-08 15:23 - 2011-10-08 15:35 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempyk1676.html
2010-09-06 10:13 - 2010-09-06 10:45 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempyL3980.html
2010-04-06 20:55 - 2010-04-06 23:20 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempyl4700.html
2011-08-29 15:26 - 2011-08-29 16:29 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempYlZ108.html
2011-04-29 02:18 - 2011-04-29 04:08 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYmB728.html
2012-01-02 15:39 - 2012-01-02 17:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYn4372.html
2011-10-06 00:11 - 2011-10-06 00:12 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempyn4708.html
2010-04-03 14:03 - 2010-04-03 14:49 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempyO2960.html
2010-05-17 22:10 - 2010-05-17 22:10 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempyO4484.html
2010-05-22 02:03 - 2010-05-22 02:04 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYp1356.html
2011-11-21 19:51 - 2011-11-21 19:53 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempyP2168.html
2010-06-10 22:20 - 2010-06-11 00:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYP4332.html
2011-02-20 21:50 - 2011-02-20 22:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYQ1004.html
2011-06-16 01:14 - 2011-06-16 01:33 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempyQ3256.html
2011-11-01 16:15 - 2011-11-01 16:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYQ3468.html
2010-08-07 17:07 - 2010-08-07 17:11 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYQ4184.html
2010-05-05 10:24 - 2010-05-05 11:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempyR3228.html
2010-10-11 18:04 - 2010-10-11 20:13 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYs1652.html
2011-04-25 21:16 - 2011-04-25 23:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempys4852.html
2010-08-16 21:24 - 2010-08-17 01:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYS5564.html
2010-07-09 14:33 - 2010-07-09 14:55 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYt3788.html
2010-10-13 00:08 - 2010-10-13 00:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempyt4920.html
2010-05-27 20:24 - 2010-05-27 22:37 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYt5180.html
2011-03-06 22:05 - 2011-03-06 23:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempyt5224.html
2011-07-25 17:38 - 2011-07-25 19:41 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempyu3492.html
2011-03-10 03:28 - 2011-03-10 03:28 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYv1648.html
2010-04-29 20:54 - 2010-04-29 22:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYV4460.html
2010-04-20 11:02 - 2010-04-20 12:52 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYW4080.html
2010-05-05 13:51 - 2010-05-05 14:14 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempyW4984.html
2010-04-12 13:26 - 2010-04-12 19:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempYXp320.html
2010-07-19 20:33 - 2010-07-19 20:40 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempyy5116.html
2010-09-04 16:24 - 2010-09-04 22:15 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempyz3796.html
2010-09-29 15:07 - 2010-09-29 19:36 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZA3840.html
2011-01-09 18:41 - 2011-01-09 20:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZaA856.html
2010-04-05 08:53 - 2010-04-05 08:57 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempzB1672.html
2010-05-05 14:31 - 2010-05-05 14:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzBZ612.html
2010-06-12 00:25 - 2010-06-12 00:39 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZc3788.html
2010-04-04 14:06 - 2010-04-04 14:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempzC5520.html
2011-09-14 21:09 - 2011-09-14 22:57 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzE6020.html
2010-11-02 13:09 - 2010-11-02 13:19 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzF1784.html
2010-08-01 15:24 - 2010-08-01 20:06 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZf4468.html
2010-04-18 16:15 - 2010-04-18 16:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempzg1524.html
2010-04-23 13:49 - 2010-04-23 13:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZg4660.html
2010-05-06 16:52 - 2010-05-06 17:46 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZG4772.html
2010-04-08 16:57 - 2010-04-08 16:57 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZH5508.html
2010-04-28 16:25 - 2010-04-28 16:34 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempzi5012.html
2010-12-27 20:38 - 2010-12-27 20:39 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempzI5696.html
2010-03-17 01:29 - 2010-03-17 01:38 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempziW452.html
2011-09-28 21:20 - 2011-09-29 01:02 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZj1376.html
2011-02-18 15:56 - 2011-02-18 15:56 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZJ1888.html
2011-07-08 17:58 - 2011-07-08 18:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzJ4300.html
2011-10-20 10:41 - 2011-10-20 10:42 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzJ5060.html
2010-03-23 16:19 - 2010-03-23 17:10 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZk4712.html
2010-08-04 20:12 - 2010-08-04 20:18 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZl3240.html
2010-04-21 18:56 - 2010-04-21 18:56 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZm5468.html
2010-02-26 03:25 - 2010-02-26 03:25 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempzn1360.html
2010-07-31 21:07 - 2010-07-31 22:09 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempzo3996.html
2011-06-14 22:44 - 2011-06-14 22:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZp5044.html
2011-02-26 19:10 - 2011-02-26 21:50 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZQ2564.html
2010-09-06 18:11 - 2010-09-06 19:51 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZQ4400.html
2010-05-10 11:28 - 2010-05-10 17:03 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZr1192.html
2010-12-20 12:27 - 2010-12-20 13:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempzR2240.html
2010-07-18 23:48 - 2010-07-19 00:00 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempzr5008.html
2011-03-22 01:34 - 2011-03-22 01:36 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzS1832.html
2010-12-22 13:55 - 2010-12-22 16:40 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzS1852.html
2010-04-06 19:56 - 2010-04-06 20:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzS4024.html
2010-12-18 23:14 - 2010-12-18 23:32 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzT2908.html
2011-11-10 20:08 - 2011-11-10 22:49 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZu4328.html
2010-11-12 22:02 - 2010-11-13 00:26 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZu5944.html
2010-04-20 00:19 - 2010-04-20 02:07 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzV3020.html
2010-06-15 00:28 - 2010-06-15 00:39 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZV3700.html
2011-06-13 12:37 - 2011-06-13 14:41 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZV4316.html
2010-04-16 16:55 - 2010-04-16 17:59 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempzv4540.html
2011-11-15 04:02 - 2011-11-15 04:02 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempzW1612.html
2011-02-03 17:31 - 2011-02-03 20:22 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZw4400.html
2010-09-08 10:41 - 2010-09-08 12:18 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZX3144.html
2011-02-20 11:31 - 2011-02-20 13:21 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZx4992.html
2010-03-03 19:10 - 2010-03-03 20:22 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZy1736.html
2011-01-04 17:11 - 2011-01-04 21:20 - 0002432 _____ () C:\Users\Modi\AppData\Local\TempZY2348.html
2010-08-24 10:36 - 2010-08-24 10:46 - 0002089 _____ () C:\Users\Modi\AppData\Local\Tempzy4788.html
2010-11-20 16:54 - 2010-11-20 20:25 - 0002432 _____ () C:\Users\Modi\AppData\Local\Tempzz1908.html
2010-04-09 18:29 - 2010-04-09 21:18 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempZZ4404.html
2011-01-15 20:05 - 2011-01-15 22:06 - 0002089 _____ () C:\Users\Modi\AppData\Local\TempzZ5412.html
2013-11-03 18:44 - 2013-11-09 16:41 - 0000125 ___SH () C:\ProgramData\.zreglib
2010-02-25 22:53 - 2010-02-25 22:58 - 0007820 _____ () C:\ProgramData\ArcadeDeluxe3.log
2010-02-26 20:23 - 2010-02-26 22:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-10-29 07:58 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2010-12-03 19:45 - 2011-02-19 18:05 - 0020734 _____ () C:\ProgramData\hpzinstall.log
2010-05-04 22:06 - 2010-05-04 22:07 - 0000091 _____ () C:\ProgramData\PS.log

Some files in TEMP:
====================
C:\Users\Modi\AppData\Local\Temp\AcDeltree.exe
C:\Users\Modi\AppData\Local\Temp\avgnt.exe
C:\Users\Modi\AppData\Local\Temp\Execute2App.exe
C:\Users\Modi\AppData\Local\Temp\ExPromo.exe
C:\Users\Modi\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Modi\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Modi\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Modi\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Modi\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Modi\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Modi\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Modi\AppData\Local\Temp\ksjfqdbl.dll
C:\Users\Modi\AppData\Local\Temp\msvcp90.dll
C:\Users\Modi\AppData\Local\Temp\msvcr90.dll
C:\Users\Modi\AppData\Local\Temp\oi_{73D4BB84-07ED-4695-AA5C-BA71B4EB5751}.exe
C:\Users\Modi\AppData\Local\Temp\proxy_vole8710444340028564435.dll
C:\Users\Modi\AppData\Local\Temp\Quarantine.exe
C:\Users\Modi\AppData\Local\Temp\RSPUpgradeInstaller.exe
C:\Users\Modi\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Modi\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-29 07:07

==================== End of log ============================

Kris_ · 29.06.2015, 20:54

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Modi at 2015-06-29 21:24:45
Running from C:\Users\Modi\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3319006498-4150260777-3634854002-500 - Administrator - Disabled)
Gast (S-1-5-21-3319006498-4150260777-3634854002-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319006498-4150260777-3634854002-1004 - Limited - Enabled)
Modi (S-1-5-21-3319006498-4150260777-3634854002-1001 - Administrator - Enabled) => C:\Users\Modi
UpdatusUser (S-1-5-21-3319006498-4150260777-3634854002-1010 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.7.0715 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActivePerl 5.14.2 Build 1402 (64-bit) (HKLM\...\{4FC945A7-D54E-4F00-BE32-90553F80FCE8}) (Version: 5.14.1402 - ActiveState)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.3.6.0 - SlySoft)
A-PDF Restrictions Remover 1.6 (HKLM-x32\...\A-PDF Restrictions Remover_is1) (Version:  - A-PDF Solution)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ArchiCAD 15 R1 GER (HKLM\...\001FFF2FFF15FF00FF0201F01F02F000-R1) (Version: 15.0 - Graphisoft)
AutoCAD 2010 - Deutsch (HKLM\...\AutoCAD 2010 - Deutsch) (Version: 18.0.55.0 - Autodesk)
AutoCAD 2010 - Deutsch (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD 2010 Language Pack - Deutsch (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD DWG and DXF To PDF Converter v2.2 (HKLM-x32\...\AutoCAD DWG and DXF To PDF Converter v2.2_is1) (Version:  - VeryPDF.com Inc)
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2013 (HKLM-x32\...\{58760EEC-8B6A-43F4-81AA-696E381DFADD}) (Version: 3.0.13 - Autodesk)
Autodesk Revit 2013 (HKLM\...\Autodesk Revit 2013) (Version: 12.02.21203 - Autodesk)
AVAPLAN Studio 2008 Version 1.9.3 (HKLM-x32\...\AVAPLAN Studio 2008_is1) (Version: 1.9 - AVAPLAN)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.1.165.0 - Microsoft Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Brother MFC-5890CN (HKLM-x32\...\{BA9388B4-D7F3-4F4A-99BC-65A10E69C5BD}) (Version: 1.00 - Brother)
Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-6890CDW (HKLM-x32\...\{F9626826-162E-4EFD-9440-3F3B8317C097}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Burn4Free CD and DVD (HKLM-x32\...\Burn4Free) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.9.1 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Driver Install 64-bit (HKLM-x32\...\InstallShield_{DED365F8-E10B-43B0-A9C4-B5542A1E2DDD}) (Version: 1.00.0000 - Your Company Name)
Driver Install 64-bit (x32 Version: 1.00.0000 - Your Company Name) Hidden
DWG TrueConvert™ (HKLM-x32\...\{5783F2D7-0221-0409-0000-0060B0CE6BBA}) (Version: 16.2.0.0 - autodesk)
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
EASEUS Partition Master 4.1.1 Professional (HKLM-x32\...\EASEUS Partition Master Professional Edition_is1) (Version:  - EASEUS)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular für Privatanwender 12.3.2.6814p) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Free Launch Bar 64-bit Edition (HKLM\...\{85C76689-536B-4CD4-AD94-2F5D259C084B}) (Version: 2.0.0.0 - Tordex)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Garmin POI Loader (HKLM-x32\...\{D181A318-28DF-4B83-8F13-24C2D0BDA12D}) (Version: 2.6.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 4.33.000 - Runtime Software)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5205 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gordon's Gate Flash Driver 1.1.0.12 (HKLM-x32\...\Gordon's Gate Flash Driver) (Version: 1.1.0.12 - Sony Ericsson Mobile Communications)
GPL Ghostscript 8.71 (HKLM\...\GPL Ghostscript 8.71) (Version:  - )
Graphisoft ArchiCAD 6.5r3 GERMAN (HKLM-x32\...\Graphisoft ArchiCAD 6.5r3 GERMAN) (Version:  - )
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
ICY Hexplorer (remove only) (HKLM-x32\...\Hexplorer) (Version:  - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
IE Download Helper (HKLM\...\{BFF1715F-F0E5-4FDF-B2CC-FF5B7CC4733A}) (Version: 3.0 - IE Download Helper)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.6.1 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.6.1 - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 38.0.6 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.6 (x86 de)) (Version: 38.0.6 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.6 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mp3tag v2.49b (HKLM-x32\...\Mp3tag) (Version: v2.49b - Florian Heidenreich)
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.7.4 - F.J. Wechselberger)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
NetLimiter 2 Pro (remove only) (HKLM-x32\...\NetLimiter 2 Pro) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA 3D Vision Controller-Treiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.58 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.58 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.58 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN (HKLM-x32\...\{DBBA19C5-6EB4-4753-B881-189CF6ACB9CD}) (Version: 2.0.9 - tubIT)
Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Revit 2013 (Version: 12.02.21203 - Autodesk) Hidden
Revit 2013 Language Pack - Deutsch (Version: 12.02.21203 - Autodesk) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
SAMSUNG CDMA Modem Driver Set (HKLM-x32\...\SAMSUNG CDMA Modem) (Version:  - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SCENE LT 4.8.2.25521 x64 (HKLM\...\SCENE LT x64_is1) (Version: 4.8.2.25521 - FARO Technologies)
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sophos Anti-Rootkit 1.5.20 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.20 - Sophos Plc)
Sothink SWF Decompiler (HKLM-x32\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Sothink SWF Editor (HKLM-x32\...\{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1) (Version: 1.3 - SourceTec Software Co., LTD)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{C71067FC-288F-4E0B-88C6-44DFDA8311E2}) (Version: 4.5.9.0 - Husdawg, LLC)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Router v0.9 Beta (HKLM-x32\...\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}) (Version: 0.9.0 - Chris Pietschmann)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
web'n'walk Manager  (HKLM\...\{83F2246D-3610-4E12-9ABB-0612BD9655B2}_x) (Version: 2.6.0.385 - Option nv)
web'n'walk Manager (Version: 2.6.0.385 - Option nv) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00b of 2011-Jan-12 (Build 132) (Setup) - WIBU-SYSTEMS AG)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WISO Steuer 2014 (HKLM-x32\...\{859357DB-A89A-454F-B5E6-D4058BA29ADD}) (Version: 21.00.8480 - Buhl Data Service GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.27_TME - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit 2013\Program\APIContext.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2014\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2010-05-04 14:06 - 2012-08-27 23:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {201507CE-4E7B-4BA7-9ECC-066D8A92142E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {23D83F19-A343-4895-8C14-B5190A419BAE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {2A714B64-C6FD-49E5-A022-45A668637CC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {3822019C-9A7F-4144-AFC5-1E897D5EFBEF} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {4D9BE642-9BDF-404E-B538-CB4B0FA22298} - System32\Tasks\AdobeAAMUpdater-1.0-Modi-PC-Modi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {4EE60E91-C012-424A-8C31-2291C9D14B78} - System32\Tasks\{A562434C-15A0-40B0-B7CF-67AD1E54289E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {504D8917-F98B-4C7C-B4E2-3669D6820954} - System32\Tasks\Opera scheduled Autoupdate 1434746935 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software)
Task: {566F6CD6-1F02-4F95-BDEF-CCDBA9AC8664} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {574BB2D2-4215-433C-8B05-D9327A17ED1D} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {5D8CBA4A-95FC-4A8B-B79F-531E0D11A37D} - System32\Tasks\{9F8C6B7C-D2CF-42D0-8E74-BBA2EDCACFC2} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {65EA0985-34D9-4856-BEAB-BC90C3AF999F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3319006498-4150260777-3634854002-1001Core => C:\Users\Modi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {6945E565-9B02-4799-B3EF-9AA7E3347CEA} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {6F5FCED2-C379-4791-B4A9-5A45CD140E93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {70319E67-2512-4855-8B93-1ABF5E341C76} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {70D3A895-9B10-4995-8859-E5CF32ED9C51} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {8304CF68-8580-4552-AC9B-80C928E636F0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {889B120E-1DDE-44E6-83F4-EEA72553C9D9} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {8D4ABA6E-6212-4B8E-A379-25DB876C38E1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {950785FA-33D3-4E26-9674-17EAA68B5784} - System32\Tasks\{F29DA6E6-1501-4F34-B3CB-25E43C6515C9} => pcalua.exe -a "C:\PROGRA~4\ArchiCAD 6.5\UNWISE.EXE" -c C:\PROGRA~4\ArchiCAD 6.5\INSTALL.LOG
Task: {9AE88037-E69F-447D-9F05-2D164F048AC8} - \SmartSync Pro-Modi No Task File <==== ATTENTION
Task: {A7F108AF-F1EF-4BB1-B904-38A1D6CB4AB2} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-05] (Microsoft Corporation)
Task: {AFB6DBA3-C5BF-4E28-A8B3-6B1BE74F7073} - System32\Tasks\{14576185-CC62-4601-A751-5F1F084EFF3E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {BA085A7D-43DD-46E7-A7D0-D4B167CEF79A} - System32\Tasks\{8383A47F-7E74-46E5-931B-7D256C4CFEB2} => pcalua.exe -a "C:\Users\Modi\Downloads\acad\archicad 8.1\Setup.exe" -d "C:\Users\Modi\Downloads\acad\archicad 8.1"
Task: {C22BD7F6-F797-4D73-AFCA-BCECD06CB085} - System32\Tasks\DWBTM => C:\ProgramData\37e30e59d1a7430da05c726d0388106f\37e30e59d1a7430da05c726d0388106f.exe <==== ATTENTION
Task: {C420973A-B1C5-4FCB-84B9-F42742EA606D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {CC5D6850-2E42-48AF-8DBE-1E4F86E2AE5B} - System32\Tasks\{444CC984-C6E6-48D3-A506-57ED55EEC0CB} => pcalua.exe -a C:\PROGRA~2\ARCHIC~1.5\UNWISE.EXE -c C:\PROGRA~2\ARCHIC~1.5\INSTALL.LOG
Task: {CEA887D5-C6D1-4BD1-BBA9-C890A8A37637} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {E6814066-F036-4C40-B310-BB32F755EE9D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3319006498-4150260777-3634854002-1001UA => C:\Users\Modi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {E9AA472B-F554-4325-9CFF-C85B67D5B6F8} - System32\Tasks\{365E6BF1-66D0-4BBA-A09E-D7501AFAFD11} => pcalua.exe -a "C:\Users\Modi\Desktop\Netlimiter 2.0.10.1 x64.exe" -d C:\Users\Modi\Desktop
Task: {F3CEBDAB-9C8B-467F-97B6-E88504AB928E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10] (Oracle Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-29 12:29 - 2015-03-29 12:29 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-06-01 16:00 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-12-30 15:39 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2010-12-14 16:12 - 2007-08-13 11:41 - 00022016 _____ () C:\Windows\System32\cl31cl6.dll
2010-05-03 11:22 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:8FF81EB0
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\microsoft.com -> *.update.microsoft.com
IE trusted site: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\windowsupdate.com -> windowsupdate.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: nlsvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TuneUp.Defrag => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: WDFME => 2
MSCONFIG\Services: WDSC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat - Schnellstart.lnk => C:\Windows\pss\Adobe Acrobat - Schnellstart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk => C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Netzwerk Server.lnk => C:\Windows\pss\Netzwerk Server.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Modi\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files (x86)\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: GMX SMS-Manager => C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F7D2772F-0B81-426F-8578-141D6C46D434}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{21794B7D-038C-46C3-ABB2-BA02D7D5331A}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{D44B1660-1054-4F94-B4A6-92F0CC1C08FC}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{0584C4F0-F225-4D4C-9E47-0253EFDA52EA}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{6ADB8A43-55CE-4931-84A3-DDDA223050BD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE400062-E8E9-4B62-9299-4993E9BA520D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{34D278AF-2F4F-4FFF-AFFF-6870EE196BEE}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{B3DD5BCA-9101-40DC-865F-ED29B1C2D2DC}] => (Allow) LPort=26675
FirewallRules: [{5E0D7C75-ECF6-4E20-8A3A-1B48DC762BD4}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{67068B71-EE5C-437F-99BE-8834250DC4D8}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{971877BF-ECE6-420F-8D34-7835679335F8}] => (Allow) LPort=26675
FirewallRules: [{F8697881-9970-476B-A837-3C4070175F2C}] => (Allow) LPort=5353
FirewallRules: [{700602CC-8D0E-40AF-973F-CBB8F6ECDEA7}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{997D793C-53FC-4511-8A66-5D94CDE4EDC2}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{AA454716-066F-4E42-88C5-5A6FCB0753B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E5C5B51B-1E85-480F-B504-DE8E245D9D5F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BC78C804-457A-40D3-9721-A725277D48FE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{955A4E34-5056-4D62-8061-61156D9C64FB}] => (Allow) svchost.exe
FirewallRules: [{3F44E5DD-1866-446C-91DF-306822C8EDAE}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{8F85ED85-85D0-4C07-8FE2-9D9CB3D512DF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08z\FAXRX.exe
FirewallRules: [{A81FBBCC-C73A-4025-B6E3-C3333F8E13E5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08z\FAXRX.exe
FirewallRules: [{5DA62D22-788B-4634-A499-2097241C3291}] => (Allow) LPort=54925
FirewallRules: [{61C6CF7D-C72A-475E-82BB-A85E9B8CB11B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{988329F4-A1A1-4D51-803C-EF2725A97627}\setup\hpznui40.exe
FirewallRules: [{472D8E19-42A0-43AB-9BE8-1B0FF5976545}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{154AC88C-9065-405B-9EA8-C895AEC0DBB6}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{15392196-2638-412A-83E3-8FE1AB59DAA8}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{A4798657-114B-4487-AC96-2FAC1533194F}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{52EF2D4B-C2F8-4137-BA34-2BE77CAD4F78}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{0E587EEE-0D4A-43AB-BE90-421A5D1617F7}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{D61D3C04-5663-4FF9-9BB9-E168731DA159}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{424FC3A2-D01B-4BCD-956F-2D1C3835A4EB}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{A9475651-E6EB-4310-A846-8729753919FF}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{4FC6C223-F15E-482A-B0AC-344F141FB7B1}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{CEB5C6FB-AE00-40A1-9B80-FB4E0363DC81}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{D1B8F217-E71D-44A8-924F-8211A4AB9E7C}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{497E63A2-6666-4CA5-B67B-6974FBCC704B}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{7EEA6669-E7D5-4253-B1AF-5BD6FF9EC77F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DCDA8AF8-5B0B-4E93-84BF-DF0D48C210F4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{9666A466-47AC-49BD-9D69-352A67979D4A}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [UDP Query User{21A2B66E-2AD4-4719-B1C6-7573E6286F0B}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [TCP Query User{F213EDEA-AAA0-4652-93FE-52D14B86A41B}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Block) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{1014128F-28CA-4972-93F4-1AEEAADA3B04}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Block) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [TCP Query User{AC12EF30-2C7C-4CA0-BDA5-5062B530F848}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{AD9896C7-DC1A-45A5-BC24-98CC18B06A15}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{769E3409-C747-42DF-B392-71C071477F26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D8034ED2-F015-4DBC-9086-C2717EB8938F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4B02198D-2F9E-4542-A7FB-B9F2C6CDA402}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D40F4695-DA9D-446F-996F-4BFB83720A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{113911FF-9A99-400A-A733-6971B66EAAE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3B7BC4C1-87A4-4B0B-BD32-F102D54E8CC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{657EE55B-F2C5-4719-B3CE-8126A211866A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BC90B1AB-061B-4B75-84C7-A590662377DC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AF7C0631-8F58-49AF-8E82-E502C1D1DEE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B3EA02-21D8-4BDE-A514-94AC42BD39B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9D3C3AFE-4648-439F-8441-9891589B2CE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8F9F1D28-A242-48BC-AF72-D760623F9928}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{44624729-AACC-486C-8ED3-40827E99B370}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D3244176-A8DD-4077-8892-CACCA2143A42}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{793539DC-5D0A-4B76-9419-C37B137871E8}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3A7ECEBD-6611-4FAA-A9B5-F0EE0A4D7D60}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D53EE216-D388-48F6-B806-C8ACB5AC26B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{028858F3-5738-4B2F-9C45-4B65997CF732}] => (Allow) LPort=49194
FirewallRules: [{5236712E-175A-4D13-9DF0-5EB4F548D16B}] => (Allow) LPort=5000
FirewallRules: [{702CF894-3EFF-491A-A42C-8EF558BBDD3C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Broadcom NetLink (TM) Gigabit Ethernet
Description: Broadcom NetLink (TM) Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2015 08:22:34 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: IPv4-Fehler beim Starten des Diensts für Windows Mobile 2003-Geräteverbindungen. (Die Daten enthalten den Fehlercode.)

Error: (06/29/2015 08:20:15 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (06/28/2015 10:55:02 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: IPv4-Fehler beim Starten des Diensts für Windows Mobile 2003-Geräteverbindungen. (Die Daten enthalten den Fehlercode.)

Error: (06/28/2015 10:52:49 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (06/20/2015 04:30:58 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - Mozilla Firefox 38.0.5 (x86 de); Fehler = 0x80070422).

Error: (06/20/2015 04:27:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed Facebook Video Calling 3.1.0.521; Fehler = 0x80070422).

Error: (06/20/2015 04:27:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed Facebook Video Calling 3.1.0.521; Fehler = 0x80070422).

Error: (06/20/2015 04:27:41 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - Facebook Video Calling 3.1.0.521; Fehler = 0x80070422).

Error: (06/20/2015 04:25:20 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: GetSteamInstallPath failed 2

Error: (06/20/2015 04:25:18 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Steam wird entfernt; Fehler = 0x80070422).


System errors:
=============
Error: (06/29/2015 09:16:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/29/2015 09:16:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/29/2015 09:16:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/29/2015 09:16:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/29/2015 09:16:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VirtualRouterService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/29/2015 09:16:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Updater Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/29/2015 09:16:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/29/2015 09:16:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/29/2015 09:16:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NTI Backup Now 5 Scheduler Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/29/2015 09:16:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NTI IScheduleSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (02/11/2011 06:58:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2910 seconds with 1860 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-12-26 12:44:43.643
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:43.254
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:39.442
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:39.091
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:35.785
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:35.402
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:32.214
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:31.860
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:28.988
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:28.654
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 33%
Total physical RAM: 4090.93 MB
Available physical RAM: 2731.71 MB
Total Pagefile: 8180.06 MB
Available Pagefile: 6458.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:224.89 GB) (Free:50.18 GB) NTFS
Drive d: (Volume) (Fixed) (Total:443.64 GB) (Free:149.31 GB) NTFS
Drive j: (2. System) (Fixed) (Total:29.99 GB) (Free:20.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 3CDD33AE)
Partition 1: (Active) - (Size=110 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=224.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=473.6 GB) - (Type=OF Extended)

==================== End of log ============================

--- --- ---

cosinus · 29.06.2015, 22:41

FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
cmd: del C:\Users\Modi\AppData\Local\Temp*.html /q
Task: {9AE88037-E69F-447D-9F05-2D164F048AC8} - \SmartSync Pro-Modi No Task File <==== ATTENTION
Task: {C22BD7F6-F797-4D73-AFCA-BCECD06CB085} - System32\Tasks\DWBTM => C:\ProgramData\37e30e59d1a7430da05c726d0388106f\37e30e59d1a7430da05c726d0388106f.exe <==== ATTENTION
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Kris_ · 29.06.2015, 23:29

Code:

ATTFilter

Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Modi at 2015-06-30 00:15:50 Run:1
Running from C:\Users\Modi\Desktop
Loaded Profiles: Modi & UpdatusUser (Available Profiles: Modi & UpdatusUser)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
cmd: del C:\Users\Modi\AppData\Local\Temp*.html /q
Task: {9AE88037-E69F-447D-9F05-2D164F048AC8} - \SmartSync Pro-Modi No Task File <==== ATTENTION
Task: {C22BD7F6-F797-4D73-AFCA-BCECD06CB085} - System32\Tasks\DWBTM => C:\ProgramData\37e30e59d1a7430da05c726d0388106f\37e30e59d1a7430da05c726d0388106f.exe <==== ATTENTION
EmptyTemp:
         
*****************

"HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully

=========  del C:\Users\Modi\AppData\Local\Temp*.html /q =========


========= End of CMD: =========

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9AE88037-E69F-447D-9F05-2D164F048AC8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9AE88037-E69F-447D-9F05-2D164F048AC8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartSync Pro-Modi" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C22BD7F6-F797-4D73-AFCA-BCECD06CB085}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C22BD7F6-F797-4D73-AFCA-BCECD06CB085}" => key removed successfully
C:\Windows\System32\Tasks\DWBTM => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DWBTM" => key removed successfully
EmptyTemp: => 6.1 GB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 00:21:51 ====

Wie schlimm ist es, da ich bis jetzt das Ganze nicht einschätzen kann?

cosinus · 30.06.2015, 07:57

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken

Kris_ · 30.06.2015, 17:20

FRST.txt

Code:

ATTFilter

LastRegBack: 2015-03-29 07:07

==================== End of log ============================

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Modi at 2015-06-30 18:16:53
Running from C:\Users\Modi\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3319006498-4150260777-3634854002-500 - Administrator - Disabled)
Gast (S-1-5-21-3319006498-4150260777-3634854002-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319006498-4150260777-3634854002-1004 - Limited - Enabled)
Modi (S-1-5-21-3319006498-4150260777-3634854002-1001 - Administrator - Enabled) => C:\Users\Modi
UpdatusUser (S-1-5-21-3319006498-4150260777-3634854002-1010 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.7.0715 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActivePerl 5.14.2 Build 1402 (64-bit) (HKLM\...\{4FC945A7-D54E-4F00-BE32-90553F80FCE8}) (Version: 5.14.1402 - ActiveState)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.3.6.0 - SlySoft)
A-PDF Restrictions Remover 1.6 (HKLM-x32\...\A-PDF Restrictions Remover_is1) (Version:  - A-PDF Solution)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ArchiCAD 15 R1 GER (HKLM\...\001FFF2FFF15FF00FF0201F01F02F000-R1) (Version: 15.0 - Graphisoft)
AutoCAD 2010 - Deutsch (HKLM\...\AutoCAD 2010 - Deutsch) (Version: 18.0.55.0 - Autodesk)
AutoCAD 2010 - Deutsch (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD 2010 Language Pack - Deutsch (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD DWG and DXF To PDF Converter v2.2 (HKLM-x32\...\AutoCAD DWG and DXF To PDF Converter v2.2_is1) (Version:  - VeryPDF.com Inc)
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2013 (HKLM-x32\...\{58760EEC-8B6A-43F4-81AA-696E381DFADD}) (Version: 3.0.13 - Autodesk)
Autodesk Revit 2013 (HKLM\...\Autodesk Revit 2013) (Version: 12.02.21203 - Autodesk)
AVAPLAN Studio 2008 Version 1.9.3 (HKLM-x32\...\AVAPLAN Studio 2008_is1) (Version: 1.9 - AVAPLAN)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.1.165.0 - Microsoft Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Brother MFC-5890CN (HKLM-x32\...\{BA9388B4-D7F3-4F4A-99BC-65A10E69C5BD}) (Version: 1.00 - Brother)
Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-6890CDW (HKLM-x32\...\{F9626826-162E-4EFD-9440-3F3B8317C097}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Burn4Free CD and DVD (HKLM-x32\...\Burn4Free) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.9.1 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Driver Install 64-bit (HKLM-x32\...\InstallShield_{DED365F8-E10B-43B0-A9C4-B5542A1E2DDD}) (Version: 1.00.0000 - Your Company Name)
Driver Install 64-bit (x32 Version: 1.00.0000 - Your Company Name) Hidden
DWG TrueConvert™ (HKLM-x32\...\{5783F2D7-0221-0409-0000-0060B0CE6BBA}) (Version: 16.2.0.0 - autodesk)
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
EASEUS Partition Master 4.1.1 Professional (HKLM-x32\...\EASEUS Partition Master Professional Edition_is1) (Version:  - EASEUS)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular für Privatanwender 12.3.2.6814p) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Free Launch Bar 64-bit Edition (HKLM\...\{85C76689-536B-4CD4-AD94-2F5D259C084B}) (Version: 2.0.0.0 - Tordex)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Garmin POI Loader (HKLM-x32\...\{D181A318-28DF-4B83-8F13-24C2D0BDA12D}) (Version: 2.6.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 4.33.000 - Runtime Software)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5205 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gordon's Gate Flash Driver 1.1.0.12 (HKLM-x32\...\Gordon's Gate Flash Driver) (Version: 1.1.0.12 - Sony Ericsson Mobile Communications)
GPL Ghostscript 8.71 (HKLM\...\GPL Ghostscript 8.71) (Version:  - )
Graphisoft ArchiCAD 6.5r3 GERMAN (HKLM-x32\...\Graphisoft ArchiCAD 6.5r3 GERMAN) (Version:  - )
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
ICY Hexplorer (remove only) (HKLM-x32\...\Hexplorer) (Version:  - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
IE Download Helper (HKLM\...\{BFF1715F-F0E5-4FDF-B2CC-FF5B7CC4733A}) (Version: 3.0 - IE Download Helper)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.6.1 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.6.1 - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 38.0.6 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.6 (x86 de)) (Version: 38.0.6 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.6 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mp3tag v2.49b (HKLM-x32\...\Mp3tag) (Version: v2.49b - Florian Heidenreich)
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.7.4 - F.J. Wechselberger)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
NetLimiter 2 Pro (remove only) (HKLM-x32\...\NetLimiter 2 Pro) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA 3D Vision Controller-Treiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.58 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.58 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.58 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN (HKLM-x32\...\{DBBA19C5-6EB4-4753-B881-189CF6ACB9CD}) (Version: 2.0.9 - tubIT)
Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Revit 2013 (Version: 12.02.21203 - Autodesk) Hidden
Revit 2013 Language Pack - Deutsch (Version: 12.02.21203 - Autodesk) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
SAMSUNG CDMA Modem Driver Set (HKLM-x32\...\SAMSUNG CDMA Modem) (Version:  - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SCENE LT 4.8.2.25521 x64 (HKLM\...\SCENE LT x64_is1) (Version: 4.8.2.25521 - FARO Technologies)
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sophos Anti-Rootkit 1.5.20 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.20 - Sophos Plc)
Sothink SWF Decompiler (HKLM-x32\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Sothink SWF Editor (HKLM-x32\...\{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1) (Version: 1.3 - SourceTec Software Co., LTD)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{C71067FC-288F-4E0B-88C6-44DFDA8311E2}) (Version: 4.5.9.0 - Husdawg, LLC)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Router v0.9 Beta (HKLM-x32\...\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}) (Version: 0.9.0 - Chris Pietschmann)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
web'n'walk Manager  (HKLM\...\{83F2246D-3610-4E12-9ABB-0612BD9655B2}_x) (Version: 2.6.0.385 - Option nv)
web'n'walk Manager (Version: 2.6.0.385 - Option nv) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00b of 2011-Jan-12 (Build 132) (Setup) - WIBU-SYSTEMS AG)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WISO Steuer 2014 (HKLM-x32\...\{859357DB-A89A-454F-B5E6-D4058BA29ADD}) (Version: 21.00.8480 - Buhl Data Service GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.27_TME - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit 2013\Program\APIContext.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2014\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2010-05-04 14:06 - 2012-08-27 23:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23D83F19-A343-4895-8C14-B5190A419BAE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {2A714B64-C6FD-49E5-A022-45A668637CC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {4D9BE642-9BDF-404E-B538-CB4B0FA22298} - System32\Tasks\AdobeAAMUpdater-1.0-Modi-PC-Modi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {4EE60E91-C012-424A-8C31-2291C9D14B78} - System32\Tasks\{A562434C-15A0-40B0-B7CF-67AD1E54289E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {574BB2D2-4215-433C-8B05-D9327A17ED1D} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {5D8CBA4A-95FC-4A8B-B79F-531E0D11A37D} - System32\Tasks\{9F8C6B7C-D2CF-42D0-8E74-BBA2EDCACFC2} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {65EA0985-34D9-4856-BEAB-BC90C3AF999F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3319006498-4150260777-3634854002-1001Core => C:\Users\Modi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {6945E565-9B02-4799-B3EF-9AA7E3347CEA} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {6F5FCED2-C379-4791-B4A9-5A45CD140E93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {70D3A895-9B10-4995-8859-E5CF32ED9C51} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {950785FA-33D3-4E26-9674-17EAA68B5784} - System32\Tasks\{F29DA6E6-1501-4F34-B3CB-25E43C6515C9} => pcalua.exe -a "C:\PROGRA~4\ArchiCAD 6.5\UNWISE.EXE" -c C:\PROGRA~4\ArchiCAD 6.5\INSTALL.LOG
Task: {A7F108AF-F1EF-4BB1-B904-38A1D6CB4AB2} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-05] (Microsoft Corporation)
Task: {AFB6DBA3-C5BF-4E28-A8B3-6B1BE74F7073} - System32\Tasks\{14576185-CC62-4601-A751-5F1F084EFF3E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {BA085A7D-43DD-46E7-A7D0-D4B167CEF79A} - System32\Tasks\{8383A47F-7E74-46E5-931B-7D256C4CFEB2} => pcalua.exe -a "C:\Users\Modi\Downloads\acad\archicad 8.1\Setup.exe" -d "C:\Users\Modi\Downloads\acad\archicad 8.1"
Task: {C420973A-B1C5-4FCB-84B9-F42742EA606D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {CC5D6850-2E42-48AF-8DBE-1E4F86E2AE5B} - System32\Tasks\{444CC984-C6E6-48D3-A506-57ED55EEC0CB} => pcalua.exe -a C:\PROGRA~2\ARCHIC~1.5\UNWISE.EXE -c C:\PROGRA~2\ARCHIC~1.5\INSTALL.LOG
Task: {E6814066-F036-4C40-B310-BB32F755EE9D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3319006498-4150260777-3634854002-1001UA => C:\Users\Modi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {E9AA472B-F554-4325-9CFF-C85B67D5B6F8} - System32\Tasks\{365E6BF1-66D0-4BBA-A09E-D7501AFAFD11} => pcalua.exe -a "C:\Users\Modi\Desktop\Netlimiter 2.0.10.1 x64.exe" -d C:\Users\Modi\Desktop
Task: {EAE4EDE4-9211-4883-9D04-B66DD2D0100C} - System32\Tasks\Opera scheduled Autoupdate 1434746935 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software)
Task: {F3CEBDAB-9C8B-467F-97B6-E88504AB928E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10] (Oracle Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-10-28 00:26 - 2013-10-15 23:47 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-12-14 16:12 - 2007-08-13 11:41 - 00022016 _____ () C:\Windows\System32\cl31cl6.dll
2010-05-03 11:22 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-12-30 15:39 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2015-03-29 12:29 - 2015-03-29 12:29 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-06-01 16:00 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2010-02-25 22:52 - 2008-07-29 20:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-12-30 15:38 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-03-10 18:54 - 2015-03-10 18:54 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\bc9bcf53b97e0180a22783ef8b2567c2\PSIClient.ni.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:8FF81EB0
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\microsoft.com -> *.update.microsoft.com
IE trusted site: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\windowsupdate.com -> windowsupdate.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: nlsvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TuneUp.Defrag => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: WDFME => 2
MSCONFIG\Services: WDSC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat - Schnellstart.lnk => C:\Windows\pss\Adobe Acrobat - Schnellstart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk => C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Netzwerk Server.lnk => C:\Windows\pss\Netzwerk Server.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Modi\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files (x86)\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: GMX SMS-Manager => C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F7D2772F-0B81-426F-8578-141D6C46D434}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{21794B7D-038C-46C3-ABB2-BA02D7D5331A}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{D44B1660-1054-4F94-B4A6-92F0CC1C08FC}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{0584C4F0-F225-4D4C-9E47-0253EFDA52EA}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{6ADB8A43-55CE-4931-84A3-DDDA223050BD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE400062-E8E9-4B62-9299-4993E9BA520D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{34D278AF-2F4F-4FFF-AFFF-6870EE196BEE}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{B3DD5BCA-9101-40DC-865F-ED29B1C2D2DC}] => (Allow) LPort=26675
FirewallRules: [{5E0D7C75-ECF6-4E20-8A3A-1B48DC762BD4}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{67068B71-EE5C-437F-99BE-8834250DC4D8}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{971877BF-ECE6-420F-8D34-7835679335F8}] => (Allow) LPort=26675
FirewallRules: [{F8697881-9970-476B-A837-3C4070175F2C}] => (Allow) LPort=5353
FirewallRules: [{700602CC-8D0E-40AF-973F-CBB8F6ECDEA7}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{997D793C-53FC-4511-8A66-5D94CDE4EDC2}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{AA454716-066F-4E42-88C5-5A6FCB0753B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E5C5B51B-1E85-480F-B504-DE8E245D9D5F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BC78C804-457A-40D3-9721-A725277D48FE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{955A4E34-5056-4D62-8061-61156D9C64FB}] => (Allow) svchost.exe
FirewallRules: [{3F44E5DD-1866-446C-91DF-306822C8EDAE}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{8F85ED85-85D0-4C07-8FE2-9D9CB3D512DF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08z\FAXRX.exe
FirewallRules: [{A81FBBCC-C73A-4025-B6E3-C3333F8E13E5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08z\FAXRX.exe
FirewallRules: [{5DA62D22-788B-4634-A499-2097241C3291}] => (Allow) LPort=54925
FirewallRules: [{61C6CF7D-C72A-475E-82BB-A85E9B8CB11B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{988329F4-A1A1-4D51-803C-EF2725A97627}\setup\hpznui40.exe
FirewallRules: [{472D8E19-42A0-43AB-9BE8-1B0FF5976545}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{154AC88C-9065-405B-9EA8-C895AEC0DBB6}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{15392196-2638-412A-83E3-8FE1AB59DAA8}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{A4798657-114B-4487-AC96-2FAC1533194F}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{52EF2D4B-C2F8-4137-BA34-2BE77CAD4F78}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{0E587EEE-0D4A-43AB-BE90-421A5D1617F7}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{D61D3C04-5663-4FF9-9BB9-E168731DA159}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{424FC3A2-D01B-4BCD-956F-2D1C3835A4EB}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{A9475651-E6EB-4310-A846-8729753919FF}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{4FC6C223-F15E-482A-B0AC-344F141FB7B1}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{CEB5C6FB-AE00-40A1-9B80-FB4E0363DC81}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{D1B8F217-E71D-44A8-924F-8211A4AB9E7C}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{497E63A2-6666-4CA5-B67B-6974FBCC704B}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{7EEA6669-E7D5-4253-B1AF-5BD6FF9EC77F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DCDA8AF8-5B0B-4E93-84BF-DF0D48C210F4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{9666A466-47AC-49BD-9D69-352A67979D4A}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [UDP Query User{21A2B66E-2AD4-4719-B1C6-7573E6286F0B}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [TCP Query User{F213EDEA-AAA0-4652-93FE-52D14B86A41B}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Block) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{1014128F-28CA-4972-93F4-1AEEAADA3B04}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Block) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [TCP Query User{AC12EF30-2C7C-4CA0-BDA5-5062B530F848}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{AD9896C7-DC1A-45A5-BC24-98CC18B06A15}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{769E3409-C747-42DF-B392-71C071477F26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D8034ED2-F015-4DBC-9086-C2717EB8938F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4B02198D-2F9E-4542-A7FB-B9F2C6CDA402}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D40F4695-DA9D-446F-996F-4BFB83720A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{113911FF-9A99-400A-A733-6971B66EAAE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3B7BC4C1-87A4-4B0B-BD32-F102D54E8CC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{657EE55B-F2C5-4719-B3CE-8126A211866A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BC90B1AB-061B-4B75-84C7-A590662377DC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AF7C0631-8F58-49AF-8E82-E502C1D1DEE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B3EA02-21D8-4BDE-A514-94AC42BD39B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9D3C3AFE-4648-439F-8441-9891589B2CE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8F9F1D28-A242-48BC-AF72-D760623F9928}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{44624729-AACC-486C-8ED3-40827E99B370}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D3244176-A8DD-4077-8892-CACCA2143A42}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{793539DC-5D0A-4B76-9419-C37B137871E8}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3A7ECEBD-6611-4FAA-A9B5-F0EE0A4D7D60}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D53EE216-D388-48F6-B806-C8ACB5AC26B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{702CF894-3EFF-491A-A42C-8EF558BBDD3C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5F8FF769-2909-4163-ABE8-F52179C9DDFB}] => (Allow) LPort=49188
FirewallRules: [{98F84401-DA81-4457-81EC-B5C9D7C0FB38}] => (Allow) LPort=5000

==================== Faulty Device Manager Devices =============

Name: Broadcom NetLink (TM) Gigabit Ethernet
Description: Broadcom NetLink (TM) Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2015 08:22:34 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: IPv4-Fehler beim Starten des Diensts für Windows Mobile 2003-Geräteverbindungen. (Die Daten enthalten den Fehlercode.)

Error: (06/29/2015 08:20:15 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (06/28/2015 10:55:02 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: IPv4-Fehler beim Starten des Diensts für Windows Mobile 2003-Geräteverbindungen. (Die Daten enthalten den Fehlercode.)

Error: (06/28/2015 10:52:49 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (06/20/2015 04:30:58 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - Mozilla Firefox 38.0.5 (x86 de); Fehler = 0x80070422).

Error: (06/20/2015 04:27:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed Facebook Video Calling 3.1.0.521; Fehler = 0x80070422).

Error: (06/20/2015 04:27:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed Facebook Video Calling 3.1.0.521; Fehler = 0x80070422).

Error: (06/20/2015 04:27:41 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - Facebook Video Calling 3.1.0.521; Fehler = 0x80070422).

Error: (06/20/2015 04:25:20 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: GetSteamInstallPath failed 2

Error: (06/20/2015 04:25:18 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Steam wird entfernt; Fehler = 0x80070422).


System errors:
=============
Error: (06/30/2015 06:07:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/30/2015 06:07:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 126

Error: (06/30/2015 00:24:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/30/2015 00:24:33 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 126

Error: (06/30/2015 00:16:08 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/29/2015 11:55:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/29/2015 11:55:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 126

Error: (06/29/2015 09:31:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NetLimiter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/29/2015 09:16:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/29/2015 09:16:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (02/11/2011 06:58:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2910 seconds with 1860 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-12-26 12:44:43.643
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:43.254
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:39.442
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:39.091
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:35.785
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:35.402
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:32.214
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:31.860
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:28.988
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:28.654
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 59%
Total physical RAM: 4090.93 MB
Available physical RAM: 1637.21 MB
Total Pagefile: 8180.06 MB
Available Pagefile: 5457.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:224.89 GB) (Free:56.61 GB) NTFS
Drive d: (Volume) (Fixed) (Total:443.64 GB) (Free:149.31 GB) NTFS
Drive j: (2. System) (Fixed) (Total:29.99 GB) (Free:20.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 3CDD33AE)
Partition 1: (Active) - (Size=110 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=224.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=473.6 GB) - (Type=OF Extended)

==================== End of log ============================

--- --- ---

cosinus · 30.06.2015, 17:45

FRST.txt ist unvollständig

Kris_ · 30.06.2015, 17:49

Sorry, mehr war nicht drin.
Weiterer scan wird gerade durchgeführt.

ein neuer :-)

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Modi (administrator) on MODI-PC on 30-06-2015 18:47:30
Running from C:\Users\Modi\Desktop
Loaded Profiles: Modi & UpdatusUser (Available Profiles: Modi & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(OptionNV) C:\Program Files\T-Mobile\GlobeTrotter Connect\GtDetectSc.exe
(Locktime Software) C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Locktime Software) C:\Program Files\NetLimiter 2 Pro\NLClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Akamai Technologies, Inc.) C:\Users\Modi\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Akamai Technologies, Inc.) C:\Users\Modi\AppData\Local\Akamai\netsession_win.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-09-30] (Acer Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [370176 2010-06-17] (shbox.de)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2127896 2012-11-22] (Microsoft Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-10-30] (Samsung Electronics)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Modi\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3319006498-4150260777-3634854002-1010\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\S-1-5-21-3319006498-4150260777-3634854002-1010\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [438272 2009-07-08] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2014-08-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: DownloadHelper Class -> {FF2573AE-E1ED-40e1-83BA-F544CB2EE135} -> C:\Program Files\Common Files\Download Helper\DownloadHelperx64.dll [2010-06-17] (IE Download Helper)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {99FE5072-78AA-4FEE-89BA-69A5FA55343F} hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0A719F4F-8038-4023-A4CE-52FB0A4B0CF6}: [DhcpNameServer] 212.23.115.148 212.23.115.132
Tcpip\..\Interfaces\{AE3FEB77-5F62-46F7-A218-E9295E362423}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D30908C5-7CE0-482E-A100-8E7CC8D48257}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default
FF Homepage: file:///C:/startseite/explorerstartseite.html
FF Keyword.URL: 
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-04] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-15] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-11-05] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-04] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-06-03] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-11-05] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-15] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-15] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009-05-01] (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll [2010-01-05] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009-05-01] (The OpenSSL Project, hxxp://www.openssl.org/)
FF Extension: Avira Browser Safety - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\abs@avira.com [2015-06-04]
FF Extension: [verify-U]-Add-on - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\verify-u_2@cybits.de [2012-11-15]
FF Extension: Firebug - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\firebug@software.joehewitt.com.xpi [2011-04-02]
FF Extension: ProxTube - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\ich@maltegoetz.de.xpi [2014-09-12]
FF Extension: TinEye Reverse Image Search - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\tineye@ideeinc.com.xpi [2011-08-15]
FF Extension: NoScript - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-16]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2014-01-15]
FF Extension: Adblock Plus - C:\Users\Modi\AppData\Roaming\Mozilla\Firefox\Profiles\b20e40qm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2015-06-04]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-06-04]

Chrome: 
=======
CHR Profile: C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-15]
CHR Extension: (Google Drive) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-15]
CHR Extension: (YouTube) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-15]
CHR Extension: (Adblock Plus) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-15]
CHR Extension: (Google Search) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-31]
CHR Extension: (Google Wallet) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-15]
CHR Extension: (Gmail) - C:\Users\Modi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedul2.exe [571160 2007-08-23] (Acronis)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-19] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-19] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-19] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
R2 GtDetectSc; C:\Program Files\T-Mobile\GlobeTrotter Connect\GtDetectSc.exe [314880 2008-05-08] (OptionNV) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 nlsvc; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [867840 2007-05-13] (Locktime Software) [File not signed]
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-18] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2009-11-18] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2009-08-26] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2009-08-26] () [File not signed]
S3 EuDisk; C:\Windows\System32\DRIVERS\EuDisk.sys [137608 2009-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2009-09-16] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2009-09-16] () [File not signed]
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] () [File not signed]
S3 GT72NDISIPXP; C:\Windows\System32\DRIVERS\Gt51Ip.sys [124928 2008-02-18] (Option N.V.)
S3 GT72UBUS; C:\Windows\System32\DRIVERS\gt72ubus.sys [80896 2008-02-08] (Option N.V.)
S3 GTPTSER; C:\Windows\System32\DRIVERS\gtptser.sys [10624 2007-03-30] (Option N.V.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-30] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R1 nltdi; C:\Windows\system32\drivers\nltdi.sys [89320 2007-05-13] (Locktime Software)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2011-05-13] () [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2010-01-21] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27648 2010-01-21] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33280 2010-01-21] (LG Electronics Inc.)
S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [119552 2005-03-24] (Microsoft Corporation) [File not signed]
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2009-02-13] (Western Digital Technologies) [File not signed]
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [103224 2009-12-03] (WIBU-SYSTEMS AG)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 MEMSWEEP2; \??\C:\Windows\system32\7A20.tmp [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 TVICPORT; \??\C:\Windows\system32\DRIVERS\TVICPORT.SYS [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 18:18 - 2015-06-30 18:47 - 00029112 _____ C:\Users\Modi\Desktop\FRST.txt
2015-06-30 00:15 - 2015-06-30 00:15 - 00000000 ____D C:\Users\Modi\Desktop\FRST-OlderVersion
2015-06-29 21:24 - 2015-06-30 18:18 - 00062016 _____ C:\Users\Modi\Desktop\Addition.txt
2015-06-29 21:16 - 2015-06-29 21:16 - 00000000 ____D C:\Users\Modi\Desktop\alt
2015-06-29 21:15 - 2015-06-29 21:15 - 00000207 _____ C:\Windows\tweaking.com-regbackup-MODI-PC-Windows-7-Home-Premium-(64-bit).dat
2015-06-29 21:15 - 2015-06-29 21:15 - 00000000 ____D C:\RegBackup
2015-06-29 21:13 - 2015-06-29 21:13 - 02950645 _____ (Malwarebytes Corporation) C:\Users\Modi\Desktop\JRT.exe
2015-06-29 20:55 - 2015-06-29 20:58 - 00000000 ____D C:\AdwCleaner
2015-06-29 20:40 - 2015-06-29 20:40 - 02244096 _____ C:\Users\Modi\Desktop\AdwCleaner_4.207.exe
2015-06-22 23:46 - 2015-06-30 00:06 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-22 23:45 - 2015-06-22 23:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-22 23:45 - 2015-06-22 23:45 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-22 23:45 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-22 23:45 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-22 23:41 - 2015-06-22 23:42 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Modi\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-20 16:43 - 2015-06-20 16:43 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-20 16:43 - 2015-06-20 16:43 - 00001115 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-20 16:42 - 2015-06-20 16:43 - 40114248 _____ C:\Users\Modi\Downloads\Firefox_Setup_38.0.6de.exe
2015-06-20 16:42 - 2015-06-20 16:43 - 40114248 _____ C:\Users\Modi\Downloads\Firefox_Setup_38.0.6de (1).exe
2015-06-20 16:41 - 2015-06-20 16:41 - 01198368 _____ C:\Users\Modi\Downloads\Firefox - CHIP-Installer.exe
2015-06-19 22:49 - 2015-06-30 00:06 - 00003850 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434746935
2015-06-19 22:49 - 2015-06-19 22:49 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Opera Software
2015-06-19 22:49 - 2015-06-19 22:49 - 00000000 ____D C:\Users\Modi\AppData\Local\Opera Software
2015-06-19 22:49 - 2015-06-19 22:48 - 00001103 _____ C:\Users\Public\Desktop\Opera.lnk
2015-06-19 22:49 - 2015-06-19 22:48 - 00001103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-19 22:48 - 2015-06-30 00:24 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-19 22:25 - 2015-06-19 22:25 - 00001232 _____ C:\Users\Modi\Desktop\Revo Uninstaller.lnk
2015-06-19 22:25 - 2015-06-19 22:25 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-19 22:24 - 2015-06-19 22:24 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Modi\Desktop\revosetup95.exe
2015-06-19 18:07 - 2015-06-30 18:47 - 00000000 ____D C:\FRST
2015-06-19 18:07 - 2015-06-30 00:15 - 02112512 _____ (Farbar) C:\Users\Modi\Desktop\FRST64.exe
2015-06-15 19:06 - 2012-08-27 23:48 - 00000027 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-06-15 18:53 - 2015-06-19 22:46 - 00000000 ____D C:\Users\Modi\AppData\Local\CrashDumps
2015-06-15 18:51 - 2015-06-15 18:51 - 00000000 _____ C:\Windows\prleth.sys
2015-06-15 18:51 - 2015-06-15 18:51 - 00000000 _____ C:\Windows\hgfs.sys
2015-06-15 18:46 - 2015-06-15 18:46 - 00000000 ____D C:\Users\Modi\Documents\eRightSoft
2015-06-15 18:42 - 2015-06-15 18:44 - 69207083 _____ (eRightSoft ) C:\Users\Modi\Downloads\SUPERsetup.exe
2015-06-11 20:13 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-11 20:13 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-11 20:13 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-11 20:13 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-11 20:13 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-11 20:13 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-11 20:13 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-11 20:13 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-11 20:13 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-11 20:13 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-11 20:13 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-11 20:13 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-11 20:13 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-11 20:13 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-11 20:12 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-11 20:12 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-11 20:12 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-11 20:12 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-11 20:12 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-11 20:12 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-11 20:12 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-11 20:12 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-11 20:12 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-11 20:12 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-11 20:12 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-11 20:12 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-11 20:12 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-11 20:12 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-11 20:12 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-11 20:12 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-11 20:12 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-11 20:12 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-11 20:12 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-11 20:12 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-11 20:12 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-11 20:12 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-11 20:12 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-11 20:12 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-11 20:12 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-11 20:12 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-11 20:12 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-11 20:12 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-11 20:12 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-11 20:12 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-11 20:12 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-11 20:12 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-11 20:12 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-11 20:12 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-11 20:12 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-11 20:12 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-11 20:12 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-11 20:12 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-11 20:12 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-11 20:12 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-11 20:12 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-11 20:12 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-11 20:12 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-11 20:12 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-11 20:12 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-11 20:12 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-11 20:12 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-11 20:12 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-11 20:12 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-11 20:12 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-11 20:12 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-11 20:12 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-11 20:12 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-11 20:12 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-11 20:12 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-11 20:12 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-11 20:12 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-11 20:12 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-11 20:12 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-11 20:12 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-11 20:11 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-11 20:11 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-11 20:11 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-11 20:11 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-11 20:11 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-11 20:11 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-11 20:11 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-11 20:11 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-11 20:11 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

Code:

ATTFilter

2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-11 20:11 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-11 20:11 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-11 20:11 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-11 20:11 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-11 20:11 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-11 20:11 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-11 20:11 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-11 20:11 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-11 20:11 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-11 20:11 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-11 20:11 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-11 20:11 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-11 20:11 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-11 20:11 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 20:11 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-11 20:10 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 20:10 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 20:10 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-11 20:10 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-11 19:48 - 2015-06-11 19:49 - 00000000 ____D C:\Users\Modi\Downloads\Sarah Connor
2015-06-11 19:35 - 2015-06-11 19:39 - 00000000 ____D C:\Users\Modi\Downloads\Yvonne Catterfeld Lieber so
2015-06-11 19:32 - 2015-06-11 19:34 - 142133139 _____ C:\Users\Modi\Downloads\Yvonne Catterfeld_lieber so .rar
2015-06-11 19:29 - 2015-06-11 19:48 - 123839695 _____ C:\Users\Modi\Downloads\Sarah Connor - Muttersprache (mp3boo.me).zip
2015-06-04 21:51 - 2015-06-04 21:51 - 00000000 ____D C:\Users\Modi\AppData\Local\GWX
2015-06-04 01:36 - 2015-06-20 16:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 18:38 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-30 18:38 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-30 18:33 - 2012-09-27 17:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-30 18:22 - 2010-02-25 22:48 - 01603889 _____ C:\Windows\WindowsUpdate.log
2015-06-30 18:17 - 2014-06-22 16:30 - 00000000 ____D C:\Users\Modi\AppData\Local\Adobe
2015-06-30 18:07 - 2013-05-24 18:59 - 00116820 _____ C:\Windows\setupact.log
2015-06-30 18:07 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-30 18:06 - 2013-10-28 00:26 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-30 00:25 - 2012-07-20 21:38 - 00198656 ___SH C:\Users\Modi\Desktop\Thumbs.db
2015-06-29 23:59 - 2012-09-27 17:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-29 23:55 - 2013-08-23 15:02 - 00685578 _____ C:\Windows\PFRO.log
2015-06-29 23:55 - 2011-04-03 13:20 - 00000000 ____D C:\ProgramData\Avira
2015-06-29 21:51 - 2012-01-02 15:58 - 00000000 ____D C:\Users\Modi\AppData\Local\Facebook
2015-06-29 21:38 - 2014-08-07 09:45 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-29 21:37 - 2014-11-07 23:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-29 21:37 - 2013-02-23 09:48 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-29 20:58 - 2014-01-15 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-29 20:58 - 2010-02-25 22:50 - 00000997 _____ C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-29 20:20 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-23 00:38 - 2010-02-26 02:54 - 00000000 ____D C:\ProgramData\ICQ
2015-06-22 23:45 - 2012-08-21 21:20 - 00001070 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-22 23:45 - 2012-08-21 21:20 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Malwarebytes
2015-06-22 23:45 - 2012-08-21 21:20 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-22 23:31 - 2010-02-25 22:49 - 00119064 _____ C:\Users\Modi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-22 23:26 - 2009-07-14 06:45 - 05300440 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-22 23:25 - 2012-04-26 20:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-22 23:25 - 2009-10-28 19:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-20 16:24 - 2010-11-04 18:29 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2015-06-20 16:11 - 2010-04-07 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nemetschek
2015-06-20 16:07 - 2012-06-17 17:07 - 00000000 ____D C:\Users\Modi\AppData\Roaming\com.unitedinternet.ums.sms-mms-manager
2015-06-20 16:07 - 2010-02-26 02:49 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GMX
2015-06-20 16:07 - 2010-02-26 02:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMX
2015-06-20 16:06 - 2012-06-17 17:07 - 00000000 ____D C:\Program Files (x86)\GMX SMS-MMS-Manager
2015-06-20 16:06 - 2010-02-26 03:21 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Gadu-Gadu 10
2015-06-20 16:06 - 2010-02-26 03:21 - 00000000 ____D C:\ProgramData\Gadu-Gadu 10
2015-06-20 16:04 - 2012-11-17 20:50 - 00000000 ____D C:\Program Files (x86)\Brotherhood Software
2015-06-20 16:03 - 2012-11-17 20:49 - 00000000 ____D C:\Users\Modi\AppData\Local\Captcha_Brotherhood
2015-06-20 16:02 - 2011-11-30 11:22 - 00000000 ____D C:\Program Files (x86)\HEITKER
2015-06-20 15:52 - 2010-03-28 18:00 - 00000000 ____D C:\ProgramData\Codemasters
2015-06-20 15:52 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-20 15:49 - 2011-11-06 17:09 - 00000000 ____D C:\Program Files (x86)\MAXON
2015-06-20 15:48 - 2011-11-06 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2015-06-20 15:37 - 2010-04-22 11:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-20 15:36 - 2009-10-28 19:12 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-20 15:35 - 2010-07-15 17:12 - 00000000 ____D C:\Program Files\Adobe
2015-06-19 23:00 - 2014-01-07 23:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-06-19 21:33 - 2013-03-28 23:33 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-19 21:33 - 2013-03-28 23:33 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-19 21:30 - 2010-02-26 07:34 - 00700720 _____ C:\Windows\system32\perfh007.dat
2015-06-19 21:30 - 2010-02-26 07:34 - 00150326 _____ C:\Windows\system32\perfc007.dat
2015-06-19 21:30 - 2009-07-14 07:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-19 18:45 - 2015-04-22 23:22 - 00000000 __SHD C:\Users\Modi\AppData\Local\EmieBrowserModeList
2015-06-19 18:45 - 2014-08-13 22:10 - 00000000 __SHD C:\Users\Modi\AppData\Local\EmieUserList
2015-06-19 18:45 - 2014-08-13 22:10 - 00000000 __SHD C:\Users\Modi\AppData\Local\EmieSiteList
2015-06-17 21:08 - 2014-08-13 22:06 - 00000652 _____ C:\Windows\wiso.ini
2015-06-17 21:05 - 2010-02-26 02:45 - 00000000 ____D C:\Users\Modi\AppData\Roaming\FileZilla
2015-06-17 20:37 - 2011-04-01 13:29 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-15 19:22 - 2014-12-15 22:02 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-15 19:22 - 2014-05-01 13:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-15 19:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-15 19:18 - 2009-10-29 07:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 18:46 - 2012-01-18 01:07 - 00000000 ____D C:\Users\Modi\AppData\Roaming\Mp3tag
2015-06-15 18:35 - 2013-08-19 15:28 - 00000000 ____D C:\Windows\system32\MRT
2015-06-15 18:34 - 2010-02-26 18:00 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-04 21:43 - 2012-03-31 16:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-04 21:43 - 2011-05-18 08:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-04 01:10 - 2010-11-22 22:06 - 00000000 ____D C:\Users\Modi\Graphisoft
2015-06-04 00:54 - 2010-07-21 01:11 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-04 00:54 - 2010-07-21 01:11 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2012-08-29 23:44 - 2012-08-29 23:42 - 0021494 _____ () C:\Program Files\0x0409.ini
2012-08-29 23:44 - 2012-08-29 23:42 - 0003584 _____ () C:\Program Files\1033.MST
2012-08-29 23:44 - 2012-08-29 23:43 - 93130240 _____ () C:\Program Files\Samsung Kies.msi
2010-11-08 22:15 - 2010-11-08 22:15 - 0000132 _____ () C:\Users\Modi\AppData\Roaming\Adobe BMP Format CS5 Prefs
2011-02-13 17:22 - 2012-11-01 21:04 - 0000132 _____ () C:\Users\Modi\AppData\Roaming\Adobe GIF Format CS5 Prefs
2010-04-23 14:31 - 2011-06-21 18:52 - 0002910 _____ () C:\Users\Modi\AppData\Roaming\hexplorer.dat
2010-04-23 14:31 - 2011-06-21 18:52 - 0000127 _____ () C:\Users\Modi\AppData\Roaming\mclip.dat
2010-10-22 13:05 - 2014-03-30 21:09 - 0001044 _____ () C:\Users\Modi\AppData\Roaming\wklnhst.dat
2010-07-23 17:31 - 2014-10-28 08:47 - 0001456 _____ () C:\Users\Modi\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2010-11-23 09:34 - 2010-11-23 10:42 - 0004608 _____ () C:\Users\Modi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-04-01 18:35 - 2012-08-22 17:52 - 0007612 _____ () C:\Users\Modi\AppData\Local\Resmon.ResmonCfg
2013-11-03 18:44 - 2013-11-09 16:41 - 0000125 ___SH () C:\ProgramData\.zreglib
2010-02-25 22:53 - 2010-02-25 22:58 - 0007820 _____ () C:\ProgramData\ArcadeDeluxe3.log
2010-02-26 20:23 - 2010-02-26 22:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2009-10-29 07:58 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2010-12-03 19:45 - 2011-02-19 18:05 - 0020734 _____ () C:\ProgramData\hpzinstall.log
2010-05-04 22:06 - 2010-05-04 22:07 - 0000091 _____ () C:\ProgramData\PS.log

Some files in TEMP:
====================
C:\Users\Modi\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-29 07:07

==================== End of log ============================

Kris_ · 30.06.2015, 17:51

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Modi at 2015-06-30 18:48:10
Running from C:\Users\Modi\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3319006498-4150260777-3634854002-500 - Administrator - Disabled)
Gast (S-1-5-21-3319006498-4150260777-3634854002-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3319006498-4150260777-3634854002-1004 - Limited - Enabled)
Modi (S-1-5-21-3319006498-4150260777-3634854002-1001 - Administrator - Enabled) => C:\Users\Modi
UpdatusUser (S-1-5-21-3319006498-4150260777-3634854002-1010 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.29 - NewTech Infosystems)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.7.1 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.7.0715 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActivePerl 5.14.2 Build 1402 (64-bit) (HKLM\...\{4FC945A7-D54E-4F00-BE32-90553F80FCE8}) (Version: 5.14.1402 - ActiveState)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.2.202.235 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.3.6.0 - SlySoft)
A-PDF Restrictions Remover 1.6 (HKLM-x32\...\A-PDF Restrictions Remover_is1) (Version:  - A-PDF Solution)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ArchiCAD 15 R1 GER (HKLM\...\001FFF2FFF15FF00FF0201F01F02F000-R1) (Version: 15.0 - Graphisoft)
AutoCAD 2010 - Deutsch (HKLM\...\AutoCAD 2010 - Deutsch) (Version: 18.0.55.0 - Autodesk)
AutoCAD 2010 - Deutsch (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD 2010 Language Pack - Deutsch (Version: 18.0.55.0 - Autodesk) Hidden
AutoCAD DWG and DXF To PDF Converter v2.2 (HKLM-x32\...\AutoCAD DWG and DXF To PDF Converter v2.2_is1) (Version:  - VeryPDF.com Inc)
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2013 (HKLM-x32\...\{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2013 (HKLM-x32\...\{58760EEC-8B6A-43F4-81AA-696E381DFADD}) (Version: 3.0.13 - Autodesk)
Autodesk Revit 2013 (HKLM\...\Autodesk Revit 2013) (Version: 12.02.21203 - Autodesk)
AVAPLAN Studio 2008 Version 1.9.3 (HKLM-x32\...\AVAPLAN Studio 2008_is1) (Version: 1.9 - AVAPLAN)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Backup Manager Basic (x32 Version: 2.0.0.29 - NewTech Infosystems) Hidden
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.1.165.0 - Microsoft Corporation)
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Brother MFC-5890CN (HKLM-x32\...\{BA9388B4-D7F3-4F4A-99BC-65A10E69C5BD}) (Version: 1.00 - Brother)
Brother MFL-Pro Suite MFC-5890CN (HKLM-x32\...\{20E970DF-A7B2-4345-9DEB-72213A29645E}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-6890CDW (HKLM-x32\...\{F9626826-162E-4EFD-9440-3F3B8317C097}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Burn4Free CD and DVD (HKLM-x32\...\Burn4Free) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.9.1 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Driver Install 64-bit (HKLM-x32\...\InstallShield_{DED365F8-E10B-43B0-A9C4-B5542A1E2DDD}) (Version: 1.00.0000 - Your Company Name)
Driver Install 64-bit (x32 Version: 1.00.0000 - Your Company Name) Hidden
DWG TrueConvert™ (HKLM-x32\...\{5783F2D7-0221-0409-0000-0060B0CE6BBA}) (Version: 16.2.0.0 - autodesk)
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
EASEUS Partition Master 4.1.1 Professional (HKLM-x32\...\EASEUS Partition Master Professional Edition_is1) (Version:  - EASEUS)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular für Privatanwender 12.3.2.6814p) (Version: 15.2.13992 - Landesfinanzdirektion Thüringen)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Free Launch Bar 64-bit Edition (HKLM\...\{85C76689-536B-4CD4-AD94-2F5D259C084B}) (Version: 2.0.0.0 - Tordex)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Garmin POI Loader (HKLM-x32\...\{D181A318-28DF-4B83-8F13-24C2D0BDA12D}) (Version: 2.6.1.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GetDataBack for FAT (HKLM-x32\...\{2EEEC858-21F8-419B-8FE2-820621BFFCD7}) (Version: 4.33.000 - Runtime Software)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.25.000 - Runtime Software)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.62.5205 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Gordon's Gate Flash Driver 1.1.0.12 (HKLM-x32\...\Gordon's Gate Flash Driver) (Version: 1.1.0.12 - Sony Ericsson Mobile Communications)
GPL Ghostscript 8.71 (HKLM\...\GPL Ghostscript 8.71) (Version:  - )
Graphisoft ArchiCAD 6.5r3 GERMAN (HKLM-x32\...\Graphisoft ArchiCAD 6.5r3 GERMAN) (Version:  - )
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
ICY Hexplorer (remove only) (HKLM-x32\...\Hexplorer) (Version:  - )
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
IE Download Helper (HKLM\...\{BFF1715F-F0E5-4FDF-B2CC-FF5B7CC4733A}) (Version: 3.0 - IE Download Helper)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 5.6.1 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.6.1 - )
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 38.0.6 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.6 (x86 de)) (Version: 38.0.6 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.6 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mp3tag v2.49b (HKLM-x32\...\Mp3tag) (Version: v2.49b - Florian Heidenreich)
MPEG2 Codec(libmpeg2/mad) (HKLM-x32\...\MPEG2 Codec(libmpeg2/mad)) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.7.4 - F.J. Wechselberger)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
NetLimiter 2 Pro (remove only) (HKLM-x32\...\NetLimiter 2 Pro) (Version:  - )
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
NVIDIA 3D Vision Controller-Treiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.58 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.58 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.58 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN (HKLM-x32\...\{DBBA19C5-6EB4-4753-B881-189CF6ACB9CD}) (Version: 2.0.9 - tubIT)
Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5911 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Revit 2013 (Version: 12.02.21203 - Autodesk) Hidden
Revit 2013 Language Pack - Deutsch (Version: 12.02.21203 - Autodesk) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
SAMSUNG CDMA Modem Driver Set (HKLM-x32\...\SAMSUNG CDMA Modem) (Version:  - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14072.12 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
SCENE LT 4.8.2.25521 x64 (HKLM\...\SCENE LT x64_is1) (Version: 4.8.2.25521 - FARO Technologies)
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sophos Anti-Rootkit 1.5.20 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.20 - Sophos Plc)
Sothink SWF Decompiler (HKLM-x32\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
Sothink SWF Editor (HKLM-x32\...\{0BF1DE3D-31B9-417F-A915-4BCC5AAEE3CD}_is1) (Version: 1.3 - SourceTec Software Co., LTD)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{C71067FC-288F-4E0B-88C6-44DFDA8311E2}) (Version: 4.5.9.0 - Husdawg, LLC)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC 9.0 Runtime (x32 Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Router v0.9 Beta (HKLM-x32\...\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}) (Version: 0.9.0 - Chris Pietschmann)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
web'n'walk Manager  (HKLM\...\{83F2246D-3610-4E12-9ABB-0612BD9655B2}_x) (Version: 2.6.0.385 - Option nv)
web'n'walk Manager (Version: 2.6.0.385 - Option nv) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.00b of 2011-Jan-12 (Build 132) (Setup) - WIBU-SYSTEMS AG)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WISO Steuer 2014 (HKLM-x32\...\{859357DB-A89A-454F-B5E6-D4058BA29ADD}) (Version: 21.00.8480 - Buhl Data Service GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.27_TME - ZTE Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit 2013\Program\APIContext.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2014\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD 2010\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2010\acadficn.dll (Autodesk, Inc.)

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2010-05-04 14:06 - 2012-08-27 23:48 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {23D83F19-A343-4895-8C14-B5190A419BAE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {2A714B64-C6FD-49E5-A022-45A668637CC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {4D9BE642-9BDF-404E-B538-CB4B0FA22298} - System32\Tasks\AdobeAAMUpdater-1.0-Modi-PC-Modi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {4EE60E91-C012-424A-8C31-2291C9D14B78} - System32\Tasks\{A562434C-15A0-40B0-B7CF-67AD1E54289E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {574BB2D2-4215-433C-8B05-D9327A17ED1D} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {5D8CBA4A-95FC-4A8B-B79F-531E0D11A37D} - System32\Tasks\{9F8C6B7C-D2CF-42D0-8E74-BBA2EDCACFC2} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112.259/en/abandoninstall?page=tsMain&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {65EA0985-34D9-4856-BEAB-BC90C3AF999F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3319006498-4150260777-3634854002-1001Core => C:\Users\Modi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {6945E565-9B02-4799-B3EF-9AA7E3347CEA} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {6F5FCED2-C379-4791-B4A9-5A45CD140E93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {70D3A895-9B10-4995-8859-E5CF32ED9C51} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {950785FA-33D3-4E26-9674-17EAA68B5784} - System32\Tasks\{F29DA6E6-1501-4F34-B3CB-25E43C6515C9} => pcalua.exe -a "C:\PROGRA~4\ArchiCAD 6.5\UNWISE.EXE" -c C:\PROGRA~4\ArchiCAD 6.5\INSTALL.LOG
Task: {A7F108AF-F1EF-4BB1-B904-38A1D6CB4AB2} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-05] (Microsoft Corporation)
Task: {AFB6DBA3-C5BF-4E28-A8B3-6B1BE74F7073} - System32\Tasks\{14576185-CC62-4601-A751-5F1F084EFF3E} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {BA085A7D-43DD-46E7-A7D0-D4B167CEF79A} - System32\Tasks\{8383A47F-7E74-46E5-931B-7D256C4CFEB2} => pcalua.exe -a "C:\Users\Modi\Downloads\acad\archicad 8.1\Setup.exe" -d "C:\Users\Modi\Downloads\acad\archicad 8.1"
Task: {C420973A-B1C5-4FCB-84B9-F42742EA606D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {CC5D6850-2E42-48AF-8DBE-1E4F86E2AE5B} - System32\Tasks\{444CC984-C6E6-48D3-A506-57ED55EEC0CB} => pcalua.exe -a C:\PROGRA~2\ARCHIC~1.5\UNWISE.EXE -c C:\PROGRA~2\ARCHIC~1.5\INSTALL.LOG
Task: {E6814066-F036-4C40-B310-BB32F755EE9D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3319006498-4150260777-3634854002-1001UA => C:\Users\Modi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {E9AA472B-F554-4325-9CFF-C85B67D5B6F8} - System32\Tasks\{365E6BF1-66D0-4BBA-A09E-D7501AFAFD11} => pcalua.exe -a "C:\Users\Modi\Desktop\Netlimiter 2.0.10.1 x64.exe" -d C:\Users\Modi\Desktop
Task: {EAE4EDE4-9211-4883-9D04-B66DD2D0100C} - System32\Tasks\Opera scheduled Autoupdate 1434746935 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software)
Task: {F3CEBDAB-9C8B-467F-97B6-E88504AB928E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-02-10] (Oracle Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2010-12-14 16:12 - 2007-08-13 11:41 - 00022016 _____ () C:\Windows\System32\cl31cl6.dll
2010-05-03 11:22 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2010-12-30 15:39 - 2005-04-22 14:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2013-10-28 00:26 - 2013-10-15 23:47 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-03-29 12:29 - 2015-03-29 12:29 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2010-06-01 16:00 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2010-02-25 22:52 - 2008-07-29 20:29 - 00200704 _____ () C:\Windows\PLFSetI.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2015-03-10 18:54 - 2015-03-10 18:54 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\bc9bcf53b97e0180a22783ef8b2567c2\PSIClient.ni.dll
2010-12-30 15:38 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:8FF81EB0
AlternateDataStreams: C:\ProgramData\Temp:A1EDB939

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\microsoft.com -> *.update.microsoft.com
IE trusted site: HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\...\windowsupdate.com -> windowsupdate.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3319006498-4150260777-3634854002-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Modi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: nlsvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TuneUp.Defrag => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: WDFME => 2
MSCONFIG\Services: WDSC => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat - Schnellstart.lnk => C:\Windows\pss\Adobe Acrobat - Schnellstart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk => C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Netzwerk Server.lnk => C:\Windows\pss\Netzwerk Server.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Maxtor\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Modi\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files (x86)\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: GMX SMS-Manager => C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F7D2772F-0B81-426F-8578-141D6C46D434}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{21794B7D-038C-46C3-ABB2-BA02D7D5331A}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{D44B1660-1054-4F94-B4A6-92F0CC1C08FC}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{0584C4F0-F225-4D4C-9E47-0253EFDA52EA}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{6ADB8A43-55CE-4931-84A3-DDDA223050BD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AE400062-E8E9-4B62-9299-4993E9BA520D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{34D278AF-2F4F-4FFF-AFFF-6870EE196BEE}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{B3DD5BCA-9101-40DC-865F-ED29B1C2D2DC}] => (Allow) LPort=26675
FirewallRules: [{5E0D7C75-ECF6-4E20-8A3A-1B48DC762BD4}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{67068B71-EE5C-437F-99BE-8834250DC4D8}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{971877BF-ECE6-420F-8D34-7835679335F8}] => (Allow) LPort=26675
FirewallRules: [{F8697881-9970-476B-A837-3C4070175F2C}] => (Allow) LPort=5353
FirewallRules: [{700602CC-8D0E-40AF-973F-CBB8F6ECDEA7}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{997D793C-53FC-4511-8A66-5D94CDE4EDC2}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{AA454716-066F-4E42-88C5-5A6FCB0753B3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E5C5B51B-1E85-480F-B504-DE8E245D9D5F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BC78C804-457A-40D3-9721-A725277D48FE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{955A4E34-5056-4D62-8061-61156D9C64FB}] => (Allow) svchost.exe
FirewallRules: [{3F44E5DD-1866-446C-91DF-306822C8EDAE}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{8F85ED85-85D0-4C07-8FE2-9D9CB3D512DF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08z\FAXRX.exe
FirewallRules: [{A81FBBCC-C73A-4025-B6E3-C3333F8E13E5}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08z\FAXRX.exe
FirewallRules: [{5DA62D22-788B-4634-A499-2097241C3291}] => (Allow) LPort=54925
FirewallRules: [{61C6CF7D-C72A-475E-82BB-A85E9B8CB11B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{988329F4-A1A1-4D51-803C-EF2725A97627}\setup\hpznui40.exe
FirewallRules: [{472D8E19-42A0-43AB-9BE8-1B0FF5976545}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{154AC88C-9065-405B-9EA8-C895AEC0DBB6}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{15392196-2638-412A-83E3-8FE1AB59DAA8}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{A4798657-114B-4487-AC96-2FAC1533194F}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{52EF2D4B-C2F8-4137-BA34-2BE77CAD4F78}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe
FirewallRules: [{0E587EEE-0D4A-43AB-BE90-421A5D1617F7}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{D61D3C04-5663-4FF9-9BB9-E168731DA159}] => (Allow) C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe
FirewallRules: [{424FC3A2-D01B-4BCD-956F-2D1C3835A4EB}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{A9475651-E6EB-4310-A846-8729753919FF}] => (Allow) C:\Program Files (x86)\WIBUKEY\Server\WkSvW32.exe
FirewallRules: [{4FC6C223-F15E-482A-B0AC-344F141FB7B1}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{CEB5C6FB-AE00-40A1-9B80-FB4E0363DC81}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{D1B8F217-E71D-44A8-924F-8211A4AB9E7C}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{497E63A2-6666-4CA5-B67B-6974FBCC704B}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{7EEA6669-E7D5-4253-B1AF-5BD6FF9EC77F}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DCDA8AF8-5B0B-4E93-84BF-DF0D48C210F4}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{9666A466-47AC-49BD-9D69-352A67979D4A}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [UDP Query User{21A2B66E-2AD4-4719-B1C6-7573E6286F0B}C:\program files\graphisoft\archicad 15\archicad.exe] => (Block) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [TCP Query User{F213EDEA-AAA0-4652-93FE-52D14B86A41B}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Block) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{1014128F-28CA-4972-93F4-1AEEAADA3B04}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Block) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [TCP Query User{AC12EF30-2C7C-4CA0-BDA5-5062B530F848}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{AD9896C7-DC1A-45A5-BC24-98CC18B06A15}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{769E3409-C747-42DF-B392-71C071477F26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D8034ED2-F015-4DBC-9086-C2717EB8938F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4B02198D-2F9E-4542-A7FB-B9F2C6CDA402}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D40F4695-DA9D-446F-996F-4BFB83720A27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{113911FF-9A99-400A-A733-6971B66EAAE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3B7BC4C1-87A4-4B0B-BD32-F102D54E8CC5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{657EE55B-F2C5-4719-B3CE-8126A211866A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BC90B1AB-061B-4B75-84C7-A590662377DC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{AF7C0631-8F58-49AF-8E82-E502C1D1DEE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{18B3EA02-21D8-4BDE-A514-94AC42BD39B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9D3C3AFE-4648-439F-8441-9891589B2CE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8F9F1D28-A242-48BC-AF72-D760623F9928}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{44624729-AACC-486C-8ED3-40827E99B370}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D3244176-A8DD-4077-8892-CACCA2143A42}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{793539DC-5D0A-4B76-9419-C37B137871E8}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3A7ECEBD-6611-4FAA-A9B5-F0EE0A4D7D60}C:\users\modi\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\modi\appdata\local\akamai\netsession_win.exe
FirewallRules: [{D53EE216-D388-48F6-B806-C8ACB5AC26B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{702CF894-3EFF-491A-A42C-8EF558BBDD3C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C7DE5B6D-678C-4BBC-8AB0-A79D76120CD5}] => (Allow) LPort=49446
FirewallRules: [{491E0E7A-50B0-4D62-9C00-F9B1C73ED2D7}] => (Allow) LPort=5000

==================== Faulty Device Manager Devices =============

Name: Broadcom NetLink (TM) Gigabit Ethernet
Description: Broadcom NetLink (TM) Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2015 08:22:34 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: IPv4-Fehler beim Starten des Diensts für Windows Mobile 2003-Geräteverbindungen. (Die Daten enthalten den Fehlercode.)

Error: (06/29/2015 08:20:15 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (06/28/2015 10:55:02 PM) (Source: WcesComm) (EventID: 2) (User: )
Description: IPv4-Fehler beim Starten des Diensts für Windows Mobile 2003-Geräteverbindungen. (Die Daten enthalten den Fehlercode.)

Error: (06/28/2015 10:52:49 PM) (Source: Schedule) (EventID: 0) (User: )
Description: Schedule error: 10106Initialize call failed, bailing out

Error: (06/20/2015 04:30:58 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - Mozilla Firefox 38.0.5 (x86 de); Fehler = 0x80070422).

Error: (06/20/2015 04:27:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed Facebook Video Calling 3.1.0.521; Fehler = 0x80070422).

Error: (06/20/2015 04:27:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Removed Facebook Video Calling 3.1.0.521; Fehler = 0x80070422).

Error: (06/20/2015 04:27:41 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - Facebook Video Calling 3.1.0.521; Fehler = 0x80070422).

Error: (06/20/2015 04:25:20 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: GetSteamInstallPath failed 2

Error: (06/20/2015 04:25:18 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Steam wird entfernt; Fehler = 0x80070422).


System errors:
=============
Error: (06/30/2015 06:07:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/30/2015 06:07:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 126

Error: (06/30/2015 00:24:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/30/2015 00:24:33 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 126

Error: (06/30/2015 00:16:08 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/29/2015 11:55:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/29/2015 11:55:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\System32\IWMSSvc.dll
Fehlercode: 126

Error: (06/29/2015 09:31:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NetLimiter" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/29/2015 09:16:38 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/29/2015 09:16:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (02/11/2011 06:58:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2910 seconds with 1860 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-12-26 12:44:43.643
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:43.254
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:39.442
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:39.091
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:35.785
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:35.402
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:32.214
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:31.860
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:28.988
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-26 12:44:28.654
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 44%
Total physical RAM: 4090.93 MB
Available physical RAM: 2252.87 MB
Total Pagefile: 8180.06 MB
Available Pagefile: 5708.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:224.89 GB) (Free:56.59 GB) NTFS
Drive d: (Volume) (Fixed) (Total:443.64 GB) (Free:149.31 GB) NTFS
Drive j: (2. System) (Fixed) (Total:29.99 GB) (Free:20.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 698.6 GB) (Disk ID: 3CDD33AE)
Partition 1: (Active) - (Size=110 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=224.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=473.6 GB) - (Type=OF Extended)

==================== End of log ============================

--- --- ---

cosinus · 30.06.2015, 20:25

Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Kris_ · 30.06.2015, 23:42

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 30.06.2015
Suchlaufzeit: 23:47
Protokolldatei: mbamlog.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.06.30.07
Rootkit-Datenbank: v2015.06.30.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Modi

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 495964
Abgelaufene Zeit: 37 Min., 36 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt) 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

ESET kommt erst heute abend.

Kris_ · 02.07.2015, 15:30

Hier der Scan:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4194840afd466a4b85652c30343278c0
# end=init
# utc_time=2015-07-01 07:55:10
# local_time=2015-07-01 09:55:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24596
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4194840afd466a4b85652c30343278c0
# end=updated
# utc_time=2015-07-01 08:13:58
# local_time=2015-07-01 10:13:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4194840afd466a4b85652c30343278c0
# engine=24596
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-02 01:07:33
# local_time=2015-07-02 03:07:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 98614 187429103 0 0
# scanned=707459
# found=21
# cleaned=0
# scan_time=17614
sh=99F97AD369E8621AB4D17DF53E80E60FEE99C727 ft=1 fh=42567613b862d846 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Modi\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=9098DCC51F1A2F06E3C359B1356503436EE35789 ft=0 fh=0000000000000000 vn="Java/Exploit.CVE-2012-4681.G Trojaner" ac=I fn="C:\Users\Modi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\6a800636-26aedb5d"
sh=ED1E64A1D3DC59AF41FB5A8B137DDDFBFD842AB0 ft=0 fh=0000000000000000 vn="Variante von Android/TrojanSMS.Erop.Y Trojaner" ac=I fn="C:\Users\Modi\Documents\samsung\Kies3\backup\SM-G900F\SM-G900F_\SM-G900F_20140619203359\Others\Download\crak-1487867-b0005_hetero.apk"
sh=ED1E64A1D3DC59AF41FB5A8B137DDDFBFD842AB0 ft=0 fh=0000000000000000 vn="Variante von Android/TrojanSMS.Erop.Y Trojaner" ac=I fn="C:\Users\Modi\Documents\samsung\Kies3\backup\SM-G900F\SM-G900F_\SM-G900F_20140824203421\Others\Download\crak-1487867-b0005_hetero.apk"
sh=ED1E64A1D3DC59AF41FB5A8B137DDDFBFD842AB0 ft=0 fh=0000000000000000 vn="Variante von Android/TrojanSMS.Erop.Y Trojaner" ac=I fn="C:\Users\Modi\Documents\samsung\Kies3\backup\SM-G900F\SM-G900F_\SM-G900F_20141115135633\Others\Download\crak-1487867-b0005_hetero.apk"
sh=52119181492727FA0C35D24D9284C98F3A66E20C ft=1 fh=51cb47ff4bd115c2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Modi\Downloads\Firefox - CHIP-Installer.exe"
sh=429FD0BA0D336D87642BA2F05F88B6FF0AFE62C3 ft=1 fh=e46087bcd044f206 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Modi\Downloads\Visual Basic 2010 Express - CHIP-Installer (1).exe"
sh=5C11A42C5A58223B5AAB3427BB2C4245630E3CD1 ft=1 fh=8ca7b9c90ba3ac17 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Modi\Downloads\Visual Basic 2010 Express - CHIP-Installer.exe"
sh=FDD0D901949916C81302F4F062B455F4FDB34C10 ft=1 fh=a0c5c0e8921902b3 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Modi\Downloads\knopix\openSUSE KDE Live CD - CHIP-Installer.exe"
sh=C9352C798D66F96D4F894C2BC2CDAD192B662D62 ft=1 fh=7209dc7ad243ecb3 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Modi\Downloads\Programme\zaSetup_92_105_000_de.exe"
sh=AF5309B422180FD79E11D753B890A9E12D7263EC ft=1 fh=3948a34de882f111 vn="Variante von Win32/PriceGong.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Dokumente und Einstellungen\Kinga\Anwendungsdaten\Mozilla\Firefox\Profiles\lwxpkrs5.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}\components\PriceGongFF.dll"
sh=581350B9DD4D17AB41841EA07CD657A403B80ED6 ft=1 fh=bad3d760ca68a338 vn="Variante von Win32/PriceGong.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Dokumente und Einstellungen\Kinga\Anwendungsdaten\OpenCandy\OpenCandy_DA78F670FA194C5ABC4EA8EBD6465F0F\PriceGongFF_AppStarter.exe"
sh=D18007B0B5C993CE3423C920E3D4582A7F4D27F0 ft=1 fh=d1c6985a337eebe4 vn="Variante von Win32/PriceGong.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Dokumente und Einstellungen\Kinga\Anwendungsdaten\OpenCandy\OpenCandy_DA78F670FA194C5ABC4EA8EBD6465F0F\PriceGong_FF_Wrapper_p2v1.exe"
sh=00F5FA22576D12D0CA115159CD942C663454025C ft=1 fh=328da9ba5da59869 vn="Win32/SoftonicDownloader.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Dokumente und Einstellungen\Kinga\Eigene Dateien\Downloads\SoftonicDownloader_fuer_bittorrent.exe"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Dokumente und Einstellungen\Kinga\Lokale Einstellungen\Anwendungsdaten\BittorrentBar_DE\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll"
sh=7A5B168BB2B8C06B2A9134B656BBF195830D21C2 ft=1 fh=55d4f387d8566cf4 vn="Variante von Win32/PriceGong.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Dokumente und Einstellungen\Kinga\Lokale Einstellungen\Anwendungsdaten\softonic-de3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll"
sh=419716F712489099B040AB846B565D808119B5E8 ft=1 fh=562d50baf79e8eca vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Programme\BittorrentBar_DE\tbBitt.dll"
sh=743CF6F7C346A3CF7BB0B81442DC14A7F3DA352D ft=1 fh=67b200ae242c58b1 vn="Win32/Toolbar.Conduit.Y evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Programme\Conduit\Community Alerts\Alert.dll"
sh=353D89E9D10A292AF3843EE9C7CA70E35008528B ft=1 fh=a88f62bfa35c8a9e vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Programme\ConduitEngine\ConduitEngine.dll"
sh=6936D6A9CA613254E26EF8A0FC5D079ED2F4F64F ft=1 fh=0a9cd00e78230717 vn="Variante von Win32/PriceGong.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Programme\PriceGong\2.1.0\PriceGongIE.dll"
sh=353D89E9D10A292AF3843EE9C7CA70E35008528B ft=1 fh=a88f62bfa35c8a9e vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\backup marcin\[NTFS]\Programme\softonic-de3\tbsoft.dll"

ich habe das hier gelesen-->

samsung\Kies3\backup\SM-G900F\SM-G900F_\SM-G900F_20140619203359\Others\Download\crak-1487867-b0005_hetero.apk"

Hierbei handelt es sich um eine Datensicherung (Samsung,Handy)die ich für einen Kumpel gemacht habe.
Bekomme aber komischerweise seit einem Jahr ca. 1x monatlich Per SMS Werbung .
Kann das mit zusammenhängen?
Heist das, sein Handy ist verseucht?

Hab mich schon immer gefragt wie die an meine Nummer gekommen sind, weil ich da eigentlich sehr vorsichtig bin und auf mein Smartphone auch kaum Apps installiere.

"D:\backup marcin\[NTFS]\Dokumente und Einstellungen\Kinga\Anwendungsdaten\OpenCandy\OpenCandy_DA78F670FA194C5ABC4EA8EBD6465F0F\PriceGongFF_AppStarter.exe"

Was ist das für ein Schrott ?
Das Hier ist ein Backup von sein alten Laptop .
Kann das für mein PC auch gefährlich werden wenn ich ein Datenbackup von jemanden erstelle?

30.06.2015, 07:57	#23
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	OurSurfing eingefangen nach Installation von SUPER Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken __________________ Logfiles bitte immer in CODE-Tags posten

30.06.2015, 17:45	#25
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	OurSurfing eingefangen nach Installation von SUPER FRST.txt ist unvollständig __________________ Logfiles bitte immer in CODE-Tags posten

OurSurfing eingefangen nach Installation von SUPER

Plagegeister aller Art und deren Bekämpfung: OurSurfing eingefangen nach Installation von SUPER