http://your-home-page.net

Ontop144 · 21.07.2015, 13:19

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by michael.schmaus (administrator) on NB1140 on 21-07-2015 13:40:21
Running from H:\
Loaded Profiles: michael.schmaus (Available Profiles: Admin & postgres & sysaidinternal & AdminDE & Chris.Oleszczuk & michael.schmaus & michael.schmaus & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\psxss.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Netop Business Solutions A/S) C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(SEP AG) C:\Program Files\SEPsesam\bin\sesam\sm_main.exe
(SEP AG) C:\Program Files\SEPsesam\bin\sesam\sm_ctrld_main.exe
() C:\Program Files\SEPsesam\bin\sesam\sm_sshd.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\SysWOW64\snmp.exe
(SysAid Technology Ltd.) C:\Program Files\SysAid\SysAidSM.exe
(iS3, Inc.) C:\Program Files (x86)\iS3\STOPzilla AntiVirus\SZServer.exe
(SysAid Technology Ltd.) C:\Program Files\SysAid\SysAidWorker.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer_Service.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(ThreatTrack Security, Inc.) C:\Program Files (x86)\iS3\STOPzilla AntiVirus\SBAMSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\PatchManagementInstallation\Agent\lnssatt.exe
(Apache Software Foundation) C:\Program Files (x86)\PatchManagementInstallation\Agent\Httpd\bin\httpd.exe
(Apache Software Foundation) C:\Program Files (x86)\PatchManagementInstallation\Agent\Httpd\bin\httpd.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\PatchManagementInstallation\Agent\mantle.exe
(Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(Microsoft Corporation) C:\Windows\CCM\RemCtrl\cmrcservice.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Policy Platform\policyHost.exe
(iS3, Inc.) C:\Program Files (x86)\iS3\STOPzilla AntiVirus\STOPzilla.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\tv_x64.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Avaya Inc.) C:\Windows\System32\qtsp_sso.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Akamai Technologies, Inc.) C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ek-soft GmbH) C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Akamai Technologies, Inc.) C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Microsoft) C:\Program Files (x86)\Avaya\Avaya Microsoft Lync Integration\LyncAddin.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Lync\communicator.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\CCM\SCNotification.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtwLyncIntf\BtwLyncIntf.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ek-soft GmbH) C:\Program Files (x86)\CTI\DIALit-Client\TeleTab.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [8641536 2014-07-25] (Broadcom Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-07-03] (IDT, Inc.)
HKLM\...\Run: [qtsp_sso] => C:\windows\system32\qtsp_sso.exe [1171968 2012-12-21] (Avaya Inc.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MultiScreen] => [X]
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [358944 2011-01-28] (Acronis)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-08-01] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2013-07-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-10-24] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-06-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Client Access Service] => C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe [14336 2010-01-15] (IBM Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-02-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [LyncAddin] => C:\Program Files (x86)\Avaya\Avaya Microsoft Lync Integration\LyncAddin.exe [1933824 2012-11-09] (Microsoft)
HKLM-x32\...\Run: [Check Point VPN] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGui.exe [826832 2013-12-04] (Check Point Software Technologies)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2014-04-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MultiScreen] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12118840 2015-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [823720 2015-07-01] (Webroot)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168464 2012-10-25] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [139792 2012-10-25] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-14] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5145824 2011-01-28] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [Akamai NetSession Interface] => C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-03-11]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-10-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DIALit.lnk [2014-11-05]
ShortcutTarget: DIALit.lnk -> C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe (ek-soft GmbH)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-08-06]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DIALit.lnk [2014-11-05]
ShortcutTarget: DIALit.lnk -> C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe (ek-soft GmbH)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-08-06]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
GroupPolicyScripts: Group Policy detected <======= ATTENTION
GroupPolicyScripts\User: Group Policy detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Microsoft Web Recorder Helper -> {06D7D698-1ECD-407F-A1C9-EFA54860490A} -> C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Console\Microsoft.Mom.RecorderBarBHO.dll [2013-09-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-11-03] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1383306434877
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2D943FE5-0C98-4F50-A9EF-758CEED5C998}: [DhcpNameServer] 10.0.1.37 10.100.0.15
Tcpip\..\Interfaces\{5CB4035A-BE52-4E2F-A90A-EEB5B3C5C534}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A51701BB-A804-4E1B-8457-21AFA11167D2}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\103qzzmr.default-1436867989260
FF SearchEngineOrder.2: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-05-28] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\MSC\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-05-28] (Cisco WebEx LLC)
FF Extension: GMX MailCheck - C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\103qzzmr.default-1436867989260\Extensions\toolbar@gmx.net [2015-07-14]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-07-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-18]
FF HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Firefox\Extensions: [firefoxaddon@ek-soft.de] - C:\Program Files (x86)\CTI\DIALit-Client\Firefox
FF Extension: ek-soft CTI Add ON - C:\Program Files (x86)\CTI\DIALit-Client\Firefox [2014-06-16]
FF HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14]
CHR Extension: (Google Drive) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-14]
CHR Extension: (YouTube) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-14]
CHR Extension: (GMX MailCheck) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2015-07-14]
CHR Extension: (Google Search) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14]
CHR Extension: (Google Wallet) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-14]
CHR Extension: (Gmail) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdtAgent; C:\Windows\system32\AdtAgent.exe [410808 2013-09-06] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 CcmExec; C:\windows\CCM\CcmExec.exe [1571000 2013-09-11] (Microsoft Corporation)
R2 CmRcService; C:\windows\CCM\RemCtrl\CmRcService.exe [577712 2014-05-29] (Microsoft Corporation)
S3 Cwbrxd; C:\windows\cwbrxd.exe [94208 2010-01-15] (IBM Corporation) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
R2 gfi_lanss11_attservice; C:\Program Files (x86)\PatchManagementInstallation\Agent\lnssatt.exe [133496 2012-11-23] (GFI Software Development Ltd.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-07-14] (SurfRight B.V.)
S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-02-10] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-10-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-10-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-10-24] (Intel Corporation)
R3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
S3 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 MSSQL$ACRONIS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 NetOp Host for NT Service; C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE [1516568 2010-11-01] (Netop Business Solutions A/S)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S4 PuranDefrag; C:\windows\system32\PuranDefragS.exe [292736 2013-08-15] (Puran Software) [File not signed]
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 SBAMSvc; C:\Program Files (x86)\iS3\STOPzilla AntiVirus\SBAMSvc.exe [3937472 2014-01-07] (ThreatTrack Security, Inc.)
S3 smstsmgr; C:\windows\CCM\TSManager.exe [276152 2013-09-11] (Microsoft Corporation)
R2 sm_main; C:\Program Files\SEPsesam\bin\sesam\sm_main.exe [362696 2015-03-10] (SEP AG)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-21] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-21] (Microsoft Corporation)
S4 SQLAgent$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation)
R3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-07-03] (IDT, Inc.) [File not signed]
R2 SysAidAgent; C:\Program Files\SysAid\SysAidSM.exe [23192 2015-04-01] (SysAid Technology Ltd.)
S4 System Center Management APM; C:\Program Files\Microsoft System Center 2012 R2\Service Manager\APMDOTNETAgent\InterceptSvc.exe [626872 2013-09-06] (Microsoft Corp.)
R2 sz7; C:\Program Files (x86)\iS3\STOPzilla AntiVirus\SZServer.exe [1735872 2015-07-10] (iS3, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4880512 2013-12-04] (Check Point Software Technologies)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5894144 2014-07-25] (Broadcom Corporation) [File not signed]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [823720 2015-07-01] (Webroot)
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn [X]
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-07-14] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 dwVSCD; C:\Windows\System32\DRIVERS\dwvscd.sys [11904 2010-11-01] (Danware Data A/S)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R3 h36wgps; C:\Windows\System32\DRIVERS\h36wgps64.sys [103184 2012-03-02] (Ericsson AB)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331144 2013-03-11] (SafeNet Inc.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2014-05-19] (Paragon Software Group)
R3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
R3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-08-24] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2012-11-21] (Microsoft Corporation)
R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-14] (Microsoft Corporation)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 sbapifs; C:\Windows\System32\DRIVERS\sbapifs.sys [88928 2013-10-01] (ThreatTrack Security, Inc.)
S3 sehutn; C:\Windows\System32\DRIVERS\sehutn.sys [49328 2013-10-08] (SEH Computertechnik GmbH)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-09] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-09] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-09] ()
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2012-09-20] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [456952 2013-12-04] (Check Point Software Technologies Ltd.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2015-07-01] (Webroot)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [284912 2013-11-25] (Ericsson AB)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 dmboot; No ImagePath
U0 SR; No ImagePath
U2 srservice; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 13:39 - 2015-07-21 13:40 - 00000000 ____D C:\FRST
2015-07-21 12:54 - 2015-07-02 22:31 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-21 12:54 - 2015-07-02 21:15 - 14384640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-21 12:54 - 2015-07-02 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-21 12:54 - 2015-07-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-21 12:54 - 2015-06-29 15:30 - 02865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-21 12:54 - 2015-06-29 15:27 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 13771264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-21 12:54 - 2015-06-17 15:28 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-21 12:54 - 2015-06-17 15:26 - 15415296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-21 12:54 - 2015-06-17 15:26 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-21 12:54 - 2015-06-11 20:03 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-21 12:54 - 2015-06-11 19:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-21 12:54 - 2015-06-11 19:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-07-21 12:54 - 2015-06-11 19:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-07-21 12:53 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 12:53 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 12:53 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 16:42 - 2015-07-20 16:42 - 00000000 ____D C:\Users\MSC\AppData\Local\CEF
2015-07-20 13:21 - 2015-07-20 13:21 - 00000000 ____D C:\ProgramData\VIPRE
2015-07-20 13:21 - 2015-07-20 13:21 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-20 13:21 - 2013-09-04 14:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
2015-07-20 13:21 - 2013-05-23 08:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2015-07-20 13:17 - 2015-07-21 13:35 - 00083692 _____ C:\Windows\WindowsUpdate.log
2015-07-20 13:12 - 2015-07-21 13:30 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-07-20 13:12 - 2015-07-20 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
2015-07-20 13:12 - 2015-07-20 13:12 - 00000000 ____D C:\Program Files (x86)\iS3
2015-07-20 13:12 - 2013-10-01 16:31 - 00260816 _____ (GFI Software) C:\Windows\system32\Drivers\SbFw.sys
2015-07-20 13:12 - 2013-10-01 16:31 - 00063184 _____ (GFI Software) C:\Windows\system32\Drivers\sbhips.sys
2015-07-20 13:12 - 2013-03-26 15:58 - 00120608 _____ (GFI Software) C:\Windows\system32\Drivers\SbFwIm.sys
2015-07-20 12:41 - 2015-07-21 13:29 - 00000366 _____ C:\Windows\Tasks\TransmitAll.job
2015-07-20 12:41 - 2015-07-20 13:00 - 00000000 ____D C:\ProgramData\{cd5b4ee3-71a9-ecd7-cd5b-b4ee371a3b8d}
2015-07-17 13:05 - 2015-07-17 13:05 - 00000000 _____ C:\Windows\SysWOW64\REN26F6.tmp
2015-07-16 09:31 - 2015-07-16 09:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 10:21 - 2015-03-30 00:47 - 00083624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 10:21 - 2015-03-30 00:43 - 00089264 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 10:10 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 10:10 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 10:10 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 10:10 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 10:10 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 10:09 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-15 09:26 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 09:26 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 09:26 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 09:26 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 09:26 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 09:26 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 09:26 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 09:26 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 09:26 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 09:26 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 09:26 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 09:26 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 09:26 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 09:26 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 09:26 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 09:26 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 09:26 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 09:26 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 09:26 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 09:26 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 09:26 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 09:26 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 09:26 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 09:26 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 09:26 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 09:26 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 09:26 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 09:26 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 09:26 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 09:26 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 09:26 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 09:26 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 09:26 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 09:26 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 09:26 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 14:54 - 2015-07-14 14:54 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-14 14:54 - 2015-07-14 14:54 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-14 14:54 - 2015-07-14 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 14:21 - 2015-07-15 09:33 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 14:21 - 2015-07-14 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-14 14:20 - 2015-07-21 13:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 14:20 - 2015-07-21 13:33 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 14:20 - 2015-07-16 09:32 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-14 14:20 - 2015-07-16 09:32 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-14 13:50 - 2015-07-14 13:50 - 00002513 _____ C:\Users\MSC\Desktop\JRT.txt
2015-07-14 13:47 - 2015-07-14 13:47 - 00000207 _____ C:\Windows\tweaking.com-regbackup-NB1140-Windows-7-Ultimate-(64-bit).dat
2015-07-14 13:47 - 2015-07-14 13:47 - 00000000 ____D C:\RegBackup
2015-07-14 13:43 - 2015-07-14 13:43 - 03034266 _____ (Malwarebytes Corporation) C:\Users\MSC\Desktop\JRT.exe
2015-07-14 11:59 - 2015-07-14 11:59 - 00000000 ____D C:\Users\MSC\Desktop\Alte Firefox-Daten
2015-07-14 10:47 - 2015-07-20 13:00 - 00000410 _____ C:\Windows\system32\.crusader
2015-07-14 10:40 - 2015-07-14 10:40 - 00001909 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-07-14 10:40 - 2015-07-14 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-07-13 18:01 - 2015-07-13 18:01 - 00002018 _____ C:\Users\MSC\Documents\Silverlieght in allen Browsern aktivieren.txt
2015-07-13 14:17 - 2015-07-14 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-13 14:08 - 2015-07-13 14:08 - 00003122 _____ C:\Windows\System32\Tasks\Samsung_PSSD_Registration
2015-07-13 11:47 - 2015-07-13 11:47 - 00046274 _____ C:\ComboFix.txt
2015-07-13 11:30 - 2015-07-13 11:29 - 02248704 _____ C:\Users\MSC\Desktop\adwcleaner_4.208.exe
2015-07-13 11:09 - 2015-04-08 18:32 - 00000027 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-07 08:55 - 2015-07-07 08:55 - 00000000 ____D C:\Users\MSC\AppData\Roaming\SysAid
2015-07-03 09:33 - 2015-07-21 13:27 - 00004713 _____ C:\Users\MSC\Documents\ETG-Server.rdg
2015-07-02 13:41 - 2011-08-04 00:48 - 120893960 _____ (Oracle ) C:\Users\MSC\Downloads\SmartView.exe
2015-07-02 08:50 - 2015-07-02 08:50 - 00001088 _____ C:\Users\MSC\Documents\WER_Debug.reg
2015-07-02 08:44 - 2015-07-16 10:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-02 08:44 - 2015-07-02 08:44 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-01 11:23 - 2015-07-01 11:23 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-01 11:23 - 2015-07-01 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files\iTunes
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files\iPod
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-06-30 08:26 - 2015-06-30 14:21 - 00002234 ____H C:\Users\adminde\Documents\Default.rdp
2015-06-30 08:26 - 2015-06-30 08:26 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Intel Corporation
2015-06-30 08:25 - 2015-06-30 14:19 - 00000000 ____D C:\Users\adminde\Tracing
2015-06-30 08:25 - 2015-06-30 08:25 - 00124488 _____ C:\Users\adminde\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\Documents\IBM
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\Documents\Bluetooth Exchange Folder
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Synaptics
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\ICAClient
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\IBM
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\hpqLog
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Hewlett-Packard
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Avaya
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Apple Computer
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Packages
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Hewlett-Packard_Developme
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Citrix
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Broadcom
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Adobe
2015-06-30 08:24 - 2015-07-20 11:05 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B921448-3CB6-4172-AC13-1384D54539F1}
2015-06-30 08:24 - 2015-07-20 11:05 - 00001200 __RSH C:\Users\adminde\ntuser.pol
2015-06-30 08:24 - 2015-07-20 11:05 - 00000000 ____D C:\Users\adminde
2015-06-30 08:24 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Adobe
2015-06-30 08:24 - 2015-06-30 08:24 - 00001425 _____ C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Vorlagen
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Startmenü
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Netzwerkumgebung
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Lokale Einstellungen
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Eigene Dateien
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Druckumgebung
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Documents\Eigene Musik
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Documents\Eigene Bilder
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Local\Verlauf
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Local\Anwendungsdaten
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Anwendungsdaten
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 ____D C:\Users\adminde\AppData\Local\Google
2015-06-30 08:24 - 2013-09-12 15:58 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Macromedia
2015-06-30 08:24 - 2013-07-20 07:02 - 00000000 ____D C:\Users\adminde\AppData\Local\Microsoft Help
2015-06-30 08:24 - 2013-04-14 01:33 - 00000000 ___HD C:\Users\adminde\Documents\hp.system.package.metadata
2015-06-30 08:24 - 2011-02-11 07:19 - 00000020 ___SH C:\Users\adminde\ntuser.ini
2015-06-30 08:24 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-30 08:24 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-27 12:29 - 2015-06-27 12:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-27 12:29 - 2015-06-27 12:29 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-27 12:27 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-27 12:27 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-27 12:27 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-27 12:27 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-27 12:27 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-27 12:27 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-27 12:27 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-27 12:27 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-27 12:27 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-27 12:27 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-27 12:27 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-27 12:27 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-27 12:27 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-21 13:40 - 2013-04-13 22:35 - 00993676 _____ C:\Windows\system32\perfh007.dat
2015-07-21 13:40 - 2013-04-13 22:35 - 00255428 _____ C:\Windows\system32\perfc007.dat
2015-07-21 13:40 - 2009-07-14 07:13 - 02420374 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-21 13:39 - 2014-11-14 13:14 - 00000000 ____D C:\ProgramData\WRData
2015-07-21 13:38 - 2009-07-14 06:45 - 00042336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-21 13:38 - 2009-07-14 06:45 - 00042336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-21 13:37 - 2013-07-03 12:02 - 00002072 _____ C:\Windows\system32\config\netlogon.ftl
2015-07-21 13:37 - 2012-02-09 16:30 - 00000000 ____D C:\Users\MSC\Documents\Outlook-Dateien
2015-07-21 13:37 - 2012-02-09 12:10 - 00000000 ____D C:\Users\MSC\Documents\DIALIT
2015-07-21 13:34 - 2014-01-31 10:49 - 00000000 ____D C:\Users\MSC\Tracing
2015-07-21 13:34 - 2011-02-11 07:14 - 00000000 ____D C:\Windows\Panther
2015-07-21 13:32 - 2013-07-05 11:11 - 00000580 _____ C:\Windows\SMSCFG.ini
2015-07-21 13:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2015-07-21 13:30 - 2015-05-29 10:52 - 00000782 _____ C:\Users\Public\Desktop\SysAid.lnk
2015-07-21 13:30 - 2015-05-29 10:52 - 00000000 ____D C:\Program Files\SysAid
2015-07-21 13:29 - 2014-08-15 14:19 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-21 13:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-21 13:29 - 2009-07-14 06:45 - 00529888 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 13:21 - 2013-04-14 01:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-21 10:59 - 2013-07-03 14:11 - 00026804 __RSH C:\ProgramData\ntuser.pol
2015-07-21 07:47 - 2013-06-21 00:13 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-07-20 17:25 - 2015-05-20 10:23 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-20 16:03 - 2013-10-14 12:11 - 00000000 ____D C:\Program Files\HitmanPro
2015-07-20 15:45 - 2013-07-30 18:13 - 00000600 _____ C:\Users\MSC\AppData\Roaming\winscp.rnd
2015-07-20 15:45 - 2013-07-30 18:07 - 00000600 _____ C:\Users\MSC\AppData\Local\PUTTY.RND
2015-07-20 13:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-20 11:28 - 2013-07-30 12:45 - 00000000 ____D C:\Users\MSC
2015-07-20 11:15 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Deployment
2015-07-20 11:11 - 2013-08-01 12:49 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{02EBB676-2F51-4EB5-BF5C-EFF12763F7AF}
2015-07-20 10:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-20 10:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\spool
2015-07-17 13:06 - 2015-01-26 13:24 - 00000000 ____D C:\Program Files\Java
2015-07-17 12:45 - 2015-01-26 13:24 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-17 10:28 - 2012-02-09 16:30 - 00000000 ____D C:\Users\MSC\IPViewer
2015-07-17 08:19 - 2013-07-30 12:05 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00002026 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-07-17 08:08 - 2013-08-02 09:12 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-07-15 11:21 - 2013-11-20 19:31 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 11:21 - 2013-04-14 01:38 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 11:21 - 2013-04-14 01:38 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 10:50 - 2014-12-10 19:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 10:50 - 2014-05-05 09:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 10:26 - 2013-04-14 01:02 - 02394654 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-15 10:23 - 2013-07-19 13:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 10:20 - 2013-08-01 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-15 10:20 - 2013-08-01 12:34 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-15 10:17 - 2013-07-25 17:46 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 14:36 - 2014-06-16 11:18 - 00001062 _____ C:\Users\Public\Desktop\DIALit.lnk
2015-07-14 14:36 - 2014-06-16 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DIALit
2015-07-14 14:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Speech
2015-07-14 14:21 - 2015-01-27 16:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-14 14:21 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Google
2015-07-14 13:36 - 2013-10-14 12:14 - 00000000 ____D C:\AdwCleaner
2015-07-14 10:47 - 2014-07-26 10:46 - 00000000 ____D C:\Users\MSC\AppData\Roaming\NirSoft Utilities
2015-07-14 10:47 - 2013-10-14 12:06 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-14 09:06 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\CrashDumps
2015-07-14 09:04 - 2013-07-05 11:09 - 00000000 ____D C:\Windows\ccmsetup
2015-07-13 11:47 - 2013-11-15 10:41 - 00000000 ____D C:\Qoobox
2015-07-13 11:47 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Apps\2.0
2015-07-13 11:44 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-13 11:35 - 2013-11-15 10:38 - 05632449 ____R (Swearware) C:\Users\MSC\Desktop\ComboFix.exe
2015-07-13 11:08 - 2015-05-27 14:47 - 00002549 _____ C:\Users\Public\Desktop\Paragon Backup and Recovery™ 2014 Free.lnk
2015-07-13 11:08 - 2013-07-30 13:49 - 00001527 _____ C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 11:08 - 2013-07-03 10:57 - 00001529 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 11:08 - 2013-07-03 10:57 - 00001523 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-07-13 09:20 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-07 08:56 - 2014-05-14 09:38 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-07-07 08:55 - 2013-07-03 14:17 - 00000000 ____D C:\Windows\system32\appmgmt
2015-07-07 08:55 - 2013-04-14 01:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-06 17:38 - 2012-02-08 15:35 - 00000000 ____D C:\Temp
2015-07-03 09:17 - 2015-02-17 08:23 - 00006219 _____ C:\Users\MSC\Documents\ETS-Server.rdg.old
2015-07-03 08:43 - 2013-07-25 17:35 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 13:59 - 2013-07-30 13:49 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Adobe
2015-07-02 13:58 - 2014-08-22 10:32 - 00000000 ____D C:\Users\MSC\AppData\Local\Adobe
2015-07-02 11:29 - 2014-11-12 12:43 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieBrowserModeList
2015-07-02 11:29 - 2014-04-09 14:33 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieUserList
2015-07-02 11:29 - 2014-04-09 14:33 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieSiteList
2015-07-02 08:44 - 2013-07-30 12:03 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-02 08:43 - 2013-07-30 12:03 - 00000000 ____D C:\ProgramData\Adobe
2015-07-01 14:25 - 2014-11-14 13:14 - 00167632 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-07-01 14:25 - 2014-11-14 13:14 - 00117728 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-07-01 14:25 - 2014-11-14 13:14 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-07-01 11:26 - 2013-07-30 18:09 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Apple Computer
2015-07-01 11:22 - 2015-03-18 14:44 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-01 11:22 - 2015-03-18 14:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-30 09:18 - 2015-04-14 15:02 - 00000000 ____D C:\Users\MSC\Documents\Wohnung
2015-06-30 08:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-29 08:43 - 2013-07-25 17:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-29 08:43 - 2013-07-25 17:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-27 12:29 - 2014-09-09 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Lync
2015-06-27 12:29 - 2014-09-09 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Lync
2015-06-27 12:28 - 2014-09-09 12:36 - 00000000 ____D C:\Program Files\Microsoft Lync
2015-06-27 12:28 - 2013-07-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-07-30 18:12 - 2013-01-24 18:35 - 0023176 _____ () C:\Users\MSC\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2013-07-30 18:12 - 2014-10-06 12:53 - 0023164 _____ () C:\Users\MSC\AppData\Roaming\Microsoft Excel 97-2003.ADR
2013-11-08 14:24 - 2015-02-09 18:50 - 0081642 _____ () C:\Users\MSC\AppData\Roaming\MultiScreen_log.log
2015-04-16 08:46 - 2015-04-16 08:46 - 0033193 _____ () C:\Users\MSC\AppData\Roaming\UserTile.png
2013-07-30 18:13 - 2015-07-20 15:45 - 0000600 _____ () C:\Users\MSC\AppData\Roaming\winscp.rnd
2013-07-30 18:04 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\AtStart.txt
2013-07-30 18:04 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\DSwitch.txt
2013-07-30 18:07 - 2015-07-20 15:45 - 0000600 _____ () C:\Users\MSC\AppData\Local\PUTTY.RND
2013-07-30 18:07 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\QSwitch.txt
2013-07-30 18:07 - 2012-12-02 16:08 - 0001832 _____ () C:\Users\MSC\AppData\Local\SLC_msc.prx
2013-10-18 17:29 - 2013-10-18 18:23 - 0000826 _____ () C:\ProgramData\hpzinstall.log
2013-08-01 12:45 - 2013-08-01 12:45 - 0000266 _____ () C:\ProgramData\LEDM_AdaptorInstall.log
2013-12-09 11:21 - 2013-12-09 14:12 - 0000227 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

ZeroAccess:
C:\Users\MSC\AppData\Local\682008ce
C:\Users\MSC\AppData\Local\682008ce\@

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 08:19

==================== End of log ============================

schrauber · 21.07.2015, 13:25

Hi,

Addition.txt fehlt noch

Ontop144 · 21.07.2015, 13:30

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by michael.schmaus at 2015-07-21 13:41:03
Running from H:\
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-138671167-893842611-3967195578-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-138671167-893842611-3967195578-500 - Administrator - Disabled)
Gast (S-1-5-21-138671167-893842611-3967195578-501 - Limited - Disabled)
postgres (S-1-5-21-138671167-893842611-3967195578-1018 - Limited - Enabled) => C:\Users\postgres
sysaidinternal (S-1-5-21-138671167-893842611-3967195578-1022 - Administrator - Enabled) => C:\Users\sysaidinternal

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AV: STOPzilla AntiVirus (Enabled - Up to date) {581418F3-DCB4-03A7-8970-1C2B5929FC27}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: STOPzilla AntiVirus (Enabled - Up to date) {E375F917-FA8E-0C29-B3C0-275922AEB69A}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4500_G510nz_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis*True*Image*Home (HKLM-x32\...\{67ED38A3-4882-448B-B44D-3428AB00D7D5}) (Version: 13.0.7160 - Acronis)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.15 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe Customization Wizard 8 (HKLM-x32\...\{AC76BA86-1033-0000-0000-000000000003}) (Version: 8.0.0 - Adobe Systems, Inc.)
Adobe Customization Wizard 9 (HKLM-x32\...\{AC76BA86-1033-0000-0000-000000000004}) (Version: 9.0.0 - Adobe Systems, Inc.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Akamai NetSession Interface (HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.39.0 - Alcor Micro Corp.)
Alcor Micro Smart Card Reader Driver (x32 Version: 1.7.39.0 - Alcor Micro Corp.) Hidden
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier x64 External Package (Version: 8.100.26936 - Microsoft) Hidden
AttachmentsManager 1.8.6 (HKLM-x32\...\AttachmentsManager_is1) (Version: 1.8.6 - SmartTools Publishing)
Avaya IP Office Plug-in for Salesforce.com (x32 Version: 9.0.200.15 - Avaya) Hidden
Avaya IP Office Plug-in for Salesforce.com v9.0.2.0 build 15 (HKLM-x32\...\Avaya IP Office Plug-in for Salesforce.com) (Version: 9.0.200.15 - Avaya)
Avaya Microsoft Lync Integration (HKLM-x32\...\{3110CD25-2EB2-468B-9F24-E506C1CBEAB4}) (Version: 6.2.0.0 - Avaya)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version:  - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.5300 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.223.232 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version:  - Broadcom Corporation)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C3000 Fax Printer (64 Bit) (HKLM\...\{6837CEE3-B8FD-4521-A9CB-94B599E2233C}) (Version: 2.0.2303.1029 - Comergo GmbH)
calibre 64bit (HKLM\...\{61AFB2AC-84FF-4C05-8427-3D2FA64A520B}) (Version: 1.13.0 - Kovid Goyal)
Calisto DFU Driver (x64) (HKLM\...\{1C20E609-768A-4FDC-AC75-2CE466D81506}) (Version: 2.4.49092.0 - Plantronics, Inc.)
Canon Remote Operation Viewer 2.0 (HKLM-x32\...\{D24AE168-6414-4EA7-89CE-6AEB76419870}) (Version: 1.0.0 - CANON)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Check Point VPN (HKLM-x32\...\{FDF89F73-D0C7-4D1A-BDAA-3405FEA39338}) (Version: 98.60.92 - Check Point Software Technologies Ltd.)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Color Network ScanGear 2 (HKLM\...\{95F1E28D-A360-421B-8BDC-0640A3BD945B}) (Version: 2.0.0 - CANON INC.)
Configuration Manager Client (Version: 5.00.7958.1000 - Microsoft Corporation) Hidden
Configuration Manager Support Center (HKLM-x32\...\{5E7FB70D-60B3-44AB-A0C3-FE6ABD5C0377}) (Version: 5.00.7958.1120 - Microsoft Corporation)
Crystal Reports 11 Runtime (HKLM-x32\...\{9038A340-AAFD-42E3-992A-62B49C6CF476}) (Version: 1.0.0 - Carano GmbH)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.5101 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.1.3423 - CyberLink Corp.)
DataMigrationTool (HKLM-x32\...\{AAECF3DD-0F4C-4E6C-B2A9-10595064B30B}) (Version: 1.0.6 - TeamViewer)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DIALit V4.2 (HKLM-x32\...\{B213DFFA-8681-49D4-8B30-2D8DD69223C3}) (Version: 4.2.0.18 - ek-soft GmbH)
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Exchange System Manager (HKLM-x32\...\{C0850F9C-EF33-46C7-A226-6309540C0C05}) (Version: 6.5.8037.0 - Microsoft)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: Preview - Marek Jasinski)
GDR 4033 für SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
GDR 4042 für SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
GDR 5520 für SQL Server 2008 (KB 2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GFI LanGuard 11 Agent (x32 Version: 11.1.2012.1207 - GFI Software Ltd) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.241 - SurfRight B.V.)
HP 3D DriveGuard (HKLM\...\{B64F0818-316F-4237-8CB4-35BC2DA784C2}) (Version: 5.1.12.1 - Hewlett-Packard Company)
HP BIOS Configuration Utility (HKLM-x32\...\{1B0AE7F1-30A4-4F70-BB8A-99BE988E4652}) (Version: 3.2.3.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{C0ED9561-8312-457C-BB1B-BDC7EE034CED}) (Version: 4.7.4.1 - Hewlett-Packard Company)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Documentation (HKLM-x32\...\{C65D5947-5FAF-499E-859F-75C3852D84B0}) (Version: 1.1.1.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company)
HP HD Webcam Driver (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.8.16 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{53C48A27-4079-49EB-8E73-76BA85D2BF6F}) (Version: 5.0.24.1 - Hewlett-Packard Company)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP IP CONSOLE VIEWER 4.1.2.1 (HKLM-x32\...\HP IP CONSOLE VIEWER) (Version: 4.1.2.1 - Hewlett-Packard)
HP Mobile Broadband Drivers (HKLM-x32\...\{646E8C34-C88B-42F9-9F41-985A801219E1}) (Version: 7.2.8.1 - Ericsson AB)
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
HP Port Replicator Software Installer (HKLM-x32\...\{6313BCDF-1109-4682-A19D-413189817787}) (Version: 1.3.23 - HP)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{76D4147B-1544-480B-80E7-69BE8461127F}) (Version: 3.5.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{658A8756-7B1E-44FD-A434-D777DD906232}) (Version: 8.5.2.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{B5BEF5F8-BD76-4174-A47D-05A06EA62615}) (Version: 2.7.1 - Hewlett-Packard Company)
HP System Software Manager (HKLM-x32\...\{0654A5BE-4E69-4F93-88B2-A81B13A7960C}) (Version: 3.1.13.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IBM i Access for Windows MRI (x32 Version: 07.01.0000 - IBM) Hidden
IBM i Access für Windows 7.1 (HKLM\...\{31E11496-1F84-4DCC-B07A-369B40B8B4A7}) (Version: 07.01.0001 - IBM)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InfoStore - DocumentViewer 2009-253 (HKLM-x32\...\{1258E438-FFA7-4234-BC8A-9FBCC764BC27}) (Version: 7.09.253 - Solitas AG)
Inno Script Studio version 2.1.0.20 (HKLM-x32\...\{7C22BD69-9939-43CE-B16E-437DB2A39492}_is1) (Version: 2.1.0.20 - Kymoto Solutions)
Inno Setup QuickStart Pack version 5.5.4 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.4 - Martijn Laan)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.5.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.60174 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
Joe (HKLM-x32\...\{0AD3DEBC-5321-457E-8B43-8F546940169B}) (Version: 4.00.0050 - Wirth IT Design)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
KiXscripts Editor 1.7 (HKLM-x32\...\KiXscripts Editor_is1) (Version:  - )
KOBIL CCID driver x64x86 (x32 Version: 1.013.02121 - KOBIL Systems) Hidden
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
MailOut (HKLM-x32\...\MailOut_is1) (Version: Aktuelle Version - IN MEDIA KG)
MailOut Enterprise Client (Arbeitsplatzinstallation) (HKLM-x32\...\MailOut Enterprise Client_is1) (Version: 1.0 - IN MEDIA KG)
MailOut Enterprise Remote (HKLM-x32\...\{03DDCA28-B7FB-4E2B-91E5-25D93DD37140}) (Version: 0.1 - Administrator)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Add-ons für Acronis True Image Home 2010 (HKLM-x32\...\{3C6F60BD-EDBF-4D45-A063-59261E6FD540}) (Version: 13.0.7160 - Acronis)
Media Add-ons für Acronis True Image Home 2010 (HKLM-x32\...\{9CA72668-86CC-5447-9278-A0378FE45378}) (Version: 13.0.6029 - Acronis)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{D1D37853-0004-3E36-A7AA-74F4EEA35F64}) (Version: 4.5.50930 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Advanced Group Policy Management-Client (HKLM\...\{39FC17D5-FEA5-4220-8457-3CDF68E01E2B}) (Version: 4.1.1016.0 - Microsoft Corporation)
Microsoft AS OLE DB-Anbieter für SQL Server 2012 (HKLM\...\{27CCA8E0-80E4-4FD4-BD37-76C299587E98}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Diagnostics and Recovery Toolset 7.0 (HKLM\...\{7283B4B5-EC48-4A41-93C0-CCDE1F22A468}) (Version: 7.0.310.0 - Microsoft Corporation)
Microsoft Exchange Server 2010 (HKLM\...\Microsoft Exchange v14) (Version: 14.3.123.4 - Microsoft Corporation)
Microsoft Lync 2010 (HKLM\...\{58A013B1-1613-4978-881A-FCA43710C84A}) (Version: 4.0.7577.4461 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1146-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1150 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Online Services-Anmeldeassistent (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{65F3578A-F54F-4402-A9B1-E36B06976706}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 (KB971119) (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable - Language Pack - deu (HKLM-x32\...\{B2F21D11-631B-33C2-8E1A-73EA57FDFE33}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable Language Pack - ita (HKLM-x32\...\{062DDDB2-21F6-38FD-91F7-FB65380C43F2}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable Language Pack - ptb (HKLM-x32\...\{2F7B3396-D648-3644-8987-3D5856E62842}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable 언어 팩 - kor (HKLM-x32\...\{607DD498-23DF-3790-BA0F-0E4055DE5284}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable 言語パック - jpn (HKLM-x32\...\{43855309-4888-35AF-A31F-270086E769E7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable 语言包 - chs (HKLM-x32\...\{5A2F4392-7C23-3D07-9D1D-2B65D820059C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft ReportViewer 2010 SP1 Redistributable (KB2549864) (HKLM-x32\...\{1282C0BC-3B22-33D4-B72E-62922415DDCA}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft ReportViewer 2010 可轉散發語言套件 - cht (HKLM-x32\...\{106E9B81-1DF3-351A-9AF1-336FC0D81A9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft RichCopy 4.0 (HKLM-x32\...\{86F4F32B-77C7-4951-B33C-05D41A8190C1}) (Version: 4.0.216 - Microsoft Corporation)
Microsoft Robocopy GUI (HKLM-x32\...\{107C666F-63C5-4263-8D40-8B9CFB5FED08}) (Version: 1.0.0 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Report Builder 3.0 (HKLM-x32\...\{C1F938A6-3B5D-415B-A238-FEAAAF0D8F94}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{393CA5BF-0362-42FD-ABC2-BA9D22EF925E}) (Version: 10.3.5520.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Analysis Management Objects  (HKLM\...\{DBD0532B-25A9-470F-A57E-7BD2E39F0D50}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{E75776B2-EAE5-42F9-A800-0A10763DEDF0}) (Version: 11.0.2318.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{8DD113A8-811A-404E-A4D7-443D014946AC}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FBBA9369-3A6B-4EE3-9C53-DA0D29C2FC95}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System Center 2012 R2 Service Manager (HKLM\...\{7B523367-360B-4EB6-9ED4-D2637816DD0F}) (Version: 7.5.3079.148 - Microsoft Corporation)
Microsoft System Center 2012 R2 Virtual Machine Manager (HKLM\...\Microsoft System Center 2012 R2 Virtual Machine Manager) (Version: 3.2.7510.0 - Microsoft Corporation)
Microsoft Virtual Machine Converter Solution Accelerator (HKLM-x32\...\{3CD4E444-CBF5-40E6-8279-B511DE7E26BB}) (Version: 1.0.4619.17079 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual SourceSafe 2005 - DEU (HKLM-x32\...\Microsoft Visual SourceSafe 2005 - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{0E8D886F-3205-4472-848E-990F400FF218}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{46EA439E-2D16-49B6-AA80-00DE992FE7CE}) (Version: 7601 - Microsoft)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{3E123CBC-07C3-448E-ACE4-F04157099175}) (Version: 11.1.3000.0 - Microsoft Corporation)
Module linguistique Microsoft ReportViewer 2010 Redistributable - fra (HKLM-x32\...\{918D20E8-FEB8-3FF5-89EB-198AD8CE4010}) (Version: 10.0.40219 - Microsoft Corporation)
MOOS Project Viewer (HKLM-x32\...\MOOS Project Viewer) (Version: 3.1.4 - Stand By Soft Ltd)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
mRemoteNG (HKLM-x32\...\mRemoteNG) (Version: 1.72.5065.32737 - Next Generation Software)
MSI Development Tools (x32 Version: 8.100.26898 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MultiScreen (HKLM-x32\...\{7E750925-00C9-4B23-A1E8-BBFC0955CFD8}) (Version: 3.0.23 - Samsung Electronics Ltd.)
Netop Remote Control Guest (HKLM-x32\...\{00000034-92AC-11E2-911B-0417A1A01290}) (Version: 11.12.13081 - Netop Business Solutions A/S)
Netop Remote Control Host (HKLM-x32\...\{00000044-E56C-11DF-9952-0417A1A01290}) (Version: 9.52.10305 - Netop Business Solutions A/S)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Orca (HKLM-x32\...\{85F4CBCB-9BBC-4B50-A7D8-E1106771498D}) (Version: 3.1.3790.0000 - Microsoft Corporation)
Paquete de idioma de Microsoft ReportViewer 2010 Redistributable - esn (HKLM-x32\...\{73B1BA61-C2E5-34A2-AD8D-9038972B0E2E}) (Version: 10.0.40219 - Microsoft Corporation)
Paragon Backup and Recovery™ 2014 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC-WELT-Fix-it-Pack 2.0 (HKLM\...\{CD349D32-0976-4AB5-9616-82717033D2C8}_is1) (Version:  - IDG Magazine Media GmbH)
Plus Pack für Acronis True Image Home 2010 (HKLM-x32\...\{4C556B5C-8EF7-47B4-AE05-FE71EEB2C25B}) (Version: 13.0.7160 - Acronis)
Polycom CX5100-CX5500 Control Panel (HKLM-x32\...\{FEDF58EC-7DAD-4C84-BD4D-DCAF19D364E3}_is1) (Version: 1.0.0.189 - Polycom, Inc.)
Puran Utilities 3.0 (HKLM\...\Puran Utilities_is1) (Version:  - Puran Software)
PuTTY version 0.62 (HKLM-x32\...\PuTTY_is1) (Version: 0.62 - Simon Tatham)
Quest One ActiveRoles Management Shell for Active Directory (HKLM\...\{2C6FA0E7-1127-4D86-ACE5-BE5B6ABFF940}) (Version: 1.6.0.2683 - Quest Software, Inc.)
Quest PowerGUI® 3.8 (HKLM-x32\...\{4498748D-F54C-4B84-AD4D-F8DA827FF65E}_Qs) (Version: 3.8.0.129 - Quest Software, Inc.)
Quest PowerGUI® 3.8 (x32 Version: 3.8.0.129 - Quest Software, Inc.) Hidden
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
schwackeForecast (HKLM-x32\...\{2F8BAC6A-BDB9-4989-A56D-73FF4CEF5979}) (Version: 001.030.000.019 - )
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
SDK Debuggers (x32 Version: 8.100.26936 - Microsoft Corporation) Hidden
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.6 - Seagate Technology)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
SEP sesam GUI (HKLM\...\{07007377-2537-4AA1-9F3A-E4978C12492D}) (Version: 4.4.1.48 - SEP AG)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 für SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Softerra LDAP Browser 4.5 (64-bit) (HKLM\...\{413EDBFA-6FE0-4416-B5FA-059C93A6A553}) (Version: 4.5.13724.0 - Softerra, Ltd.)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQLXML4 (HKLM\...\{DEA9F247-F832-4E36-90BF-D8EDA206521A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
STOPzilla 7 Install (HKLM-x32\...\{63D41586-5FE0-4DDF-8958-8F022C1938D7}) (Version: 7.0.2.81 - iS3, Inc.)
Support Tools Web Package : DCDIAG.EXE (HKLM-x32\...\{B1C1C959-8B1E-421B-8C90-46AAFBC3D7DD}) (Version: 1.0.0.1 - Microsoft Corporation)
Support Tools Web Package : NETDIAG.EXE (HKLM-x32\...\{31D2ADFD-A2E2-47D0-AA6E-1343FA52BF7C}) (Version: 1.0.0.1 - Microsoft Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.23 - Synaptics Incorporated)
Synkronizer 11 (HKLM-x32\...\Synkronizer 11 11.0.41210.1800) (Version: 11.0.41210.1800 - XL Consulting GmbH)
Synkronizer 11 (Version: 11.0.41210.1800 - XL Consulting GmbH) Hidden
SysAid Admin Tools version 8.5.05 (HKLM-x32\...\SysAid Admin Tools_is1) (Version: 8.5 - SysAid Ltd.)
SysAid Agent (HKLM\...\{FC5E1D1D-6D3F-4844-A937-567D589F655E}) (Version: 15.2.00.101 - SysAid Ltd)
System Center 2012 R2 Configuration Manager-Konsole (HKLM-x32\...\{A6F71B78-04E9-4DB8-A161-23B87D8FB877}) (Version: 5.00.7958.1000 - Microsoft Corporation)
System Center 2012 R2 Operations Manager (HKLM\...\System Center 2012 R2 Operations Manager) (Version: 7.1.10226.0 - Microsoft Corporation)
System Center Operations Manager 2012 Console (Version: 7.1.10226.0 - Microsoft Corporation) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
TeamViewer 8 (MSI Wrapper) (HKLM-x32\...\{4F34E9E4-1AEE-47ED-8BB2-0FF1E143AB48}) (Version: 8.0.19617 - TeamViewer)
TeamViewer 8 (MSI Wrapper) (HKLM-x32\...\{7F90BFB6-82B6-4063-8957-7DC8ACCFF4BE}) (Version: 8.0.18051 - TeamViewer)
TeamViewer Manager 8 (HKLM-x32\...\TeamViewer Manager 8) (Version:  - TeamViewer GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
uno_edit.exe (HKLM-x32\...\{C2DF8388-85D7-4AD3-8C96-3B2AF9092288}) (Version: 0.1 - Administrator)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update RollUp 1 for Microsoft System Center Virtual Machine Manager Administrator Console (x64) (KB2919248) (HKLM\...\{93C10AA5-8355-41C4-8F37-73C02E4C6E82}) (Version:  - Microsoft Corporation)
Update Rollup 2 for Exchange Server 2010 Service Pack 3 (KB2866475) (HKLM\...\KB2866475) (Version: 1 - Microsoft Corporation)
Update RollUp 2 for Microsoft System Center Virtual Machine Manager Administrator Console (x64) (KB2932942) (HKLM\...\{A5F45664-201C-489c-A1E6-9F0D7671CD4B}) (Version:  - Microsoft Corporation)
Update Rollup 3 for Microsoft System Center Virtual Machine Manager Administrator Console (x64) (KB2965413) (HKLM\...\{E4FF346F-EA5A-411F-9F6B-2C469840DC28}) (Version:  - Microsoft Corporation)
Update Rollup 4 for Exchange Server 2010 Service Pack 3 (KB2905616) (HKLM\...\KB2905616) (Version: 1 - Microsoft Corporation)
Update Rollup 4 for Microsoft System Center Virtual Machine Manager Administrator Console (x64) (KB2992023) (HKLM\...\{E424A006-23B8-4403-A413-9EEBFB422FB2}) (Version:  - Microsoft Corporation)
Update Rollup 5 for Exchange Server 2010 Service Pack 3 (KB2917508) (HKLM\...\KB2917508) (Version: 1 - Microsoft Corporation)
Update Rollup 5 for Microsoft System Center Virtual Machine Manager Administrator Console (x64) (KB3023914) (HKLM\...\{27D9B702-5DF5-445A-BE1D-84E123208DD2}) (Version:  - Microsoft Corporation)
Update Rollup 6 for Exchange Server 2010 Service Pack 3 (KB2936871) (HKLM\...\KB2936871) (Version: 1 - Microsoft Corporation)
Update Rollup 6 for Microsoft System Center Virtual Machine Manager Administrator Console (x64) (KB3050947) (HKLM\...\{368E82AF-3AD0-44AE-965D-E71C16132B79}) (Version:  - Microsoft Corporation)
Update Rollup 7 for Exchange Server 2010 Service Pack 3 (KB2961522) (HKLM\...\KB2961522) (Version: 1 - Microsoft Corporation)
Update Rollup 8 for Exchange Server 2010 Service Pack 3 (KB2986475) (HKLM\...\KB2986475) (Version: 2 - Microsoft Corporation)
UTAX TA Product Library (HKLM\...\UTAX TA Product Library) (Version: 2.0.0713 - KYOCERA Document Solutions Inc.)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Vhd Resizer (HKLM-x32\...\{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}) (Version: 1.0.42 - Xcarab)
VIP Access SDK (1.1.0.7)  (HKLM-x32\...\VIP Access SDK) (Version: 1.1.0.7 - Symantec Inc.)
Visual BCD (HKLM-x32\...\{436D50FF-8FA1-4FDD-A9C9-48B52A990F57}) (Version: 0.9.3.1 - BoYans)
Visual Studio 2008 Shell Isolated Mode Redistributable Package (HKLM-x32\...\{468AA969-3336-3F1D-92DE-D373B548B651}) (Version: 9.0.30729 - Microsoft)
Visual Studio 2008 Shell Isolated Mode Redistributable Package (HKLM-x32\...\{B0990F1E-BCAD-36CA-A251-09824C77B297}) (Version: 9.0.30729 - Microsoft)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Webroot SecureAnywhere (HKLM-x32\...\{98C3BECF-DD5F-44D2-8EF3-48A926977467}) (Version: 8.4.131 - Webroot)
WinDirStat 1.1.2 (HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\WinDirStat) (Version:  - )
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
Windows Script V5.6 Dokumentation (HKLM-x32\...\Scriptdoc) (Version:  - )
Windows Server Update Services 3.0 SP2 Console (HKLM\...\Windows Server Update Services 3.0 SP2) (Version: 3.2.7600.226 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
Windows-Treiberpaket - Plantronics, Inc. (usbser.ntamd64) Ports  (04/21/2009 5.1) (HKLM\...\07AFE62D73C8799E9E5689F86FB9F48389717BA3) (Version: 04/21/2009 5.1 - Plantronics, Inc.)
WinSCP 5.5.5 (HKLM-x32\...\winscp3_is1) (Version: 5.5.5 - Martin Prikryl)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
WPT Redistributables (x32 Version: 8.100.26936 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26936 - Microsoft) Hidden
WSCC 2.3.0.0 (HKLM-x32\...\WSCC_is1) (Version:  - KirySoft)
Языковой пакет Microsoft ReportViewer 2010 Redistributable - rus (HKLM-x32\...\{9A8ED6EF-B155-3038-AA3C-36B3939EE0BC}) (Version: 10.0.40219 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

14-07-2015 14:00:31 Prüfpunkt von HitmanPro
15-07-2015 10:11:11 Windows Update
20-07-2015 10:42:20 Windows Modules Installer
20-07-2015 12:51:40 Windows Defender Checkpoint
20-07-2015 13:00:15 Prüfpunkt von HitmanPro
20-07-2015 13:11:57 Installed STOPzilla 7 Install.
21-07-2015 13:01:07 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-13 11:44 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0279B360-6BF9-49C2-89FF-E6E44EE8B665} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {0CFD085B-6A9C-443F-98C6-23B614DA90D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0D1A06FB-C2FE-4641-8D32-8B4B3F5B3E17} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {310A1750-5E9A-4D87-BEB6-4C3488125673} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {42B050ED-B45D-4375-9FF9-8721F0441642} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {4355E34C-5118-495C-BA04-72AF9642E2D7} - System32\Tasks\System Ruhezustand => D:\install\herunterfahren.cmd
Task: {4BAA18B4-281C-4F08-823F-7C4E0C2928C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {5A7906FA-8A64-4E3C-AAD5-D127D3D8962E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {5DC681B7-7640-470B-A0E1-456BAD00C7D4} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\windows\CCM\ccmeval.exe [2013-09-11] (Microsoft Corporation)
Task: {704FB5EE-E365-487E-B066-A641571FD575} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {71764DA5-1AFF-442A-9F11-A6637F1821C1} - \TransmitAll No Task File <==== ATTENTION
Task: {7224B8E9-EE2C-44E1-8CC1-BA3C656D02BA} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\Dependencies\RemEngine.exe [2012-03-21] ()
Task: {75F679A1-1672-4F74-B8E1-28280F7914F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {805AD214-3D19-44AB-A64C-92C3B43169C5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {95208C9B-96D8-4649-9F32-531EF3EB4708} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9A43357D-FBC6-4559-B97B-385DD9C64397} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D0AFFF2A-527E-4FCB-A3D8-E79612D8AE93} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe [2014-12-03] (Samsung Electronics)
Task: {D7951DC5-D615-4E56-8975-E0BAFF786855} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {D8270F3E-3AA9-4697-B145-79E9CDB415C8} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection
Task: {E89213EA-47C2-4282-BAF9-B59FBE351C42} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {F8D50C97-9077-4564-B17C-1C4E0E9A3A92} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TransmitAll.job => c:\programdata\{cd5b4ee3-71a9-ecd7-cd5b-b4ee371a3b8d}\spyhunter_keygen.exe--startup=1 --singlemichael.sch <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-10 16:52 - 2015-03-10 16:52 - 01277128 _____ () C:\Program Files\SEPsesam\bin\sesam\sm_sshd.exe
2015-03-10 16:53 - 2015-03-10 16:53 - 00058568 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\_socket.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00017096 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\select.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00017096 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\Crypto.Random.OSRNG.winrandom.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 01154248 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\_hashlib.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00017608 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\Crypto.Util._counter.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00037064 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\Crypto.Cipher._AES.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00064200 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\Crypto.Cipher._DES3.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00014536 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\Crypto.Util.strxor.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00069320 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\_bz2.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00027336 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\Crypto.Cipher._Blowfish.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00016584 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\Crypto.Cipher._ARC4.pyd
2015-03-10 16:53 - 2015-03-10 16:53 - 00769224 _____ () C:\Program Files\SEPsesam\bin\sesam\python3\unicodedata.pyd
2012-02-10 23:26 - 2012-02-10 23:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-21 03:52 - 2014-02-21 03:52 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2013-02-17 19:35 - 2012-05-06 19:20 - 00022336 _____ () C:\Program Files\CCleaner\branding.dll
2014-03-19 08:00 - 2014-03-19 08:00 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2011-01-28 20:15 - 2011-01-28 20:15 - 05145824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2013-07-03 17:38 - 2011-07-13 10:10 - 00065576 ____R () C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\MBMDebug.dll
2015-07-20 13:21 - 2015-06-26 03:13 - 00184184 _____ () C:\Program Files (x86)\iS3\STOPzilla AntiVirus\Definitions\libBase64.dll
2015-07-20 13:21 - 2015-06-26 03:13 - 00175992 _____ () C:\Program Files (x86)\iS3\STOPzilla AntiVirus\Definitions\libMachoUniv.dll
2012-11-23 09:53 - 2012-11-23 09:53 - 00329592 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\apistrings.dll
2012-11-23 09:56 - 2012-11-23 09:56 - 00159608 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\modlop.dll
2012-11-23 09:54 - 2012-11-23 09:54 - 00100728 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\httpserverattplugin.dll
2012-11-23 09:46 - 2012-11-23 09:46 - 02029600 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\crmimodule.dll
2012-11-23 09:58 - 2012-11-23 09:58 - 00208760 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\patchautodownload.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2012-11-23 09:39 - 2012-11-23 09:39 - 00296448 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\TMSUnicodeD2009.bpl
2012-12-07 10:02 - 2012-12-07 10:02 - 00183160 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\scanmngsys.dll
2012-11-23 09:58 - 2012-11-23 09:58 - 00049528 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\schedcompactdb.dll
2012-11-23 09:58 - 2012-11-23 09:58 - 00054648 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\schedupdates.dll
2012-11-23 09:39 - 2012-11-23 09:39 - 00196608 _____ () C:\Program Files (x86)\PatchManagementInstallation\Agent\Httpd\bin\pcre.dll
2014-10-15 14:22 - 2014-10-15 14:22 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ffecb320f1e95e8c90a5ce2ee658306d\IsdiInterop.ni.dll
2013-04-14 01:05 - 2013-07-03 17:46 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-06-20 23:42 - 2013-10-24 14:54 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-06-27 00:44 - 2015-06-27 00:44 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\de_de\acrotray.deu
2012-07-01 18:03 - 2012-07-01 18:03 - 05705728 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\QtGui4.dll
2012-06-17 14:55 - 2012-06-17 14:55 - 01617920 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\QtCore4.dll
2012-07-02 04:23 - 2012-07-02 04:23 - 00028672 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Connect\imageformats\qgif4.dll
2011-01-28 18:23 - 2011-01-28 18:23 - 00279904 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\resource.dll
2011-01-28 17:03 - 2011-01-28 17:03 - 00019808 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll
2011-01-28 17:04 - 2011-01-28 17:04 - 00028512 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll
2014-03-19 08:00 - 2014-03-19 08:00 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-06-27 00:43 - 2015-06-27 00:43 - 02897304 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\PDFMaker\Common\AdobePDFMakerX.dll
2015-06-27 00:44 - 2015-06-27 00:44 - 01446400 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:874C5B53
AlternateDataStreams: C:\Users\MSC\Desktop\autiscover.vbs:Bookmarks
AlternateDataStreams: C:\Users\MSC\Desktop\autiscover.vbs:Breakpoints
AlternateDataStreams: C:\Users\MSC\Desktop\autiscover.vbs:FoldedSections
AlternateDataStreams: C:\Users\MSC\Desktop\autiscover.vbs:Tracepoints
AlternateDataStreams: C:\Users\MSC\Desktop\autiscover.vbs:Undo
AlternateDataStreams: C:\Users\MSC\Desktop\autodiscover2.vbs:Bookmarks
AlternateDataStreams: C:\Users\MSC\Desktop\autodiscover2.vbs:Breakpoints
AlternateDataStreams: C:\Users\MSC\Desktop\autodiscover2.vbs:FoldedSections
AlternateDataStreams: C:\Users\MSC\Desktop\autodiscover2.vbs:Tracepoints
AlternateDataStreams: C:\Users\MSC\Desktop\autodiscover2.vbs:Undo
AlternateDataStreams: C:\Users\MSC\Documents\MailOut_Bsp1.eml:OECustomProperty
AlternateDataStreams: C:\Users\MSC\Documents\MailOut_Bsp2.eml:OECustomProperty
AlternateDataStreams: C:\Users\MSC\Documents\MailOut_Bsp3.eml:OECustomProperty
AlternateDataStreams: C:\Users\MSC\Documents\Schwacke - Pressemeldung - Schwacke aktualisiert Standardwerk zum Nutzungsausfall.eml:OECustomProperty

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SBAMSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\demtsr007 -> hxxp://demtsr007
IE trusted site: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\ets-production5 -> hxxps://ets-production5
IE trusted site: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\eurotax.com -> hxxp://compare.eurotax.com
IE trusted site: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\odetteca.com -> hxxps://www.odetteca.com
IE trusted site: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\salesforce.com -> hxxps://emea.salesforce.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 10.0.1.37 - 10.100.0.15
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: ) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{83B82B13-1FB0-42B6-8DBC-A5DE9A609D09}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{53C18BD1-2E98-4154-AFFD-EFFF193EC5DA}] => (Allow) C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHSTW32.EXE
FirewallRules: [{D3DCC892-E90F-4DB3-8891-7A280CEA76DC}] => (Allow) C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHSTW32.EXE
FirewallRules: [{7EB42E73-DC7F-4C6A-817E-C43A5113EDC0}] => (Allow) C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHSTW32.EXE
FirewallRules: [{B298D64C-C433-408D-B86A-3E7A38EAB2B2}] => (Allow) C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHSTW32.EXE
FirewallRules: [{7C7091F0-AA36-4582-8727-A954465FED6D}] => (Allow) C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHSTW32.EXE
FirewallRules: [{F308DCCB-2E98-466F-9724-7358DDDE6469}] => (Allow) C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHSTW32.EXE
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [ScanManagement-RCWS-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [ScanManagement-WSD-Out-TCP] => (Allow) %SystemRoot%\System32\mmc.exe
FirewallRules: [{67E1D382-A769-4512-B1F8-485150AB6F5A}] => (Allow) LPort=11401
FirewallRules: [{E53AC2FA-CA16-411A-AE76-0E1F0362E830}] => (Allow) C:\Program Files (x86)\Canon\Color Network ScanGear\SgTool.exe
FirewallRules: [{71BD0D3D-56F2-4A19-9068-F7F79629FC13}] => (Allow) C:\Program Files (x86)\Canon\Color Network ScanGear\SgTool.exe
FirewallRules: [{79C6ED63-253E-4347-A20C-AD3581F16BE6}] => (Allow) LPort=56338
FirewallRules: [{D721AE08-5DD1-476C-B830-1B80974A0E0F}] => (Allow) LPort=56338
FirewallRules: [{B13D1C77-95BF-4428-9F90-F2B918B78183}] => (Allow) LPort=RPC
FirewallRules: [{DF85B6AE-0896-403A-A90D-A75B582396D5}] => (Allow) C:\Windows\System32\mmc.exe
FirewallRules: [{1448F6DF-DA5D-4FC2-9D4B-5B9F36EF57BB}] => (Allow) C:\Windows\System32\mmc.exe
FirewallRules: [{63AB5D9F-787E-4BC2-93B0-A8469689BCCA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{D028AAF1-7D7E-4DEF-A2CC-D6110E4F8DE4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{61CF3E41-0660-4172-866D-8DC17A96FE23}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{0C607ECB-0D21-4AFE-B9CA-576E97FD3A74}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{62DB6274-8E63-4742-80EB-11BF1BEC3607}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{D4B4FD8E-6979-43EC-B2C2-6FEC64C3BB25}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{2E28C640-3B4C-43E8-A4A2-762CC25C511E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{43C5D108-E82D-4AF9-8961-D8D0FD206317}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{C446CCDD-9DF9-4EB4-89AB-C0F2B8A2CBBA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{783D73DE-D6B6-480D-86F6-C8F17B535396}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{B8527938-6D1B-404F-ABB9-E4BC085CA6E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{6D33A5AD-00C5-45E0-9441-4127558C47DA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{A89F8725-7796-42D6-94B6-DF4042BC1EDA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{062CF2B3-2734-4E49-AB45-9164259075AC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{0FA7B0D5-5F6A-420C-A920-E1C30A218B86}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{778144C2-3962-492B-A0F7-D17C4998133E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{B82962AA-81E9-4826-AE27-4B2C294EA64B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{0A0AD4F8-8E3E-4AAA-9783-209869E18680}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{CE182FA2-C093-4B5C-AEBA-69B720FE1F5B}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D9910D3C-C58D-497C-A4EF-6A996A765A6F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{CAD6D6C6-0AD6-472C-87A1-5118030AE9E6}C:\program files (x86)\ipviewer\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ipviewer\jre\bin\javaw.exe
FirewallRules: [UDP Query User{39E2B0CB-B562-4DCC-9AA2-13A6B71BE6BC}C:\program files (x86)\ipviewer\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ipviewer\jre\bin\javaw.exe
FirewallRules: [TCP Query User{17800EC1-455E-46B0-902B-56698D463940}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{B01DFD6A-5082-40F7-9B1A-33342EC128F6}C:\totalcmd\totalcmd.exe] => (Allow) C:\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{BEE08D89-68DF-40BD-86FC-543815408F84}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1677A957-0FEE-49A9-9828-358EDDAE4B49}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{8D8B9BF5-846C-4B0D-9A55-A1FDB0C579FB}] => (Allow) LPort=135
FirewallRules: [TCP Query User{E4143F78-C44E-4327-826B-BD45D3FA287B}C:\program files (x86)\sysaidtools\sysaidrc.exe] => (Allow) C:\program files (x86)\sysaidtools\sysaidrc.exe
FirewallRules: [UDP Query User{CB865E63-D54F-49C0-9697-69BE7558C47D}C:\program files (x86)\sysaidtools\sysaidrc.exe] => (Allow) C:\program files (x86)\sysaidtools\sysaidrc.exe
FirewallRules: [TCP Query User{D41BF95E-A4FE-4D64-A778-FCAA89C2A5E8}C:\program files\sepsesam\bin\sesam\sbc.exe] => (Allow) C:\program files\sepsesam\bin\sesam\sbc.exe
FirewallRules: [UDP Query User{FD53B80E-EE16-43F1-A218-697F94519998}C:\program files\sepsesam\bin\sesam\sbc.exe] => (Allow) C:\program files\sepsesam\bin\sesam\sbc.exe
FirewallRules: [DfsMgmt-In-TCP] => (Allow) %systemroot%\system32\dfsfrsHost.exe
FirewallRules: [{FAF8DCFB-E91C-4EA6-B076-4A44CDCE0973}] => (Allow) C:\windows\system32\hasplms.exe
FirewallRules: [{5791E1D8-D897-41B6-885E-CCDA04CD294C}] => (Allow) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer.exe
FirewallRules: [{850E0BA9-1026-450C-BEF1-1600134A97AE}] => (Allow) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer.exe
FirewallRules: [{5B0844E3-1996-4001-8C79-99FC86E76E4B}] => (Allow) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer_Service.exe
FirewallRules: [{00DC6567-DC0F-43E1-8EA3-EEEC336FC2B7}] => (Allow) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer_Service.exe
FirewallRules: [{CD84AB69-2162-4D88-9995-5A7A463BA43F}] => (Allow) C:\windows\system32\hasplms.exe
FirewallRules: [TCP Query User{F5E8F312-2880-454A-B675-B12D27F74F7D}C:\program files (x86)\ipviewer\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ipviewer\jre\bin\javaw.exe
FirewallRules: [UDP Query User{B0EB9BDB-E3AF-4A16-81E7-F31EC3D544F5}C:\program files (x86)\ipviewer\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ipviewer\jre\bin\javaw.exe
FirewallRules: [{CA8ED06B-1F31-47EA-B394-9711FCD3AED4}] => (Allow) LPort=9876
FirewallRules: [{B2A66580-D29A-4FBD-9421-67E65D69D4EE}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{6C1D9175-9121-41EF-AC77-443FC6A1B7DD}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [TCP Query User{0D9EBDF7-6354-4B2F-A57D-16030183D1DB}C:\program files (x86)\ibm\client access\cwbunnav.exe] => (Allow) C:\program files (x86)\ibm\client access\cwbunnav.exe
FirewallRules: [UDP Query User{950DD8B6-B2F0-4290-9A74-FE44BD11179D}C:\program files (x86)\ibm\client access\cwbunnav.exe] => (Allow) C:\program files (x86)\ibm\client access\cwbunnav.exe
FirewallRules: [TCP Query User{C7741B13-DE0A-44F7-B8DA-AB17EB8121E8}C:\program files (x86)\ibm\client access\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ibm\client access\jre\bin\javaw.exe
FirewallRules: [UDP Query User{E4310DC9-F917-4755-8906-2625A48C892D}C:\program files (x86)\ibm\client access\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\ibm\client access\jre\bin\javaw.exe
FirewallRules: [{88172BFB-3BF6-4F88-8E0A-525A4A3166E7}] => (Allow) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer.exe
FirewallRules: [{394280E2-1121-4BCA-A3D0-9C5FDEC97FA4}] => (Allow) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer.exe
FirewallRules: [{88AB8CD9-AA96-461A-94ED-B94A04E9F3D5}] => (Allow) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer_Service.exe
FirewallRules: [{3CAD733A-469B-4252-A593-E3F3481BE6BA}] => (Allow) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer_Service.exe
FirewallRules: [TCP Query User{901697EF-D90C-4973-8E83-34CD90DB8222}C:\windows\system32\qtsp_sso.exe] => (Allow) C:\windows\system32\qtsp_sso.exe
FirewallRules: [UDP Query User{413071C4-B299-4947-B079-103C36AC17C1}C:\windows\system32\qtsp_sso.exe] => (Allow) C:\windows\system32\qtsp_sso.exe
FirewallRules: [TCP Query User{A6A18016-4D9F-4CCB-8E86-C7D1EE86368F}C:\windows\system32\qtsp_sso.exe] => (Allow) C:\windows\system32\qtsp_sso.exe
FirewallRules: [UDP Query User{10B7D496-CDD1-4CF7-B4A8-33F2894C52ED}C:\windows\system32\qtsp_sso.exe] => (Allow) C:\windows\system32\qtsp_sso.exe
FirewallRules: [TCP Query User{4A915D71-F459-459B-8F77-33DDFDA14C56}C:\program files (x86)\netop\netop remote control\guest\ngstw32.exe] => (Allow) C:\program files (x86)\netop\netop remote control\guest\ngstw32.exe
FirewallRules: [UDP Query User{91A3E083-67A5-4049-B51D-B7F3426E40E2}C:\program files (x86)\netop\netop remote control\guest\ngstw32.exe] => (Allow) C:\program files (x86)\netop\netop remote control\guest\ngstw32.exe
FirewallRules: [TCP Query User{BD2582DE-6F9F-4722-B860-68A7A58E8086}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{7761148B-8F2C-4488-BF96-5A001502DF0B}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{E9E0B1EB-84F7-4E32-8E18-85BC4BE28444}C:\users\msc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\msc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{3D05AF3A-35B4-40D1-AE7E-007A532D1F05}C:\users\msc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\msc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{DCA7E174-D754-4311-9B93-ACC686908576}] => (Allow) C:\Windows\Canon\ScanGearIR\SGIRTool.exe
FirewallRules: [{812ADEA2-0BFB-486F-A490-CF40CF90F8ED}] => (Allow) C:\Windows\Canon\ScanGearIR\SGIRTool.exe
FirewallRules: [{C503C017-2058-4C2A-8432-2B5BCCD378E5}] => (Allow) C:\Windows\Canon\ScanGearIR\SGIRTool.exe
FirewallRules: [{AADE15B8-5FC2-410F-AD79-78EB72F50BCF}] => (Allow) C:\Windows\Canon\ScanGearIR\SGIRTool.exe
FirewallRules: [{889C25C0-2FF8-42EF-807A-3B2DD507DE90}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
FirewallRules: [{76A1C04E-3842-4B40-97D4-8B6124F802E0}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
FirewallRules: [{4144D45B-F4B2-4FC8-82DD-FC50BCD4F2DB}] => (Allow) %ProgramFiles% (x86)\MailOut Enterprise Client\MailOut_Client.exe
FirewallRules: [{5306D82F-FB5C-4A15-82B5-CC46EAB0A0F8}] => (Allow) R:\Anwend\MailOut_Presse\MailOut.exe
FirewallRules: [{445A035B-A980-486A-91CB-B5D4AC20DBB6}] => (Allow) R:\Anwend\MailOut\MailOut.exe
FirewallRules: [TCP Query User{077B87C2-C24A-48AE-8146-0A40D16C584D}C:\windows\system32\qtsp_sso.exe] => (Allow) C:\windows\system32\qtsp_sso.exe
FirewallRules: [UDP Query User{0F46F93D-AA79-4A56-BBB6-493AE85C85BA}C:\windows\system32\qtsp_sso.exe] => (Allow) C:\windows\system32\qtsp_sso.exe
FirewallRules: [{49B9F9DD-F07D-42B1-8D27-73769E5EE90C}] => (Allow) LPort=500
FirewallRules: [TCP Query User{FD38C615-7990-4288-A6F7-2F504A47315F}C:\users\msc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\msc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{71BE65E7-299C-4EB7-B4CD-8E799A1A0E37}C:\users\msc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\msc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F5DBCA69-054F-474F-B55A-244D441CA37E}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{95D4C404-6B07-4D8A-B38D-1FD9C793351C}] => (Allow) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
FirewallRules: [{5197EE9D-59EF-4C10-9991-7AE1ACDFF837}] => (Allow) C:\Program Files\Microsoft Lync\UcMapi64.exe
FirewallRules: [{1F12585B-D525-461B-8935-B02D8943E1A2}] => (Allow) C:\Program Files (x86)\Netop\Netop Remote Control\Guest\ngstw32.exe
FirewallRules: [{7A1C9D3E-BE76-4DE2-8024-FD7DB707056B}] => (Allow) C:\Program Files (x86)\Netop\Netop Remote Control\Guest\ngstw32.exe
FirewallRules: [{0CDB6A57-3C2B-445D-949C-702696091404}] => (Allow) C:\Program Files (x86)\Netop\Netop Remote Control\Guest\ngstw32.exe
FirewallRules: [{081FC29F-09F0-42AC-868B-55A3066857AF}] => (Allow) C:\windows\CCM\RemCtrl\CmRcService.exe
FirewallRules: [{CC9C2AFE-4090-4075-B089-A08ECF75F73B}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{AB07EACE-3E08-42BB-AD65-E4635AED2DC0}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{4F88B27D-B203-478A-BF47-7FA97570A96A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B7FBC62F-08A3-4B35-84E0-F57B93D0A655}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe
FirewallRules: [{212DF18B-838E-49FE-9A03-D7ECB39646AA}] => (Allow) C:\Program Files (x86)\SimpleFiles\SimpleFiles.exe
FirewallRules: [{5614CA8C-3A38-4764-97D0-120672B30457}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe
FirewallRules: [{59930367-D67C-4608-8E0C-BAC136B38C8D}] => (Allow) C:\Program Files (x86)\SimpleFiles\downloader.exe
FirewallRules: [{68B80EAA-8208-4389-A7DC-5C98BB02E5AC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5A7F4B38-49CA-4498-99E2-5C9627BD1DBC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8CAC812E-A317-41B8-9B20-B5444F062C89}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D33CD476-D489-44E3-B7D1-CB151FB69AC6}] => (Allow) LPort=56668
FirewallRules: [{BE6894D8-DA24-4813-BDD6-1A09E439A969}] => (Allow) LPort=5000
FirewallRules: [{4E0CA2BE-3CD4-4888-847C-C031C78D3583}] => (Allow) LPort=49224
FirewallRules: [{60968F70-ABBF-41D0-8217-59C616AEF43E}] => (Allow) LPort=5000

==================== Faulty Device Manager Devices =============

Name: HP LaserJet 400 M401dne
Description: HP LaserJet 400 M401dne
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P1505n
Description: HP LaserJet P1505n
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet M1536dnf MFP
Description: HP LaserJet M1536dnf MFP
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet 400 M401dne
Description: HP LaserJet 400 M401dne
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet 400 M401dne
Description: HP LaserJet 400 M401dne
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet M1522nf MFP
Description: HP LaserJet M1522nf MFP
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet M1536dnf MFP
Description: HP LaserJet M1536dnf MFP
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet Pro MFP M225dn
Description: HP LaserJet Pro MFP M225dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P1505n
Description: HP LaserJet P1505n
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet 400 M401dne
Description: HP LaserJet 400 M401dne
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet M1536dnf MFP
Description: HP LaserJet M1536dnf MFP
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet 400 M401dne
Description: HP LaserJet 400 M401dne
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet M1536dnf MFP
Description: HP LaserJet M1536dnf MFP
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet M1536dnf MFP
Description: HP LaserJet M1536dnf MFP
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet M1536dnf MFP
Description: HP LaserJet M1536dnf MFP
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet Pro MFP M225dn
Description: HP LaserJet Pro MFP M225dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet M1522nf MFP
Description: HP LaserJet M1522nf MFP
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet 400 M401dne
Description: HP LaserJet 400 M401dne
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P1505n
Description: HP LaserJet P1505n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2015 Series
Description: HP LaserJet P2015 Series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P1505n
Description: HP LaserJet P1505n
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP2025dn
Description: HP Color LaserJet CP2025dn
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP Color LaserJet CP2025dn
Description: HP Color LaserJet CP2025dn
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: hp LaserJet 1320 series
Description: hp LaserJet 1320 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP Color LaserJet CP2025dn
Description: HP Color LaserJet CP2025dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P2055dn
Description: HP LaserJet P2055dn
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet P1505n
Description: HP LaserJet P1505n
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: HP LaserJet Pro MFP M225dn
Description: HP LaserJet Pro MFP M225dn
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HP LaserJet P2055x
Description: HP LaserJet P2055x
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/21/2015 01:30:03 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (07/21/2015 01:30:00 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: Erweiterungs-Agent für SNMP-Ereignisprotokoll wurde nicht richtig initialisiert.

Error: (07/21/2015 01:30:00 PM) (Source: EvntAgnt) (EventID: 1020) (User: )
Description: Fehler beim Verarbeiten von Registrierungsparametern. Erweiterungs-Agent wird beendet.

Error: (07/21/2015 01:30:00 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: Erweiterungs-Agent für SNMP-Ereignisprotokoll wurde nicht richtig initialisiert.

Error: (07/21/2015 01:30:00 PM) (Source: EvntAgnt) (EventID: 3005) (User: )
Description: Fehler beim Setzen der Position an das Ende der Protokolldatei -- Suche nach Protokollende ist fehlgeschlagen. Als Handle wurde 21102696 angegeben. Der Rückgabecode von ReadEventLog ist 122.

Error: (07/21/2015 07:48:12 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (07/21/2015 07:48:09 AM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: Erweiterungs-Agent für SNMP-Ereignisprotokoll wurde nicht richtig initialisiert.

Error: (07/21/2015 07:48:09 AM) (Source: EvntAgnt) (EventID: 1020) (User: )
Description: Fehler beim Verarbeiten von Registrierungsparametern. Erweiterungs-Agent wird beendet.

Error: (07/21/2015 07:48:09 AM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: Erweiterungs-Agent für SNMP-Ereignisprotokoll wurde nicht richtig initialisiert.

Error: (07/21/2015 07:48:09 AM) (Source: EvntAgnt) (EventID: 3005) (User: )
Description: Fehler beim Setzen der Position an das Ende der Protokolldatei -- Suche nach Protokollende ist fehlgeschlagen. Als Handle wurde 21364840 angegeben. Der Rückgabecode von ReadEventLog ist 122.


System errors:
=============
Error: (07/21/2015 01:41:52 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/21/2015 01:41:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/21/2015 01:41:43 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/21/2015 01:41:39 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/21/2015 01:41:35 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/21/2015 01:41:32 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/21/2015 01:41:28 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/21/2015 01:41:24 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/21/2015 01:41:21 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/21/2015 01:41:17 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


Microsoft Office:
=========================
Error: (07/21/2015 01:30:03 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2015 01:30:00 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: 

Error: (07/21/2015 01:30:00 PM) (Source: EvntAgnt) (EventID: 1020) (User: )
Description: 

Error: (07/21/2015 01:30:00 PM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: 

Error: (07/21/2015 01:30:00 PM) (Source: EvntAgnt) (EventID: 3005) (User: )
Description: 21102696122

Error: (07/21/2015 07:48:12 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/21/2015 07:48:09 AM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: 

Error: (07/21/2015 07:48:09 AM) (Source: EvntAgnt) (EventID: 1020) (User: )
Description: 

Error: (07/21/2015 07:48:09 AM) (Source: EvntAgnt) (EventID: 2019) (User: )
Description: 

Error: (07/21/2015 07:48:09 AM) (Source: EvntAgnt) (EventID: 3005) (User: )
Description: 21364840122


CodeIntegrity Errors:
===================================
  Date: 2015-07-13 11:43:38.989
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-13 11:43:38.911
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-13 11:43:38.848
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-13 11:43:38.755
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-08 18:29:59.918
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-08 18:29:59.858
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-08 18:29:59.784
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-04-08 18:29:59.713
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-21 11:38:48.693
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-01-21 11:38:48.646
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 60%
Total physical RAM: 8071.55 MB
Available physical RAM: 3159.02 MB
Total Virtual: 8269.75 MB
Available Virtual: 2513.5 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:185.77 GB) (Free:45.22 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:27.73 GB) (Free:12.36 GB) NTFS
Drive f: (HP_RECOVERY) (Fixed) (Total:18.16 GB) (Free:1.45 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive g: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.96 GB) FAT32
Drive h: () (Removable) (Total:3.76 GB) (Free:3.35 GB) NTFS
Drive m: (DATA) (Fixed) (Total:465.76 GB) (Free:79.59 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: C96E0141)
Partition 1: (Active) - (Size=306 MB) - (Type=42)
Partition 2: (Not Active) - (Size=185.8 GB) - (Type=42)
Partition 3: (Not Active) - (Size=52.4 GB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F113767F)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 3.8 GB) (Disk ID: 6265CD3E)
Partition 1: (Active) - (Size=3.8 GB) - (Type=07 NTFS)

==================== End of log ============================

--- --- ---

schrauber · 22.07.2015, 07:58

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Ontop144 · 22.07.2015, 08:41

Hi schrauber,

hier ist das Combofixlogfile.

Code:

ATTFilter

ComboFix 15-07-20.01 - michael.schmaus 22.07.2015   9:30.5.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8072.3220 [GMT 2:00]
ausgeführt von:: c:\users\MSC\Desktop\ComboFix.exe
AV: Webroot SecureAnywhere *Disabled/Updated* {66A6FE14-08CB-F415-3742-517201416109}
SP: Webroot SecureAnywhere *Disabled/Updated* {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\MSC\AppData\Local\assembly\tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-22 bis 2015-07-22  ))))))))))))))))))))))))))))))
.
.
2015-07-22 07:36 . 2015-07-22 07:36	--------	d-----w-	c:\users\sysaidinternal\AppData\Local\temp
2015-07-22 07:36 . 2015-07-22 07:36	--------	d-----w-	c:\users\Public\AppData\Local\temp
2015-07-22 07:36 . 2015-07-22 07:36	--------	d-----w-	c:\users\postgres\AppData\Local\temp
2015-07-22 07:36 . 2015-07-22 07:36	--------	d-----w-	c:\users\michael.schmaus\AppData\Local\temp
2015-07-22 07:36 . 2015-07-22 07:36	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2015-07-22 07:36 . 2015-07-22 07:36	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-22 07:36 . 2015-07-22 07:36	--------	d-----w-	c:\users\chris.oleszczuk\AppData\Local\temp
2015-07-22 07:36 . 2015-07-22 07:36	--------	d-----w-	c:\users\Administrator\AppData\Local\temp
2015-07-22 07:36 . 2015-07-22 07:36	--------	d-----w-	c:\users\Admin\AppData\Local\temp
2015-07-22 07:29 . 2015-07-22 07:29	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D8224C7-18CB-46BC-9417-E4042D866829}\offreg.4364.dll
2015-07-21 11:39 . 2015-07-21 11:42	--------	d-----w-	C:\FRST
2015-07-21 10:53 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 10:53 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 10:53 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 10:53 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-21 10:53 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-21 10:53 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 10:53 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-21 10:53 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-21 10:53 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-21 10:53 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-20 14:42 . 2015-07-20 14:42	--------	d-----w-	c:\users\MSC\AppData\Local\CEF
2015-07-20 11:21 . 2015-07-20 11:21	--------	d-----w-	c:\programdata\VIPRE
2015-07-20 11:21 . 2015-07-20 11:21	--------	d-----w-	c:\program files\Common Files\AV
2015-07-20 11:12 . 2015-07-21 13:26	--------	d-----w-	c:\programdata\STOPzilla!
2015-07-20 11:12 . 2015-07-20 11:12	--------	d-----w-	c:\program files (x86)\iS3
2015-07-20 10:41 . 2015-07-20 11:00	--------	d-----w-	c:\programdata\{cd5b4ee3-71a9-ecd7-cd5b-b4ee371a3b8d}
2015-07-20 08:44 . 2013-08-02 07:25	596256	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpcpp155.dll
2015-07-17 11:11 . 2015-07-17 11:11	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-07-17 11:05 . 2015-07-17 11:05	0	----a-w-	c:\windows\SysWow64\REN26F6.tmp
2015-07-15 08:24 . 2015-06-23 23:22	12221144	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{7D8224C7-18CB-46BC-9417-E4042D866829}\mpengine.dll
2015-07-15 08:21 . 2015-03-29 22:47	83624	----a-w-	c:\windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 08:21 . 2015-03-29 22:43	89264	----a-w-	c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 08:09 . 2015-05-09 18:26	493504	----a-w-	c:\windows\system32\mcupdate_GenuineIntel.dll
2015-07-14 12:54 . 2015-07-14 12:54	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2015-07-14 11:47 . 2015-07-14 11:47	--------	d-----w-	C:\RegBackup
2015-07-13 12:08 . 2015-07-13 12:08	--------	d-----w-	c:\programdata\Samsung Apps
2015-07-07 06:55 . 2015-07-07 06:55	--------	d-----w-	c:\users\MSC\AppData\Roaming\SysAid
2015-07-01 09:22 . 2015-07-01 09:22	--------	d-----w-	c:\program files\iPod
2015-07-01 09:22 . 2015-07-01 09:22	--------	d-----w-	c:\program files (x86)\iTunes
2015-07-01 09:22 . 2015-07-01 09:22	--------	d-----w-	c:\program files\iTunes
2015-06-30 06:24 . 2015-07-20 09:05	--------	d-----w-	c:\users\adminde
2015-06-27 10:29 . 2015-06-27 10:29	--------	d-s---w-	c:\windows\system32\GWX
2015-06-27 10:29 . 2015-06-27 10:29	--------	d-s---w-	c:\windows\SysWow64\GWX
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-20 15:25 . 2015-05-20 08:23	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-17 10:45 . 2015-01-26 11:24	110688	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2015-07-15 09:21 . 2013-11-20 17:31	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-15 09:21 . 2013-04-13 23:38	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-03 06:43 . 2013-07-25 15:35	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-07-01 12:25 . 2014-11-14 11:14	167632	----a-w-	c:\windows\SysWow64\WRusr.dll
2015-07-01 12:25 . 2014-11-14 11:14	117728	----a-w-	c:\windows\system32\drivers\WRkrn.sys
2015-07-01 12:25 . 2014-11-14 11:14	105320	----a-w-	c:\windows\system32\WRusr.dll
2015-06-23 11:30 . 2010-11-21 03:27	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-06-10 21:08 . 2015-06-10 21:08	6112072	----a-w-	c:\windows\system32\usbaaplrc.dll
2015-06-10 21:08 . 2015-06-10 21:08	54784	----a-w-	c:\windows\system32\drivers\usbaapl64.sys
2015-05-27 16:52 . 2015-05-27 16:52	285280	----a-w-	c:\windows\system32\drivers\afcdp.sys
2015-05-27 16:52 . 2015-05-27 16:52	943712	----a-w-	c:\windows\system32\drivers\timntr.sys
2015-05-27 16:52 . 2015-05-27 16:52	1263200	----a-w-	c:\windows\system32\drivers\tdrpm273.sys
2015-05-27 16:51 . 2015-05-27 14:49	277088	----a-w-	c:\windows\system32\drivers\snapman.sys
2015-05-27 14:49 . 2015-05-27 14:49	1477728	----a-w-	c:\windows\system32\drivers\tdrpm258.sys
2015-05-25 18:01 . 2015-06-27 10:27	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-01 13:17 . 2015-05-13 08:18	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-13 08:18	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-29 18:22 . 2015-06-11 16:12	14635008	----a-w-	c:\windows\system32\wmp.dll
2015-04-29 18:21 . 2015-06-11 16:12	5120	----a-w-	c:\windows\system32\msdxm.ocx
2015-04-29 18:21 . 2015-06-11 16:12	5120	----a-w-	c:\windows\system32\dxmasf.dll
2015-04-29 18:21 . 2015-06-11 16:12	9728	----a-w-	c:\windows\system32\spwmp.dll
2015-04-29 18:19 . 2015-06-11 16:12	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2015-04-29 18:07 . 2015-06-11 16:12	4096	----a-w-	c:\windows\SysWow64\msdxm.ocx
2015-04-29 18:07 . 2015-06-11 16:12	4096	----a-w-	c:\windows\SysWow64\dxmasf.dll
2015-04-29 18:07 . 2015-06-11 16:12	8192	----a-w-	c:\windows\SysWow64\spwmp.dll
2015-04-29 18:05 . 2015-06-11 16:12	12625408	----a-w-	c:\windows\SysWow64\wmploc.DLL
2015-04-24 18:17 . 2015-06-11 16:12	633856	----a-w-	c:\windows\system32\comctl32.dll
2015-04-24 17:56 . 2015-06-11 16:12	530432	----a-w-	c:\windows\SysWow64\comctl32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-02-20 6161176]
"CCleaner"="c:\program files\CCleaner\CCleaner64.exe" [2014-02-20 6161176]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2015-03-18 720064]
"Akamai NetSession Interface"="c:\users\MSC\AppData\Local\Akamai\netsession_win.exe" [2014-10-29 4673432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2013-07-03 56128]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-10-24 292088]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2015-06-26 41360]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2015-06-26 840592]
"Client Access Service"="c:\program files (x86)\IBM\Client Access\cwbsvstr.exe" [2010-01-15 14336]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2014-02-10 336672]
"LyncAddin"="c:\program files (x86)\Avaya\Avaya Microsoft Lync Integration\LyncAddin.exe" [2012-11-09 1933824]
"Check Point VPN"="c:\program files (x86)\CheckPoint\Endpoint Connect\TrGui.exe" [2013-12-04 826832]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2014-04-09 185144]
"MultiScreen"="" [BU]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2015-03-28 12118840]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"WRSVC"="c:\program files (x86)\Webroot\WRSA.exe" [2015-07-01 823720]
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2012-10-24 168464]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2012-10-24 139792]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2012-07-13 93296]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-01-28 5145824]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
.
c:\users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DIALit.lnk - c:\program files (x86)\CTI\DIALit-Client\Dialit32.exe [2014-6-2 10260992]
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2013-8-6 576000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2014-3-6 1396440]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"consentpromptbehavioradmin"= 0 (0x0)
"enableinstallerdetection"= 0 (0x0)
"enablesecureuiapaths"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceStartMenuLogOff"= 1 (0x1)
"TaskbarNoNotification"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u msoidssp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 WRSVC;WRSVC;c:\program files (x86)\Webroot\WRSA.exe;c:\program files (x86)\Webroot\WRSA.exe [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys;c:\windows\SYSNATIVE\DRIVERS\btwdpan.sys [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn;DATEV Schnittstellensystem pro V0300;Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn;Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn [x]
R3 Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn;DATEV Schnittstellensystem pro V0400;Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn;Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [x]
R3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);c:\windows\system32\DRIVERS\HPMo4DE3.sys;c:\windows\SYSNATIVE\DRIVERS\HPMo4DE3.sys [x]
R3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);c:\windows\system32\Drivers\HPub4DE3.sys;c:\windows\SYSNATIVE\Drivers\HPub4DE3.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 lpasvc;Microsoft Policy Platform Local Authority;c:\program files\Microsoft Policy Platform\policyHost.exe;c:\program files\Microsoft Policy Platform\policyHost.exe [x]
R3 lppsvc;Microsoft Policy Platform Processor;c:\program files\Microsoft Policy Platform\policyHost.exe;c:\program files\Microsoft Policy Platform\policyHost.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 sehutn;UTN bus;c:\windows\system32\DRIVERS\sehutn.sys;c:\windows\SYSNATIVE\DRIVERS\sehutn.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe;c:\windows\SYSNATIVE\inetsrv\wmsvc.exe [x]
R4 AdtAgent;Überwachungsweiterleitung von Microsoft Monitoring Agent;c:\windows\system32\AdtAgent.exe;c:\windows\SYSNATIVE\AdtAgent.exe [x]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
R4 PuranDefrag;PuranDefrag;c:\windows\system32\PuranDefragS.exe;c:\windows\SYSNATIVE\PuranDefragS.exe [x]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0105.sys [x]
R4 RsFx0153;RsFx0153 Driver;c:\windows\system32\DRIVERS\RsFx0153.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0153.sys [x]
R4 SQLAgent$HPWJA;SQL Server Agent (HPWJA);c:\program files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\SQLAGENT.EXE [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 System Center Management APM;Microsoft Monitoring Agent-APM;c:\program files\Microsoft System Center 2012 R2\Service Manager\APMDOTNETAgent\InterceptSvc.exe;c:\program files\Microsoft System Center 2012 R2\Service Manager\APMDOTNETAgent\InterceptSvc.exe [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys;c:\windows\SYSNATIVE\DRIVERS\hotcore3.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;c:\windows\system32\DRIVERS\SamsungRapidDiskFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidDiskFltr.sys [x]
S0 SamsungRapidFSFltr;SamsungRapidFSFltr;c:\windows\system32\DRIVERS\SamsungRapidFSFltr.sys;c:\windows\SYSNATIVE\DRIVERS\SamsungRapidFSFltr.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S0 WRkrn;WRkrn;c:\windows\System32\drivers\WRkrn.sys;c:\windows\SYSNATIVE\drivers\WRkrn.sys [x]
S1 Uim_DEVIM;UIM Direct Device Image Plugin;c:\windows\system32\DRIVERS\uim_devim.sys;c:\windows\SYSNATIVE\DRIVERS\uim_devim.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup-Dienst;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 aksdf;aksdf;c:\windows\system32\drivers\aksdf.sys;c:\windows\SYSNATIVE\drivers\aksdf.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 CmRcService;Configuration Manager-Remotesteuerung;c:\windows\CCM\RemCtrl\CmRcService.exe;c:\windows\CCM\RemCtrl\CmRcService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 gfi_lanss11_attservice;GFI LanGuard 11 Attendant Service;c:\program files (x86)\PatchManagementInstallation\Agent\lnssatt.exe;c:\program files (x86)\PatchManagementInstallation\Agent\lnssatt.exe [x]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [x]
S2 MSSQL$ACRONIS;SQL Server (ACRONIS);c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 MSSQL$HPWJA;SQL Server (HPWJA);c:\program files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\sqlservr.exe;c:\program files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\sqlservr.exe [x]
S2 NetOp Host for NT Service;NetOp Helper ver. 9.52 (2010305);c:\program files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE;c:\program files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE [x]
S2 SamsungRapidSvc;Samsung RAPID Mode Service;c:\windows\system32\RAPID\SamsungRapidSvc.exe;c:\windows\SYSNATIVE\RAPID\SamsungRapidSvc.exe [x]
S2 sm_main;SEP Sesam;c:\program files\SEPsesam\bin\sesam\sm_main.exe;c:\program files\SEPsesam\bin\sesam\sm_main.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\Teamviewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\Teamviewer\Version8\TeamViewer_Service.exe [x]
S2 TracSrvWrapper;Check Point Endpoint Security VPN;c:\program files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe;c:\program files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S2 WMCoreService;Mobile Broadband Service;c:\program files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode;c:\program files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe servicemode [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 clwvd;CyberLink Webcam Sharing Manager;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
S3 dwVSCD;NetOp Virtual Smart Card Driver;c:\windows\system32\DRIVERS\dwvscd.sys;c:\windows\SYSNATIVE\DRIVERS\dwvscd.sys [x]
S3 ecnssndis; Mobile Broadband Driver;c:\windows\system32\Drivers\wwuss64.sys;c:\windows\SYSNATIVE\Drivers\wwuss64.sys [x]
S3 ecnssndisfltr; Mobile Broadband Driver Filter;c:\windows\system32\Drivers\wwussf64.sys;c:\windows\SYSNATIVE\Drivers\wwussf64.sys [x]
S3 h36wgps;HP  Mobile Broadband Module NMEA;c:\windows\system32\DRIVERS\h36wgps64.sys;c:\windows\SYSNATIVE\DRIVERS\h36wgps64.sys [x]
S3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 Mbm3CBus;HP hs2350 HSPA+ Mobile Broadband Module USB Device (WDM);c:\windows\system32\DRIVERS\Mbm3CBus.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3CBus.sys [x]
S3 Mbm3DevMt;HP  Mobile Broadband Module Device Management Driver (WDM);c:\windows\system32\DRIVERS\Mbm3DevMt.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3DevMt.sys [x]
S3 Mbm3mdfl;HP  Mobile Broadband Module Modem Filter;c:\windows\system32\DRIVERS\Mbm3mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3mdfl.sys [x]
S3 Mbm3Mdm;HP  Mobile Broadband Module Modem Driver;c:\windows\system32\DRIVERS\Mbm3Mdm.sys;c:\windows\SYSNATIVE\DRIVERS\Mbm3Mdm.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 PsxDrv;PsxDrv;c:\windows\system32\drivers\psxdrv.sys;c:\windows\SYSNATIVE\drivers\psxdrv.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
S3 vna_ap;Check Point Virtual Network Adapter - Apollo;c:\windows\system32\DRIVERS\vnaap.sys;c:\windows\SYSNATIVE\DRIVERS\vnaap.sys [x]
S3 WwanUsbServ;Mobile Broadband Driver;c:\windows\system32\DRIVERS\WwanUsbMp64.sys;c:\windows\SYSNATIVE\DRIVERS\WwanUsbMp64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-15 07:31	991048	----a-w-	c:\program files (x86)\Google\Chrome\Application\43.0.2357.134\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-13 09:21]
.
2015-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14 12:20]
.
2015-07-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14 12:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Seagull Drivers"="ssdal_nc.exe startup" [X]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2014-07-25 8641536]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-07-03 1664000]
"qtsp_sso"="c:\windows\system32\qtsp_sso.exe" [2012-12-21 1171968]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2012-03-14 15232]
"MultiScreen"="" [BU]
"SamsungRapidApp"="c:\program files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe" [2014-09-16 281776]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-01-28 358944]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-06-29 170280]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Die markierte Nummer mit CTI anwählen - file://c:\program files (x86)\CTI\DIALit-Client\dialscript.htm
Trusted Zone: demtsr007
Trusted Zone: ets-production5
Trusted Zone: eurotax.com\compare
Trusted Zone: odetteca.com\www
Trusted Zone: salesforce.com\emea
TCP: DhcpNameServer = 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
TCP: Interfaces\{A51701BB-A804-4E1B-8457-21AFA11167D2}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
FF - ProfilePath - c:\users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\103qzzmr.default-1436867989260\
.
.
------- Dateityp-Verknüpfung -------
.
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@DACL=(02 0013)
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
@DACL=(02 0012)
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@DACL=(02 0012)
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@DACL=(02 0012)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@DACL=(02 0011)
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
@DACL=(02 0011)
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@DACL=(02 0011)
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@DACL=(02 0011)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@DACL=(02 0011)
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.mfp]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.spl]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage\.swf]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories\{31CAF6E4-D6AA-4090-A050-A5AC8972E9EF}]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories\{59FB2056-D625-48D0-A944-1A85B5AB2640}]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@DACL=(02 0011)
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@DACL=(02 0011)
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus\1]
@DACL=(02 0011)
@="131473"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@DACL=(02 0011)
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@DACL=(02 0011)
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@DACL=(02 0011)
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@DACL=(02 0011)
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@DACL=(02 0011)
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@DACL=(02 0011)
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@DACL=(02 0011)
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@DACL=(02 0011)
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable]
@DACL=(02 0011)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@DACL=(02 0011)
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@DACL=(02 0011)
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@DACL=(02 0011)
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@DACL=(02 0011)
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Environment*]
"v5Licence0"="15-CNTT-FCAV-PCMW-RR5U-3RDQ-2BENZUW"
"Activated"="N"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
Zeit der Fertigstellung: 2015-07-22  09:39:05
ComboFix-quarantined-files.txt  2015-07-22 07:39
ComboFix2.txt  2015-07-13 09:47
ComboFix3.txt  2015-04-08 16:35
ComboFix4.txt  2015-01-21 10:48
.
Vor Suchlauf: 44 Verzeichnis(se), 49.353.809.920 Bytes frei
Nach Suchlauf: 46 Verzeichnis(se), 48.325.853.184 Bytes frei
.
- - End Of File - - A0C708E8AA079F3836478D08A9745EEE

Gruß, Ontop144

schrauber · 23.07.2015, 05:41

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Ontop144 · 23.07.2015, 14:52

So, jetzt habe ich die Logfiles.

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.7 (07.13.2015:1)
OS: Windows 7 Ultimate x64
Ran by michael.schmaus on 23.07.2015 at 15:40:55,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\REN26F6.tmp



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\MSC\AppData\Roaming\mozilla\firefox\profiles\103qzzmr.default-1436867989260\extensions\toolbar@gmx.net
Successfully deleted the following from C:\Users\MSC\AppData\Roaming\mozilla\firefox\profiles\103qzzmr.default-1436867989260\prefs.js

user_pref(extensions.unitedinternet.email.runonceNewUsersShown, true);
Emptied folder: C:\Users\MSC\AppData\Roaming\mozilla\firefox\profiles\103qzzmr.default-1436867989260\minidumps [1 files]



~~~ Chrome


[C:\Users\MSC\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\MSC\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\MSC\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\MSC\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.07.2015 at 15:46:01,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

# AdwCleaner v4.208 - Bericht erstellt 23/07/2015 um 15:38:38
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : michael.schmaus - NB1140
# Gestarted von : C:\Users\MSC\Desktop\adwcleaner_4.208.exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\ProgramData\{cd5b4ee3-71a9-ecd7-cd5b-b4ee371a3b8d}

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Daten Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}

***** [ Internetbrowser ] *****

-\\ Internet Explorer v10.0.9200.17410


-\\ Mozilla Firefox v39.0 (x86 de)


-\\ Google Chrome v43.0.2357.134


*************************

AdwCleaner[R12].txt - [2343 Bytes] - [21/10/2014 07:54:38]
AdwCleaner[R15].txt - [6687 Bytes] - [20/05/2015 10:08:43]
AdwCleaner[R16].txt - [1301 Bytes] - [20/05/2015 10:15:01]
AdwCleaner[R18].txt - [1538 Bytes] - [14/07/2015 08:11:48]
AdwCleaner[R19].txt - [1442 Bytes] - [14/07/2015 13:36:28]
AdwCleaner[R1].txt - [1225 Bytes] - [14/10/2013 12:14:30]
AdwCleaner[R20].txt - [1878 Bytes] - [23/07/2015 15:38:38]
AdwCleaner[S10].txt - [6927 Bytes] - [20/05/2015 10:12:02]
AdwCleaner[S12].txt - [1598 Bytes] - [14/07/2015 08:26:46]
AdwCleaner[S1].txt - [1286 Bytes] - [14/10/2013 13:21:09]
AdwCleaner[S7].txt - [2346 Bytes] - [21/10/2014 07:55:43]

########## EOF - C:\AdwCleaner\AdwCleaner[R20].txt - [2176 Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 23.07.2015
Suchlauf-Zeit: 15:13:33
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.07.23.02
Rootkit Datenbank: v2015.07.22.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: michael.schmaus

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 747005
Verstrichene Zeit: 10 Min, 42 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

... das frische FRST habe ich doch glatt vergessen.

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by michael.schmaus (administrator) on NB1140 on 23-07-2015 15:51:31
Running from H:\
Loaded Profiles: michael.schmaus (Available Profiles: Admin & postgres & sysaidinternal & AdminDE & Chris.Oleszczuk & michael.schmaus & michael.schmaus & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer_Service.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\tv_x64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\CCM\SCNotification.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\snmp.exe
(Microsoft Corporation) C:\Windows\CCM\RemCtrl\cmrcservice.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Microsoft Corporation) C:\Program Files\Microsoft Policy Platform\policyHost.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [8641536 2014-07-25] (Broadcom Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-07-03] (IDT, Inc.)
HKLM\...\Run: [qtsp_sso] => C:\windows\system32\qtsp_sso.exe [1171968 2012-12-21] (Avaya Inc.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MultiScreen] => [X]
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [358944 2011-01-28] (Acronis)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-08-01] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2013-07-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-10-24] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-06-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Client Access Service] => C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe [14336 2010-01-15] (IBM Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-02-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [LyncAddin] => C:\Program Files (x86)\Avaya\Avaya Microsoft Lync Integration\LyncAddin.exe [1933824 2012-11-09] (Microsoft)
HKLM-x32\...\Run: [Check Point VPN] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGui.exe [826832 2013-12-04] (Check Point Software Technologies)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2014-04-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MultiScreen] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12118840 2015-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [823720 2015-07-01] (Webroot)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168464 2012-10-25] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [139792 2012-10-25] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-14] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5145824 2011-01-28] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [Akamai NetSession Interface] => C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-03-11]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-10-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DIALit.lnk [2014-11-05]
ShortcutTarget: DIALit.lnk -> C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe (ek-soft GmbH)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-08-06]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DIALit.lnk [2014-11-05]
ShortcutTarget: DIALit.lnk -> C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe (ek-soft GmbH)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-08-06]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
GroupPolicyScripts: Group Policy detected <======= ATTENTION
GroupPolicyScripts\User: Group Policy detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Microsoft Web Recorder Helper -> {06D7D698-1ECD-407F-A1C9-EFA54860490A} -> C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Console\Microsoft.Mom.RecorderBarBHO.dll [2013-09-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-11-03] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1383306434877
Tcpip\Parameters: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{80710E33-1517-4612-A89E-CDD41C5A0DD9}: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{A51701BB-A804-4E1B-8457-21AFA11167D2}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\103qzzmr.default-1436867989260
FF SearchEngineOrder.2: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-05-28] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\MSC\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-05-28] (Cisco WebEx LLC)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-07-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-18]
FF HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Firefox\Extensions: [firefoxaddon@ek-soft.de] - C:\Program Files (x86)\CTI\DIALit-Client\Firefox
FF Extension: ek-soft CTI Add ON - C:\Program Files (x86)\CTI\DIALit-Client\Firefox [2014-06-16]
FF HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14]
CHR Extension: (Google Drive) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-14]
CHR Extension: (YouTube) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-14]
CHR Extension: (GMX MailCheck) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2015-07-14]
CHR Extension: (Google Search) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14]
CHR Extension: (Google Wallet) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-14]
CHR Extension: (Gmail) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdtAgent; C:\Windows\system32\AdtAgent.exe [410808 2013-09-06] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 CcmExec; C:\windows\CCM\CcmExec.exe [1571000 2013-09-11] (Microsoft Corporation)
R2 CmRcService; C:\windows\CCM\RemCtrl\CmRcService.exe [577712 2014-05-29] (Microsoft Corporation)
S3 Cwbrxd; C:\windows\cwbrxd.exe [94208 2010-01-15] (IBM Corporation) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
S2 gfi_lanss11_attservice; C:\Program Files (x86)\PatchManagementInstallation\Agent\lnssatt.exe [133496 2012-11-23] (GFI Software Development Ltd.)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-07-14] (SurfRight B.V.)
S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
S2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-02-10] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-10-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-10-24] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-10-24] (Intel Corporation)
R3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
S3 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
S2 MSSQL$ACRONIS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 MSSQL$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
S2 NetOp Host for NT Service; C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE [1516568 2010-11-01] (Netop Business Solutions A/S)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S4 PuranDefrag; C:\windows\system32\PuranDefragS.exe [292736 2013-08-15] (Puran Software) [File not signed]
S2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 smstsmgr; C:\windows\CCM\TSManager.exe [276152 2013-09-11] (Microsoft Corporation)
S2 sm_main; C:\Program Files\SEPsesam\bin\sesam\sm_main.exe [362696 2015-03-10] (SEP AG)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-21] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-21] (Microsoft Corporation)
S4 SQLAgent$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation)
S3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-07-03] (IDT, Inc.) [File not signed]
S2 SysAidAgent; C:\Program Files\SysAid\SysAidSM.exe [23192 2015-04-01] (SysAid Technology Ltd.)
S4 System Center Management APM; C:\Program Files\Microsoft System Center 2012 R2\Service Manager\APMDOTNETAgent\InterceptSvc.exe [626872 2013-09-06] (Microsoft Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4880512 2013-12-04] (Check Point Software Technologies)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5894144 2014-07-25] (Broadcom Corporation) [File not signed]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [823720 2015-07-01] (Webroot)
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn [X]
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-07-14] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 dwVSCD; C:\Windows\System32\DRIVERS\dwvscd.sys [11904 2010-11-01] (Danware Data A/S)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 h36wgps; C:\Windows\System32\DRIVERS\h36wgps64.sys [103184 2012-03-02] (Ericsson AB)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331144 2013-03-11] (SafeNet Inc.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2014-05-19] (Paragon Software Group)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-08-24] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-07-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2012-11-21] (Microsoft Corporation)
R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-14] (Microsoft Corporation)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 sehutn; C:\Windows\System32\DRIVERS\sehutn.sys [49328 2013-10-08] (SEH Computertechnik GmbH)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-09] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-09] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-09] ()
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2012-09-20] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [456952 2013-12-04] (Check Point Software Technologies Ltd.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2015-07-01] (Webroot)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [284912 2013-11-25] (Ericsson AB)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 dmboot; No ImagePath
U0 SR; No ImagePath
U2 srservice; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-23 15:46 - 2015-07-23 15:46 - 00001617 _____ C:\Users\MSC\Desktop\JRT.txt
2015-07-23 15:34 - 2015-07-23 15:36 - 00001210 _____ C:\mbam.txt
2015-07-23 14:04 - 2015-07-23 14:07 - 00018662 _____ C:\autoreply.txt
2015-07-23 08:50 - 2015-07-23 10:00 - 00011775 _____ C:\Windows\WindowsUpdate.log
2015-07-22 19:23 - 2015-07-22 19:23 - 00000000 ____D C:\Scripts
2015-07-22 18:52 - 2015-07-22 18:52 - 00000000 ____D C:\Users\MSC\AppData\Local\NuGet
2015-07-22 17:13 - 2015-07-22 17:13 - 00000000 ____D C:\Users\MSC\AppData\Roaming\NuGet
2015-07-22 17:12 - 2015-07-22 17:12 - 00000000 ____D C:\Users\MSC\AppData\Local\PackageManagement
2015-07-22 17:12 - 2015-07-22 17:12 - 00000000 ____D C:\Program Files\PackageManagement
2015-07-22 16:57 - 2015-07-22 16:57 - 00000000 ____D C:\Windows\SysWOW64\Configuration
2015-07-22 16:55 - 2015-04-23 05:13 - 02172928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-07-22 16:55 - 2015-04-23 05:13 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Register-CimProvider.exe
2015-07-22 16:55 - 2015-04-23 05:12 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-07-22 16:55 - 2015-04-23 05:12 - 00139264 _____ (Windows (R) Win 7 DDK provider) C:\Windows\SysWOW64\DscCoreConfProv.dll
2015-07-22 16:55 - 2015-04-23 05:12 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidcom.dll
2015-07-22 16:55 - 2015-04-23 05:11 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pwrshplugin.dll
2015-07-22 16:55 - 2015-04-23 05:11 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2015-07-22 16:55 - 2015-04-23 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrssrv.dll
2015-07-22 16:55 - 2015-04-23 05:10 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrscmd.dll
2015-07-22 16:55 - 2015-04-23 05:10 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wecutil.exe
2015-07-22 16:55 - 2015-04-23 05:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prvdmofcomp.dll
2015-07-22 16:55 - 2015-04-23 05:10 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrshost.exe
2015-07-22 16:55 - 2015-04-23 05:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-07-22 16:55 - 2015-04-23 05:09 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtfwd.dll
2015-07-22 16:55 - 2015-04-23 05:09 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wecapi.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00535552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmGCDeps.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mi.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrs.exe
2015-07-22 16:55 - 2015-04-23 05:08 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PSModuleDiscoveryProvider.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2015-07-22 16:55 - 2015-04-23 05:08 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrsmgr.dll
2015-07-22 16:55 - 2015-04-23 05:07 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2015-07-22 16:55 - 2015-04-23 05:07 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2015-07-22 16:55 - 2015-04-23 05:07 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-07-22 16:55 - 2015-04-23 05:06 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn2.dll
2015-07-22 16:55 - 2015-04-23 05:05 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimofcodec.dll
2015-07-22 16:55 - 2015-04-23 05:05 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mibincodec.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2015-07-22 16:55 - 2015-04-23 03:56 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\DscTimer.dll
2015-07-22 16:55 - 2015-04-23 03:55 - 02613760 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-07-22 16:55 - 2015-04-23 03:55 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\DscProxy.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\mpeval.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\wmidcom.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Register-CimProvider.exe
2015-07-22 16:55 - 2015-04-23 03:53 - 00196096 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\DscCoreConfProv.dll
2015-07-22 16:55 - 2015-04-23 03:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\prvdmofcomp.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe
2015-07-22 16:55 - 2015-04-23 03:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-07-22 16:55 - 2015-04-23 03:51 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll
2015-07-22 16:55 - 2015-04-23 03:51 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll
2015-07-22 16:55 - 2015-04-23 03:51 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe
2015-07-22 16:55 - 2015-04-23 03:51 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\WsmGCDeps.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\mi.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\PSModuleDiscoveryProvider.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe
2015-07-22 16:55 - 2015-04-23 03:49 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2015-07-22 16:55 - 2015-04-23 03:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-07-22 16:55 - 2015-04-23 03:49 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00001536 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll
2015-07-22 16:55 - 2015-04-23 03:47 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn2.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\mpunits.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\mimofcodec.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mibincodec.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2015-07-22 10:34 - 2015-07-22 10:34 - 00000000 ____D C:\LocalDumps
2015-07-22 09:39 - 2015-07-22 09:39 - 00039270 _____ C:\ComboFix.txt
2015-07-21 13:39 - 2015-07-23 15:51 - 00000000 ____D C:\FRST
2015-07-21 12:54 - 2015-07-02 22:31 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-21 12:54 - 2015-07-02 21:15 - 14384640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-21 12:54 - 2015-07-02 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-21 12:54 - 2015-07-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-21 12:54 - 2015-06-29 15:30 - 02865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-21 12:54 - 2015-06-29 15:27 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 13771264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-21 12:54 - 2015-06-17 15:28 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-21 12:54 - 2015-06-17 15:26 - 15415296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-21 12:54 - 2015-06-17 15:26 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-21 12:54 - 2015-06-11 20:03 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-21 12:54 - 2015-06-11 19:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-21 12:54 - 2015-06-11 19:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-07-21 12:54 - 2015-06-11 19:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-07-21 12:53 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 12:53 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 12:53 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 16:42 - 2015-07-20 16:42 - 00000000 ____D C:\Users\MSC\AppData\Local\CEF
2015-07-20 13:21 - 2015-07-20 13:21 - 00000000 ____D C:\ProgramData\VIPRE
2015-07-20 13:21 - 2015-07-20 13:21 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-20 13:12 - 2015-07-21 15:26 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-07-20 13:12 - 2015-07-20 13:12 - 00000000 ____D C:\Program Files (x86)\iS3
2015-07-20 12:41 - 2015-07-20 13:00 - 00000000 ____D C:\ProgramData\{cd5b4ee3-71a9-ecd7-cd5b-b4ee371a3b8d}
2015-07-16 09:31 - 2015-07-16 09:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 10:21 - 2015-03-30 00:47 - 00083624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 10:21 - 2015-03-30 00:43 - 00089264 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 10:10 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 10:10 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 10:10 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 10:10 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 10:10 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 10:09 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-15 09:26 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 09:26 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 09:26 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 09:26 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 09:26 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 09:26 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 09:26 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 09:26 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 09:26 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 09:26 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 09:26 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 09:26 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 09:26 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 09:26 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 09:26 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 09:26 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 09:26 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 09:26 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 09:26 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 09:26 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 09:26 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 09:26 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 09:26 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 09:26 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 09:26 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 09:26 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 09:26 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 09:26 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 09:26 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 09:26 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 09:26 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 09:26 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 09:26 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 09:26 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 09:26 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 14:54 - 2015-07-14 14:54 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-14 14:54 - 2015-07-14 14:54 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-14 14:54 - 2015-07-14 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 14:21 - 2015-07-15 09:33 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 14:21 - 2015-07-14 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-14 14:20 - 2015-07-23 15:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 14:20 - 2015-07-23 09:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 14:20 - 2015-07-16 09:32 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-14 14:20 - 2015-07-16 09:32 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-14 13:47 - 2015-07-14 13:47 - 00000207 _____ C:\Windows\tweaking.com-regbackup-NB1140-Windows-7-Ultimate-(64-bit).dat
2015-07-14 13:47 - 2015-07-14 13:47 - 00000000 ____D C:\RegBackup
2015-07-14 13:43 - 2015-07-14 13:43 - 03034266 _____ (Malwarebytes Corporation) C:\Users\MSC\Desktop\JRT.exe
2015-07-14 11:59 - 2015-07-14 11:59 - 00000000 ____D C:\Users\MSC\Desktop\Alte Firefox-Daten
2015-07-14 10:47 - 2015-07-20 13:00 - 00000410 _____ C:\Windows\system32\.crusader
2015-07-14 10:40 - 2015-07-14 10:40 - 00001909 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-07-14 10:40 - 2015-07-14 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-07-13 18:01 - 2015-07-13 18:01 - 00002018 _____ C:\Users\MSC\Documents\Silverlieght in allen Browsern aktivieren.txt
2015-07-13 14:17 - 2015-07-14 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-13 14:08 - 2015-07-13 14:08 - 00003122 _____ C:\Windows\System32\Tasks\Samsung_PSSD_Registration
2015-07-13 11:30 - 2015-07-13 11:29 - 02248704 _____ C:\Users\MSC\Desktop\adwcleaner_4.208.exe
2015-07-13 11:09 - 2015-04-08 18:32 - 00000027 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-07 08:55 - 2015-07-07 08:55 - 00000000 ____D C:\Users\MSC\AppData\Roaming\SysAid
2015-07-03 09:33 - 2015-07-23 15:38 - 00005591 _____ C:\Users\MSC\Documents\ETG-Server.rdg
2015-07-02 13:41 - 2011-08-04 00:48 - 120893960 _____ (Oracle ) C:\Users\MSC\Downloads\SmartView.exe
2015-07-02 08:50 - 2015-07-02 08:50 - 00001088 _____ C:\Users\MSC\Documents\WER_Debug.reg
2015-07-02 08:44 - 2015-07-16 10:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-02 08:44 - 2015-07-02 08:44 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-01 11:23 - 2015-07-01 11:23 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-01 11:23 - 2015-07-01 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files\iTunes
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files\iPod
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-06-30 08:26 - 2015-06-30 14:21 - 00002234 ____H C:\Users\adminde\Documents\Default.rdp
2015-06-30 08:26 - 2015-06-30 08:26 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Intel Corporation
2015-06-30 08:25 - 2015-06-30 14:19 - 00000000 ____D C:\Users\adminde\Tracing
2015-06-30 08:25 - 2015-06-30 08:25 - 00124488 _____ C:\Users\adminde\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\Documents\IBM
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\Documents\Bluetooth Exchange Folder
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Synaptics
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\ICAClient
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\IBM
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\hpqLog
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Hewlett-Packard
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Avaya
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Apple Computer
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Packages
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Hewlett-Packard_Developme
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Citrix
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Broadcom
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Adobe
2015-06-30 08:24 - 2015-07-20 11:05 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B921448-3CB6-4172-AC13-1384D54539F1}
2015-06-30 08:24 - 2015-07-20 11:05 - 00001200 __RSH C:\Users\adminde\ntuser.pol
2015-06-30 08:24 - 2015-07-20 11:05 - 00000000 ____D C:\Users\adminde
2015-06-30 08:24 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Adobe
2015-06-30 08:24 - 2015-06-30 08:24 - 00001425 _____ C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Vorlagen
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Startmenü
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Netzwerkumgebung
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Lokale Einstellungen
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Eigene Dateien
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Druckumgebung
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Documents\Eigene Musik
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Documents\Eigene Bilder
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Local\Verlauf
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Local\Anwendungsdaten
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Anwendungsdaten
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 ____D C:\Users\adminde\AppData\Local\Google
2015-06-30 08:24 - 2013-09-12 15:58 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Macromedia
2015-06-30 08:24 - 2013-07-20 07:02 - 00000000 ____D C:\Users\adminde\AppData\Local\Microsoft Help
2015-06-30 08:24 - 2013-04-14 01:33 - 00000000 ___HD C:\Users\adminde\Documents\hp.system.package.metadata
2015-06-30 08:24 - 2011-02-11 07:19 - 00000020 ___SH C:\Users\adminde\ntuser.ini
2015-06-30 08:24 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-30 08:24 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-27 12:29 - 2015-06-27 12:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-27 12:29 - 2015-06-27 12:29 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-27 12:27 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-27 12:27 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-27 12:27 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-27 12:27 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-27 12:27 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-27 12:27 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-27 12:27 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-27 12:27 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-27 12:27 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-27 12:27 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-27 12:27 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-27 12:27 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-27 12:27 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-23 15:47 - 2013-07-05 11:11 - 00000580 _____ C:\Windows\SMSCFG.ini
2015-07-23 15:44 - 2013-07-03 12:02 - 00002072 _____ C:\Windows\system32\config\netlogon.ftl
2015-07-23 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2015-07-23 15:40 - 2014-11-14 13:14 - 00000000 ____D C:\ProgramData\WRData
2015-07-23 15:39 - 2013-10-14 12:14 - 00000000 ____D C:\AdwCleaner
2015-07-23 15:37 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\CrashDumps
2015-07-23 15:37 - 2012-02-09 16:30 - 00000000 ____D C:\Users\MSC\Documents\Outlook-Dateien
2015-07-23 15:21 - 2013-04-14 01:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-23 15:13 - 2015-05-20 10:23 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-23 14:53 - 2012-02-09 16:12 - 00000000 ____D C:\Users\MSC\Documents\WindowsPowershell
2015-07-23 13:38 - 2009-07-14 06:45 - 00042336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-23 13:38 - 2009-07-14 06:45 - 00042336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-23 10:25 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-23 09:59 - 2013-07-03 14:11 - 00026804 __RSH C:\ProgramData\ntuser.pol
2015-07-23 09:15 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Deployment
2015-07-23 08:56 - 2012-02-09 12:10 - 00000000 ____D C:\Users\MSC\Documents\DIALIT
2015-07-23 08:52 - 2013-04-13 22:35 - 00993636 _____ C:\Windows\system32\perfh007.dat
2015-07-23 08:52 - 2013-04-13 22:35 - 00255424 _____ C:\Windows\system32\perfc007.dat
2015-07-23 08:52 - 2009-07-14 07:13 - 02420374 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-23 08:49 - 2014-01-31 10:49 - 00000000 ____D C:\Users\MSC\Tracing
2015-07-23 08:48 - 2015-05-29 10:52 - 00000782 _____ C:\Users\Public\Desktop\SysAid.lnk
2015-07-23 08:48 - 2015-05-29 10:52 - 00000000 ____D C:\Program Files\SysAid
2015-07-23 08:48 - 2014-08-15 14:19 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-23 08:48 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-22 18:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Windows\system32\dsc
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Windows\system32\Configuration
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Program Files\WindowsPowerShell
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Program Files (x86)\WindowsPowerShell
2015-07-22 16:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-22 09:39 - 2013-11-15 10:41 - 00000000 ____D C:\Qoobox
2015-07-22 09:39 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Apps\2.0
2015-07-22 09:36 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-22 09:28 - 2013-11-15 10:38 - 05632853 ____R (Swearware) C:\Users\MSC\Desktop\ComboFix.exe
2015-07-21 13:34 - 2011-02-11 07:14 - 00000000 ____D C:\Windows\Panther
2015-07-21 13:29 - 2009-07-14 06:45 - 00529888 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 07:47 - 2013-06-21 00:13 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-07-20 16:03 - 2013-10-14 12:11 - 00000000 ____D C:\Program Files\HitmanPro
2015-07-20 15:45 - 2013-07-30 18:13 - 00000600 _____ C:\Users\MSC\AppData\Roaming\winscp.rnd
2015-07-20 15:45 - 2013-07-30 18:07 - 00000600 _____ C:\Users\MSC\AppData\Local\PUTTY.RND
2015-07-20 11:28 - 2013-07-30 12:45 - 00000000 ____D C:\Users\MSC
2015-07-20 11:11 - 2013-08-01 12:49 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{02EBB676-2F51-4EB5-BF5C-EFF12763F7AF}
2015-07-20 10:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\spool
2015-07-17 13:06 - 2015-01-26 13:24 - 00000000 ____D C:\Program Files\Java
2015-07-17 12:45 - 2015-01-26 13:24 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-17 10:28 - 2012-02-09 16:30 - 00000000 ____D C:\Users\MSC\IPViewer
2015-07-17 08:19 - 2013-07-30 12:05 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00002026 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-07-17 08:08 - 2013-08-02 09:12 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-07-15 11:21 - 2013-11-20 19:31 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 11:21 - 2013-04-14 01:38 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 11:21 - 2013-04-14 01:38 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 10:50 - 2014-12-10 19:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 10:50 - 2014-05-05 09:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 10:26 - 2013-04-14 01:02 - 02394654 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-15 10:23 - 2013-07-19 13:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 10:20 - 2013-08-01 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-15 10:20 - 2013-08-01 12:34 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-15 10:17 - 2013-07-25 17:46 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 14:36 - 2014-06-16 11:18 - 00001062 _____ C:\Users\Public\Desktop\DIALit.lnk
2015-07-14 14:36 - 2014-06-16 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DIALit
2015-07-14 14:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Speech
2015-07-14 14:21 - 2015-01-27 16:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-14 14:21 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Google
2015-07-14 10:47 - 2014-07-26 10:46 - 00000000 ____D C:\Users\MSC\AppData\Roaming\NirSoft Utilities
2015-07-14 10:47 - 2013-10-14 12:06 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-14 09:04 - 2013-07-05 11:09 - 00000000 ____D C:\Windows\ccmsetup
2015-07-13 11:08 - 2015-05-27 14:47 - 00002549 _____ C:\Users\Public\Desktop\Paragon Backup and Recovery™ 2014 Free.lnk
2015-07-13 11:08 - 2013-07-30 13:49 - 00001527 _____ C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 11:08 - 2013-07-03 10:57 - 00001529 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 11:08 - 2013-07-03 10:57 - 00001523 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-07-13 09:20 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-07 08:56 - 2014-05-14 09:38 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-07-07 08:55 - 2013-07-03 14:17 - 00000000 ____D C:\Windows\system32\appmgmt
2015-07-07 08:55 - 2013-04-14 01:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-06 17:38 - 2012-02-08 15:35 - 00000000 ____D C:\Temp
2015-07-03 09:17 - 2015-02-17 08:23 - 00006219 _____ C:\Users\MSC\Documents\ETS-Server.rdg.old
2015-07-03 08:43 - 2013-07-25 17:35 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 13:59 - 2013-07-30 13:49 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Adobe
2015-07-02 13:58 - 2014-08-22 10:32 - 00000000 ____D C:\Users\MSC\AppData\Local\Adobe
2015-07-02 11:29 - 2014-11-12 12:43 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieBrowserModeList
2015-07-02 11:29 - 2014-04-09 14:33 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieUserList
2015-07-02 11:29 - 2014-04-09 14:33 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieSiteList
2015-07-02 08:44 - 2013-07-30 12:03 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-02 08:43 - 2013-07-30 12:03 - 00000000 ____D C:\ProgramData\Adobe
2015-07-01 14:25 - 2014-11-14 13:14 - 00167632 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-07-01 14:25 - 2014-11-14 13:14 - 00117728 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-07-01 14:25 - 2014-11-14 13:14 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-07-01 11:26 - 2013-07-30 18:09 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Apple Computer
2015-07-01 11:22 - 2015-03-18 14:44 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-01 11:22 - 2015-03-18 14:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-30 09:18 - 2015-04-14 15:02 - 00000000 ____D C:\Users\MSC\Documents\Wohnung
2015-06-30 08:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-29 08:43 - 2013-07-25 17:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-29 08:43 - 2013-07-25 17:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-27 12:29 - 2014-09-09 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Lync
2015-06-27 12:29 - 2014-09-09 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Lync
2015-06-27 12:28 - 2014-09-09 12:36 - 00000000 ____D C:\Program Files\Microsoft Lync
2015-06-27 12:28 - 2013-07-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-07-30 18:12 - 2013-01-24 18:35 - 0023176 _____ () C:\Users\MSC\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2013-07-30 18:12 - 2014-10-06 12:53 - 0023164 _____ () C:\Users\MSC\AppData\Roaming\Microsoft Excel 97-2003.ADR
2013-11-08 14:24 - 2015-02-09 18:50 - 0081642 _____ () C:\Users\MSC\AppData\Roaming\MultiScreen_log.log
2015-04-16 08:46 - 2015-04-16 08:46 - 0033193 _____ () C:\Users\MSC\AppData\Roaming\UserTile.png
2013-07-30 18:13 - 2015-07-20 15:45 - 0000600 _____ () C:\Users\MSC\AppData\Roaming\winscp.rnd
2013-07-30 18:04 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\AtStart.txt
2013-07-30 18:04 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\DSwitch.txt
2013-07-30 18:07 - 2015-07-20 15:45 - 0000600 _____ () C:\Users\MSC\AppData\Local\PUTTY.RND
2013-07-30 18:07 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\QSwitch.txt
2013-07-30 18:07 - 2012-12-02 16:08 - 0001832 _____ () C:\Users\MSC\AppData\Local\SLC_msc.prx
2013-10-18 17:29 - 2013-10-18 18:23 - 0000826 _____ () C:\ProgramData\hpzinstall.log
2013-08-01 12:45 - 2013-08-01 12:45 - 0000266 _____ () C:\ProgramData\LEDM_AdaptorInstall.log
2013-12-09 11:21 - 2013-12-09 14:12 - 0000227 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

ZeroAccess:
C:\Users\MSC\AppData\Local\682008ce
C:\Users\MSC\AppData\Local\682008ce\@

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-23 13:29

==================== End of log ============================

schrauber · 24.07.2015, 06:47

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Ontop144 · 24.07.2015, 10:01

Hier ist das ESET log file

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a33c1c9574edc549a0cb5452eff3393f
# engine=15485
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-15 12:29:23
# local_time=2013-10-15 02:29:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776638 100 94 5875794 133470013 0 0
# scanned=313738
# found=4
# cleaned=0
# scan_time=17166
sh=EA48CD96C476F65D0AECD0F977A972FFD154A6FA ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\dfqc50@ytkxfpxaf.co.uk\content\bg.js"
sh=CAC59A2DA32C0D7480153E6390C4C4283971EDD2 ft=0 fh=0000000000000000 vn="probably a variant of Win32/SdBot.NAOGICU trojan" ac=I fn="D:\Downloads\LOGINventory.v4.5.7.0.1637-BEAN.zip"
sh=72DEE4B364218DE2C89907F8E06535C0B1FA74AE ft=0 fh=0000000000000000 vn="a variant of Win32/Kryptik.BEPP trojan" ac=I fn="D:\Downloads\VMWare_ESX_v4_1_keygen.zip"
sh=0727DBE20918D3AF151357456F669892A58F2429 ft=0 fh=0000000000000000 vn="a variant of Win32/Injector.YMC trojan" ac=I fn="D:\Downloads\VMware_vCenter_Server_version_5_keygen.zip"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a33c1c9574edc549a0cb5452eff3393f
# engine=15491
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-10-15 12:56:48
# local_time=2013-10-15 02:56:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776638 100 94 5877439 133471658 0 0
# scanned=72496
# found=0
# cleaned=0
# scan_time=825
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a33c1c9574edc549a0cb5452eff3393f
# end=init
# utc_time=2015-07-24 06:02:14
# local_time=2015-07-24 08:02:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24953
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a33c1c9574edc549a0cb5452eff3393f
# end=updated
# utc_time=2015-07-24 06:04:41
# local_time=2015-07-24 08:04:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a33c1c9574edc549a0cb5452eff3393f
# engine=24953
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-24 07:28:47
# local_time=2015-07-24 09:28:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776637 100 94 55086 189352777 0 0
# compatibility_mode_1='Webroot SecureAnywhere'
# compatibility_mode=16130 16777213 42 66 1969409 15771424 0 0
# scanned=411577
# found=26
# cleaned=0
# scan_time=5045
sh=66A6A2E76557FE695CDED1844C17C9F6D431D222 ft=1 fh=c71c00119cc71bfd vn="Variante von Win32/Adware.MultiPlug.FL Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.exe.vir"
sh=52FBBE6C9D6469D3DD991F0A70A724D9FB28BBBC ft=1 fh=c71c001152e2de0d vn="Win64/Adware.MultiPlug.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.x64.dll.vir"
sh=68D4D432614D2532628C80E31D08BBA59D26EED9 ft=1 fh=c71c001116eff48f vn="Variante von Win32/Adware.MultiPlug.IX Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\mozilla firefox\dbghelp.dll.vir"
sh=5ECA1EB94D04DDBE04B94FFBD20363B5D4A33471 ft=1 fh=2c78867d4da1feb7 vn="Variante von Win32/Adware.MultiPlug.HY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\{e8f62260-3bf5-9a5e-e8f6-622603bf8980}\AOMEI.Dynamic.Disk.Manager.Pro.1.2.0.0.rar.exe.vir"
sh=5EAF7A8708BD380D1E5C6DCB08C81F01EA51B55C ft=1 fh=0a01f86c9f1de115 vn="Win32/DownWare.W evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Program Files\PC-WELT-Fix-it-Pack\Tools\driveridentifier_setup.exe"
sh=71AF1BB6BA76B100120AB2F5B9E82767F03A296A ft=1 fh=cc3978980b7840b4 vn="Win32/Packed.ASProtect.AAB Trojaner" ac=I fn="C:\Program Files (x86)\Avaya\C3000\Fax Printer\pdfspme.dll"
sh=C126957A944E8B606A06D08B9DC69171275D43C4 ft=1 fh=7d8f2496a41e1a7b vn="Variante von Win32/BrowseFox.BA evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\See Results Hub\Extensions\c3cbfe5d-53c1-44f9-8442-6faaf005aaa9.dll.vir"
sh=0AF20A38416D2CFABC0742C2BA528F5E78BEA4C0 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\hog1wvxp@mumnjwtj.com\content\bg.js.vir"
sh=DDB9F1EDAA69AB1CD80CE820F0B8ED73E3BC2DB1 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\rbyi2@uibieo.co.uk\content\bg.js.vir"
sh=DF678B81D0A2C063E5467C5113DCCFF238B44DC4 ft=1 fh=55941976f4437196 vn="Variante von Win32/Systweak.L evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\swsetup\WinZBas\Setup.exe"
sh=35598302B1F171080A5C6649D455E10B7B753CD8 ft=1 fh=d9acd49d2d33c7ed vn="Win32/Toolbar.Babylon evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Tools\ExcelRecovery\setup.exe"
sh=5F5C2B79CC1C584AAA11B5960AA618E2AD958BBA ft=1 fh=9ae7f7a15173a472 vn="Variante von Win32/InstallShare.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\MSC\AppData\Local\InstallShare\2_16472_installer.exe"
sh=17FED21A8547CFA0C488795F76F3AA0F870E3CBD ft=0 fh=0000000000000000 vn="Win32/Packed.ASProtect.AAB Trojaner" ac=I fn="C:\Windows\Installer\932638.msi"
sh=B49883F9F0353B15AEE87E3BFA81E3055C3B2363 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Windows\Installer\98d22a2.msi"
sh=AEE0B5F1AE8564D7E4CCD032EDF7AD88339BFF4E ft=1 fh=88c3bdc65b0afccf vn="Variante von Win32/Systweak.R evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\Downloads\HP_(Hewlett_Packard)_ProBook_5320m_Treiber_Update_10-2014.exe"
sh=D99A141433D1E004A35266106958ABAB59660FA7 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\Downloads\Installer (Right Click and select extract)(1).zip"
sh=3ED9E7DFE76114EF89AA5EF870541E62ED4AEFA9 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\Downloads\Installer (Right Click and select extract).zip"
sh=7117F97780A260A8B073968FBE56553B6A3F3649 ft=1 fh=14c0a9ac9cd14c4b vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\Downloads\olftag15 - CHIP-Installer.exe"
sh=51AA2470380CAF060A73AAB30046BDE692276BE7 ft=1 fh=e5d17b5d6f6decc1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\Downloads\Paragon Backup Recovery 2014 Free - CHIP-Installer.exe"
sh=DFDE43AD609CB0B51DDC88BDAD7C9EA8FFE25453 ft=1 fh=01c79f91cc830746 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\Downloads\Paragon Partition Manager 2014 Free - CHIP-Installer.exe"
sh=D151864F5F2D772D0FC4ACBA9A22F37C4A8F9F50 ft=1 fh=d9076f755b74a6f8 vn="Win32/DownWare.W evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\Downloads\pcwWinFixItPack_setup.exe"
sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\Downloads\Unlocker1.9.2.exe"
sh=72DEE4B364218DE2C89907F8E06535C0B1FA74AE ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.BEPP Trojaner" ac=I fn="D:\Downloads\VMWare_ESX_v4_1_keygen.zip"
sh=0727DBE20918D3AF151357456F669892A58F2429 ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.YMC Trojaner" ac=I fn="D:\Downloads\VMware_vCenter_Server_version_5_keygen.zip"
sh=3DED641B6A1921CDFF92D210CEB8543BBB243DFF ft=1 fh=e0b2a7a263ddc9d0 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\Downloads\wclassic2 - CHIP-Installer.exe"

Hier ist das Log file vom SecurityCheck

Code:

ATTFilter

 Results of screen317's Security Check version 1.004  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 18.0.0.209  
 Mozilla Firefox (39.0) 
 Google Chrome (43.0.2357.132) 
 Google Chrome (43.0.2357.134) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 Common Files Microsoft Shared Microsoft Online Services MSOIDSVC.EXE 
 Common Files Microsoft Shared Microsoft Online Services MSOIDSvcm.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Und dann noch das aktuelle FRST

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by michael.schmaus (administrator) on NB1140 on 24-07-2015 10:59:51
Running from D:\Downloads
Loaded Profiles: michael.schmaus (Available Profiles: Admin & postgres & sysaidinternal & AdminDE & Chris.Oleszczuk & michael.schmaus & michael.schmaus & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\psxss.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Netop Business Solutions A/S) C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(SEP AG) C:\Program Files\SEPsesam\bin\sesam\sm_main.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(SEP AG) C:\Program Files\SEPsesam\bin\sesam\sm_ctrld_main.exe
() C:\Program Files\SEPsesam\bin\sesam\sm_sshd.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SysAid Technology Ltd.) C:\Program Files\SysAid\SysAidSM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\snmp.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer_Service.exe
(SysAid Technology Ltd.) C:\Program Files\SysAid\SysAidWorker.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\PatchManagementInstallation\Agent\lnssatt.exe
(Apache Software Foundation) C:\Program Files (x86)\PatchManagementInstallation\Agent\Httpd\bin\httpd.exe
(Apache Software Foundation) C:\Program Files (x86)\PatchManagementInstallation\Agent\Httpd\bin\httpd.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\PatchManagementInstallation\Agent\mantle.exe
(Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(Microsoft Corporation) C:\Windows\CCM\RemCtrl\cmrcservice.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Avaya Inc.) C:\Windows\System32\qtsp_sso.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Akamai Technologies, Inc.) C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ek-soft GmbH) C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe
(Akamai Technologies, Inc.) C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\tv_x64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Microsoft) C:\Program Files (x86)\Avaya\Avaya Microsoft Lync Integration\LyncAddin.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Lync\communicator.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\CCM\SCNotification.exe
(ek-soft GmbH) C:\Program Files (x86)\CTI\DIALit-Client\TeleTab.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtwLyncIntf\BtwLyncIntf.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Inedo, LLC) C:\Program Files\ProGet\Service\ProGet.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [8641536 2014-07-25] (Broadcom Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-07-03] (IDT, Inc.)
HKLM\...\Run: [qtsp_sso] => C:\windows\system32\qtsp_sso.exe [1171968 2012-12-21] (Avaya Inc.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MultiScreen] => [X]
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [358944 2011-01-28] (Acronis)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-08-01] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2013-07-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-10-24] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-06-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Client Access Service] => C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe [14336 2010-01-15] (IBM Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-02-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [LyncAddin] => C:\Program Files (x86)\Avaya\Avaya Microsoft Lync Integration\LyncAddin.exe [1933824 2012-11-09] (Microsoft)
HKLM-x32\...\Run: [Check Point VPN] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGui.exe [826832 2013-12-04] (Check Point Software Technologies)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2014-04-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MultiScreen] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12118840 2015-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [823720 2015-07-01] (Webroot)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168464 2012-10-25] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [139792 2012-10-25] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-14] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5145824 2011-01-28] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [Akamai NetSession Interface] => C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-03-11]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-10-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DIALit.lnk [2014-11-05]
ShortcutTarget: DIALit.lnk -> C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe (ek-soft GmbH)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-08-06]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DIALit.lnk [2014-11-05]
ShortcutTarget: DIALit.lnk -> C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe (ek-soft GmbH)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-08-06]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
GroupPolicyScripts: Group Policy detected <======= ATTENTION
GroupPolicyScripts\User: Group Policy detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Microsoft Web Recorder Helper -> {06D7D698-1ECD-407F-A1C9-EFA54860490A} -> C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Console\Microsoft.Mom.RecorderBarBHO.dll [2013-09-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-11-03] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1383306434877
Tcpip\Parameters: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{80710E33-1517-4612-A89E-CDD41C5A0DD9}: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{A51701BB-A804-4E1B-8457-21AFA11167D2}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF ProfilePath: C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\103qzzmr.default-1436867989260
FF SearchEngineOrder.2: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-05-28] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\MSC\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-05-28] (Cisco WebEx LLC)
FF Extension: GMX MailCheck - C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\103qzzmr.default-1436867989260\Extensions\toolbar@gmx.net [2015-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-07-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-18]
FF HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Firefox\Extensions: [firefoxaddon@ek-soft.de] - C:\Program Files (x86)\CTI\DIALit-Client\Firefox
FF Extension: ek-soft CTI Add ON - C:\Program Files (x86)\CTI\DIALit-Client\Firefox [2014-06-16]
FF HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14]
CHR Extension: (Google Drive) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-14]
CHR Extension: (YouTube) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-14]
CHR Extension: (GMX MailCheck) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2015-07-14]
CHR Extension: (Google Search) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14]
CHR Extension: (Google Wallet) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-14]
CHR Extension: (Gmail) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdtAgent; C:\Windows\system32\AdtAgent.exe [410808 2013-09-06] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 CcmExec; C:\windows\CCM\CcmExec.exe [1571000 2013-09-11] (Microsoft Corporation)
R2 CmRcService; C:\windows\CCM\RemCtrl\CmRcService.exe [577712 2014-05-29] (Microsoft Corporation)
S3 Cwbrxd; C:\windows\cwbrxd.exe [94208 2010-01-15] (IBM Corporation) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [File not signed]
R2 gfi_lanss11_attservice; C:\Program Files (x86)\PatchManagementInstallation\Agent\lnssatt.exe [133496 2012-11-23] (GFI Software Development Ltd.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-07-14] (SurfRight B.V.)
S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-02-10] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-10-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 INEDOPROGETSVC; C:\Program Files\ProGet\Service\ProGet.Service.exe [133120 2015-07-16] (Inedo, LLC) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-10-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-10-24] (Intel Corporation)
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
S3 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 MSSQL$ACRONIS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
R2 MSSQL$PROGET; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-11] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 NetOp Host for NT Service; C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE [1516568 2010-11-01] (Netop Business Solutions A/S)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S4 PuranDefrag; C:\windows\system32\PuranDefragS.exe [292736 2013-08-15] (Puran Software) [File not signed]
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 smstsmgr; C:\windows\CCM\TSManager.exe [276152 2013-09-11] (Microsoft Corporation)
R2 sm_main; C:\Program Files\SEPsesam\bin\sesam\sm_main.exe [362696 2015-03-10] (SEP AG)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-21] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-21] (Microsoft Corporation)
S4 SQLAgent$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation)
R3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-07-03] (IDT, Inc.) [File not signed]
R2 SysAidAgent; C:\Program Files\SysAid\SysAidSM.exe [23192 2015-04-01] (SysAid Technology Ltd.)
S4 System Center Management APM; C:\Program Files\Microsoft System Center 2012 R2\Service Manager\APMDOTNETAgent\InterceptSvc.exe [626872 2013-09-06] (Microsoft Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [File not signed]
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4880512 2013-12-04] (Check Point Software Technologies)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5894144 2014-07-25] (Broadcom Corporation) [File not signed]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [823720 2015-07-01] (Webroot)
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn [X]
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-07-14] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 dwVSCD; C:\Windows\System32\DRIVERS\dwvscd.sys [11904 2010-11-01] (Danware Data A/S)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 h36wgps; C:\Windows\System32\DRIVERS\h36wgps64.sys [103184 2012-03-02] (Ericsson AB)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331144 2013-03-11] (SafeNet Inc.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2014-05-19] (Paragon Software Group)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-08-24] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-07-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2012-11-21] (Microsoft Corporation)
R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-14] (Microsoft Corporation)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 sehutn; C:\Windows\System32\DRIVERS\sehutn.sys [49328 2013-10-08] (SEH Computertechnik GmbH)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-09] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-09] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-09] ()
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2012-09-20] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [456952 2013-12-04] (Check Point Software Technologies Ltd.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2015-07-01] (Webroot)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [284912 2013-11-25] (Ericsson AB)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 dmboot; No ImagePath
U0 SR; No ImagePath
U2 srservice; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-24 09:15 - 2015-07-24 09:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Inedo
2015-07-24 09:14 - 2015-07-24 09:15 - 00000000 ____D C:\ProgramData\ProGet
2015-07-24 09:14 - 2015-07-24 09:14 - 00000000 ____D C:\Program Files\ProGet
2015-07-24 09:04 - 2015-07-24 09:04 - 00003034 _____ C:\Users\MSC\Desktop\(X.systems.press) Peter Monadjemi (auth.)-PowerShell für die Windows-Administration_ Ein kompakter und praxisnaher Überblick-Vieweg+Teubner Verlag (2014).pdf - Verknüpfung.lnk
2015-07-24 08:10 - 2015-07-24 08:17 - 00000000 ____D C:\Users\MSC\Documents\Powershell
2015-07-24 08:01 - 2015-07-24 08:01 - 00022257 _____ C:\Users\MSC\Desktop\Error_ProGet.txt
2015-07-24 08:00 - 2015-07-24 07:58 - 02870984 _____ (ESET) C:\Users\MSC\Desktop\esetsmartinstaller_deu.exe
2015-07-23 15:46 - 2015-07-23 15:46 - 00001617 _____ C:\Users\MSC\Desktop\JRT.txt
2015-07-23 15:34 - 2015-07-23 15:36 - 00001210 _____ C:\mbam.txt
2015-07-23 14:04 - 2015-07-23 14:07 - 00018662 _____ C:\autoreply.txt
2015-07-23 08:50 - 2015-07-24 10:59 - 00021530 _____ C:\Windows\WindowsUpdate.log
2015-07-22 19:23 - 2015-07-22 19:23 - 00000000 ____D C:\Scripts
2015-07-22 18:52 - 2015-07-22 18:52 - 00000000 ____D C:\Users\MSC\AppData\Local\NuGet
2015-07-22 17:13 - 2015-07-22 17:13 - 00000000 ____D C:\Users\MSC\AppData\Roaming\NuGet
2015-07-22 17:12 - 2015-07-22 17:12 - 00000000 ____D C:\Users\MSC\AppData\Local\PackageManagement
2015-07-22 17:12 - 2015-07-22 17:12 - 00000000 ____D C:\Program Files\PackageManagement
2015-07-22 16:57 - 2015-07-22 16:57 - 00000000 ____D C:\Windows\SysWOW64\Configuration
2015-07-22 16:55 - 2015-04-23 05:13 - 02172928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-07-22 16:55 - 2015-04-23 05:13 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Register-CimProvider.exe
2015-07-22 16:55 - 2015-04-23 05:12 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-07-22 16:55 - 2015-04-23 05:12 - 00139264 _____ (Windows (R) Win 7 DDK provider) C:\Windows\SysWOW64\DscCoreConfProv.dll
2015-07-22 16:55 - 2015-04-23 05:12 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidcom.dll
2015-07-22 16:55 - 2015-04-23 05:11 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pwrshplugin.dll
2015-07-22 16:55 - 2015-04-23 05:11 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2015-07-22 16:55 - 2015-04-23 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrssrv.dll
2015-07-22 16:55 - 2015-04-23 05:10 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrscmd.dll
2015-07-22 16:55 - 2015-04-23 05:10 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wecutil.exe
2015-07-22 16:55 - 2015-04-23 05:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prvdmofcomp.dll
2015-07-22 16:55 - 2015-04-23 05:10 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrshost.exe
2015-07-22 16:55 - 2015-04-23 05:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-07-22 16:55 - 2015-04-23 05:09 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtfwd.dll
2015-07-22 16:55 - 2015-04-23 05:09 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wecapi.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00535552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmGCDeps.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mi.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrs.exe
2015-07-22 16:55 - 2015-04-23 05:08 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PSModuleDiscoveryProvider.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2015-07-22 16:55 - 2015-04-23 05:08 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrsmgr.dll
2015-07-22 16:55 - 2015-04-23 05:07 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2015-07-22 16:55 - 2015-04-23 05:07 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2015-07-22 16:55 - 2015-04-23 05:07 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-07-22 16:55 - 2015-04-23 05:06 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn2.dll
2015-07-22 16:55 - 2015-04-23 05:05 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimofcodec.dll
2015-07-22 16:55 - 2015-04-23 05:05 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mibincodec.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2015-07-22 16:55 - 2015-04-23 03:56 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\DscTimer.dll
2015-07-22 16:55 - 2015-04-23 03:55 - 02613760 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-07-22 16:55 - 2015-04-23 03:55 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\DscProxy.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\mpeval.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\wmidcom.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Register-CimProvider.exe
2015-07-22 16:55 - 2015-04-23 03:53 - 00196096 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\DscCoreConfProv.dll
2015-07-22 16:55 - 2015-04-23 03:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\prvdmofcomp.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe
2015-07-22 16:55 - 2015-04-23 03:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-07-22 16:55 - 2015-04-23 03:51 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll
2015-07-22 16:55 - 2015-04-23 03:51 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll
2015-07-22 16:55 - 2015-04-23 03:51 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe
2015-07-22 16:55 - 2015-04-23 03:51 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\WsmGCDeps.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\mi.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\PSModuleDiscoveryProvider.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe
2015-07-22 16:55 - 2015-04-23 03:49 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2015-07-22 16:55 - 2015-04-23 03:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-07-22 16:55 - 2015-04-23 03:49 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00001536 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll
2015-07-22 16:55 - 2015-04-23 03:47 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn2.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\mpunits.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\mimofcodec.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mibincodec.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2015-07-22 10:34 - 2015-07-22 10:34 - 00000000 ____D C:\LocalDumps
2015-07-22 09:39 - 2015-07-22 09:39 - 00039270 _____ C:\ComboFix.txt
2015-07-21 13:39 - 2015-07-24 10:59 - 00000000 ____D C:\FRST
2015-07-21 12:54 - 2015-07-02 22:31 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-21 12:54 - 2015-07-02 21:15 - 14384640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-21 12:54 - 2015-07-02 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-21 12:54 - 2015-07-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-21 12:54 - 2015-06-29 15:30 - 02865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-21 12:54 - 2015-06-29 15:27 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 13771264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-21 12:54 - 2015-06-17 15:28 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-21 12:54 - 2015-06-17 15:26 - 15415296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-21 12:54 - 2015-06-17 15:26 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-21 12:54 - 2015-06-11 20:03 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-21 12:54 - 2015-06-11 19:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-21 12:54 - 2015-06-11 19:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-07-21 12:54 - 2015-06-11 19:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-07-21 12:53 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 12:53 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 12:53 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 16:42 - 2015-07-20 16:42 - 00000000 ____D C:\Users\MSC\AppData\Local\CEF
2015-07-20 13:21 - 2015-07-20 13:21 - 00000000 ____D C:\ProgramData\VIPRE
2015-07-20 13:21 - 2015-07-20 13:21 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-20 13:12 - 2015-07-21 15:26 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-07-20 13:12 - 2015-07-20 13:12 - 00000000 ____D C:\Program Files (x86)\iS3
2015-07-20 12:41 - 2015-07-20 13:00 - 00000000 ____D C:\ProgramData\{cd5b4ee3-71a9-ecd7-cd5b-b4ee371a3b8d}
2015-07-16 09:31 - 2015-07-16 09:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 10:21 - 2015-03-30 00:47 - 00083624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 10:21 - 2015-03-30 00:43 - 00089264 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 10:10 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 10:10 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 10:10 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 10:10 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 10:10 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 10:09 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-15 09:26 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 09:26 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 09:26 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 09:26 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 09:26 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 09:26 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 09:26 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 09:26 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 09:26 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 09:26 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 09:26 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 09:26 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 09:26 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 09:26 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 09:26 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 09:26 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 09:26 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 09:26 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 09:26 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 09:26 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 09:26 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 09:26 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 09:26 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 09:26 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 09:26 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 09:26 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 09:26 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 09:26 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 09:26 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 09:26 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 09:26 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 09:26 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 09:26 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 09:26 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 09:26 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 14:54 - 2015-07-14 14:54 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-14 14:54 - 2015-07-14 14:54 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-14 14:54 - 2015-07-14 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 14:21 - 2015-07-15 09:33 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 14:21 - 2015-07-14 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-14 14:20 - 2015-07-24 10:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 14:20 - 2015-07-24 09:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 14:20 - 2015-07-16 09:32 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-14 14:20 - 2015-07-16 09:32 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-14 13:47 - 2015-07-14 13:47 - 00000207 _____ C:\Windows\tweaking.com-regbackup-NB1140-Windows-7-Ultimate-(64-bit).dat
2015-07-14 13:47 - 2015-07-14 13:47 - 00000000 ____D C:\RegBackup
2015-07-14 13:43 - 2015-07-14 13:43 - 03034266 _____ (Malwarebytes Corporation) C:\Users\MSC\Desktop\JRT.exe
2015-07-14 11:59 - 2015-07-14 11:59 - 00000000 ____D C:\Users\MSC\Desktop\Alte Firefox-Daten
2015-07-14 10:47 - 2015-07-20 13:00 - 00000410 _____ C:\Windows\system32\.crusader
2015-07-14 10:40 - 2015-07-14 10:40 - 00001909 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-07-14 10:40 - 2015-07-14 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-07-13 18:01 - 2015-07-13 18:01 - 00002018 _____ C:\Users\MSC\Documents\Silverlieght in allen Browsern aktivieren.txt
2015-07-13 14:17 - 2015-07-14 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-13 14:08 - 2015-07-13 14:08 - 00003122 _____ C:\Windows\System32\Tasks\Samsung_PSSD_Registration
2015-07-13 11:30 - 2015-07-13 11:29 - 02248704 _____ C:\Users\MSC\Desktop\adwcleaner_4.208.exe
2015-07-13 11:09 - 2015-04-08 18:32 - 00000027 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-07 08:55 - 2015-07-07 08:55 - 00000000 ____D C:\Users\MSC\AppData\Roaming\SysAid
2015-07-03 09:33 - 2015-07-24 08:01 - 00006026 _____ C:\Users\MSC\Documents\ETG-Server.rdg
2015-07-02 13:41 - 2011-08-04 00:48 - 120893960 _____ (Oracle ) C:\Users\MSC\Downloads\SmartView.exe
2015-07-02 08:50 - 2015-07-02 08:50 - 00001088 _____ C:\Users\MSC\Documents\WER_Debug.reg
2015-07-02 08:44 - 2015-07-16 10:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-02 08:44 - 2015-07-02 08:44 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-01 11:23 - 2015-07-01 11:23 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-01 11:23 - 2015-07-01 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files\iTunes
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files\iPod
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-06-30 08:26 - 2015-06-30 14:21 - 00002234 ____H C:\Users\adminde\Documents\Default.rdp
2015-06-30 08:26 - 2015-06-30 08:26 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Intel Corporation
2015-06-30 08:25 - 2015-06-30 14:19 - 00000000 ____D C:\Users\adminde\Tracing
2015-06-30 08:25 - 2015-06-30 08:25 - 00124488 _____ C:\Users\adminde\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\Documents\IBM
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\Documents\Bluetooth Exchange Folder
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Synaptics
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\ICAClient
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\IBM
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\hpqLog
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Hewlett-Packard
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Avaya
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Apple Computer
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Packages
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Hewlett-Packard_Developme
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Citrix
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Broadcom
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Adobe
2015-06-30 08:24 - 2015-07-20 11:05 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B921448-3CB6-4172-AC13-1384D54539F1}
2015-06-30 08:24 - 2015-07-20 11:05 - 00001200 __RSH C:\Users\adminde\ntuser.pol
2015-06-30 08:24 - 2015-07-20 11:05 - 00000000 ____D C:\Users\adminde
2015-06-30 08:24 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Adobe
2015-06-30 08:24 - 2015-06-30 08:24 - 00001425 _____ C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Vorlagen
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Startmenü
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Netzwerkumgebung
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Lokale Einstellungen
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Eigene Dateien
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Druckumgebung
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Documents\Eigene Musik
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Documents\Eigene Bilder
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Local\Verlauf
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Local\Anwendungsdaten
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Anwendungsdaten
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 ____D C:\Users\adminde\AppData\Local\Google
2015-06-30 08:24 - 2013-09-12 15:58 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Macromedia
2015-06-30 08:24 - 2013-07-20 07:02 - 00000000 ____D C:\Users\adminde\AppData\Local\Microsoft Help
2015-06-30 08:24 - 2013-04-14 01:33 - 00000000 ___HD C:\Users\adminde\Documents\hp.system.package.metadata
2015-06-30 08:24 - 2011-02-11 07:19 - 00000020 ___SH C:\Users\adminde\ntuser.ini
2015-06-30 08:24 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-30 08:24 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-27 12:29 - 2015-06-27 12:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-27 12:29 - 2015-06-27 12:29 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-27 12:27 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-27 12:27 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-27 12:27 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-27 12:27 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-27 12:27 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-27 12:27 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-27 12:27 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-27 12:27 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-27 12:27 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-27 12:27 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-27 12:27 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-27 12:27 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-27 12:27 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-24 10:59 - 2015-01-29 16:23 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-07-24 10:59 - 2013-07-30 18:09 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Notepad++
2015-07-24 10:59 - 2013-07-03 14:11 - 00026804 __RSH C:\ProgramData\ntuser.pol
2015-07-24 10:58 - 2014-11-14 13:14 - 00000000 ____D C:\ProgramData\WRData
2015-07-24 10:55 - 2013-07-03 12:02 - 00002072 _____ C:\Windows\system32\config\netlogon.ftl
2015-07-24 10:48 - 2012-02-09 16:30 - 00000000 ____D C:\Users\MSC\Documents\Outlook-Dateien
2015-07-24 10:21 - 2013-04-14 01:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-24 09:18 - 2015-05-20 10:23 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-24 09:14 - 2013-08-01 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-24 09:14 - 2013-04-14 01:02 - 02449500 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-24 09:14 - 2013-04-13 22:35 - 01040974 _____ C:\Windows\system32\perfh007.dat
2015-07-24 09:14 - 2013-04-13 22:35 - 00273456 _____ C:\Windows\system32\perfc007.dat
2015-07-24 08:54 - 2012-02-09 16:12 - 00000000 ____D C:\Users\MSC\Documents\WindowsPowershell
2015-07-24 07:59 - 2013-10-15 09:36 - 00852662 _____ C:\Users\MSC\Desktop\SecurityCheck.exe
2015-07-24 07:36 - 2013-08-02 09:12 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-07-24 07:36 - 2009-07-14 06:45 - 00042336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-24 07:36 - 2009-07-14 06:45 - 00042336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-24 07:31 - 2014-01-31 10:49 - 00000000 ____D C:\Users\MSC\Tracing
2015-07-24 07:31 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\CrashDumps
2015-07-24 07:31 - 2012-02-09 12:10 - 00000000 ____D C:\Users\MSC\Documents\DIALIT
2015-07-24 07:28 - 2009-07-14 07:13 - 02420374 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-24 07:26 - 2013-07-05 11:11 - 00000580 _____ C:\Windows\SMSCFG.ini
2015-07-24 07:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2015-07-24 07:24 - 2015-05-29 10:52 - 00000782 _____ C:\Users\Public\Desktop\SysAid.lnk
2015-07-24 07:23 - 2015-05-29 10:52 - 00000000 ____D C:\Program Files\SysAid
2015-07-24 07:23 - 2014-08-15 14:19 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-24 07:23 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-23 15:39 - 2013-10-14 12:14 - 00000000 ____D C:\AdwCleaner
2015-07-23 10:25 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-23 09:15 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Deployment
2015-07-22 18:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Windows\system32\dsc
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Windows\system32\Configuration
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Program Files\WindowsPowerShell
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Program Files (x86)\WindowsPowerShell
2015-07-22 16:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-22 09:39 - 2013-11-15 10:41 - 00000000 ____D C:\Qoobox
2015-07-22 09:39 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Apps\2.0
2015-07-22 09:36 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-22 09:28 - 2013-11-15 10:38 - 05632853 ____R (Swearware) C:\Users\MSC\Desktop\ComboFix.exe
2015-07-21 13:34 - 2011-02-11 07:14 - 00000000 ____D C:\Windows\Panther
2015-07-21 13:29 - 2009-07-14 06:45 - 00529888 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 07:47 - 2013-06-21 00:13 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-07-20 16:03 - 2013-10-14 12:11 - 00000000 ____D C:\Program Files\HitmanPro
2015-07-20 15:45 - 2013-07-30 18:13 - 00000600 _____ C:\Users\MSC\AppData\Roaming\winscp.rnd
2015-07-20 15:45 - 2013-07-30 18:07 - 00000600 _____ C:\Users\MSC\AppData\Local\PUTTY.RND
2015-07-20 11:28 - 2013-07-30 12:45 - 00000000 ____D C:\Users\MSC
2015-07-20 11:11 - 2013-08-01 12:49 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{02EBB676-2F51-4EB5-BF5C-EFF12763F7AF}
2015-07-20 10:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\spool
2015-07-17 13:06 - 2015-01-26 13:24 - 00000000 ____D C:\Program Files\Java
2015-07-17 12:45 - 2015-01-26 13:24 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-17 10:28 - 2012-02-09 16:30 - 00000000 ____D C:\Users\MSC\IPViewer
2015-07-17 08:19 - 2013-07-30 12:05 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00002026 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-07-15 11:21 - 2013-11-20 19:31 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 11:21 - 2013-04-14 01:38 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 11:21 - 2013-04-14 01:38 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 10:50 - 2014-12-10 19:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 10:50 - 2014-05-05 09:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 10:23 - 2013-07-19 13:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 10:20 - 2013-08-01 12:34 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-15 10:17 - 2013-07-25 17:46 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 14:36 - 2014-06-16 11:18 - 00001062 _____ C:\Users\Public\Desktop\DIALit.lnk
2015-07-14 14:36 - 2014-06-16 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DIALit
2015-07-14 14:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Speech
2015-07-14 14:21 - 2015-01-27 16:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-14 14:21 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Google
2015-07-14 10:47 - 2014-07-26 10:46 - 00000000 ____D C:\Users\MSC\AppData\Roaming\NirSoft Utilities
2015-07-14 10:47 - 2013-10-14 12:06 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-14 09:04 - 2013-07-05 11:09 - 00000000 ____D C:\Windows\ccmsetup
2015-07-13 11:08 - 2015-05-27 14:47 - 00002549 _____ C:\Users\Public\Desktop\Paragon Backup and Recovery™ 2014 Free.lnk
2015-07-13 11:08 - 2013-07-30 13:49 - 00001527 _____ C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 11:08 - 2013-07-03 10:57 - 00001529 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 11:08 - 2013-07-03 10:57 - 00001523 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-07-13 09:20 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-07 08:56 - 2014-05-14 09:38 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-07-07 08:55 - 2013-07-03 14:17 - 00000000 ____D C:\Windows\system32\appmgmt
2015-07-07 08:55 - 2013-04-14 01:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-06 17:38 - 2012-02-08 15:35 - 00000000 ____D C:\Temp
2015-07-03 09:17 - 2015-02-17 08:23 - 00006219 _____ C:\Users\MSC\Documents\ETS-Server.rdg.old
2015-07-03 08:43 - 2013-07-25 17:35 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 13:59 - 2013-07-30 13:49 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Adobe
2015-07-02 13:58 - 2014-08-22 10:32 - 00000000 ____D C:\Users\MSC\AppData\Local\Adobe
2015-07-02 11:29 - 2014-11-12 12:43 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieBrowserModeList
2015-07-02 11:29 - 2014-04-09 14:33 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieUserList
2015-07-02 11:29 - 2014-04-09 14:33 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieSiteList
2015-07-02 08:44 - 2013-07-30 12:03 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-02 08:43 - 2013-07-30 12:03 - 00000000 ____D C:\ProgramData\Adobe
2015-07-01 14:25 - 2014-11-14 13:14 - 00167632 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-07-01 14:25 - 2014-11-14 13:14 - 00117728 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-07-01 14:25 - 2014-11-14 13:14 - 00105320 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-07-01 11:26 - 2013-07-30 18:09 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Apple Computer
2015-07-01 11:22 - 2015-03-18 14:44 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-01 11:22 - 2015-03-18 14:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-30 09:18 - 2015-04-14 15:02 - 00000000 ____D C:\Users\MSC\Documents\Wohnung
2015-06-30 08:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-29 08:43 - 2013-07-25 17:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-29 08:43 - 2013-07-25 17:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-27 12:29 - 2014-09-09 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Lync
2015-06-27 12:29 - 2014-09-09 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Lync
2015-06-27 12:28 - 2014-09-09 12:36 - 00000000 ____D C:\Program Files\Microsoft Lync
2015-06-27 12:28 - 2013-07-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Files in the root of some directories =======

2013-07-30 18:12 - 2013-01-24 18:35 - 0023176 _____ () C:\Users\MSC\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2013-07-30 18:12 - 2014-10-06 12:53 - 0023164 _____ () C:\Users\MSC\AppData\Roaming\Microsoft Excel 97-2003.ADR
2013-11-08 14:24 - 2015-02-09 18:50 - 0081642 _____ () C:\Users\MSC\AppData\Roaming\MultiScreen_log.log
2015-04-16 08:46 - 2015-04-16 08:46 - 0033193 _____ () C:\Users\MSC\AppData\Roaming\UserTile.png
2013-07-30 18:13 - 2015-07-20 15:45 - 0000600 _____ () C:\Users\MSC\AppData\Roaming\winscp.rnd
2013-07-30 18:04 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\AtStart.txt
2013-07-30 18:04 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\DSwitch.txt
2013-07-30 18:07 - 2015-07-20 15:45 - 0000600 _____ () C:\Users\MSC\AppData\Local\PUTTY.RND
2013-07-30 18:07 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\QSwitch.txt
2013-07-30 18:07 - 2012-12-02 16:08 - 0001832 _____ () C:\Users\MSC\AppData\Local\SLC_msc.prx
2013-10-18 17:29 - 2013-10-18 18:23 - 0000826 _____ () C:\ProgramData\hpzinstall.log
2013-08-01 12:45 - 2013-08-01 12:45 - 0000266 _____ () C:\ProgramData\LEDM_AdaptorInstall.log
2013-12-09 11:21 - 2013-12-09 14:12 - 0000227 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

ZeroAccess:
C:\Users\MSC\AppData\Local\682008ce
C:\Users\MSC\AppData\Local\682008ce\@

Some files in TEMP:
====================
C:\Users\MSC\AppData\Local\Temp\npp.6.7.9.2.Installer.exe
C:\Users\MSC\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-23 13:29

==================== End of log ============================

schrauber · 24.07.2015, 16:38

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\dfqc50@ytkxfpxaf.co.uk\content\bg.js

D:\Downloads\LOGINventory.v4.5.7.0.1637-BEAN.zip

D:\Downloads\VMWare_ESX_v4_1_keygen.zip

D:\Downloads\VMware_vCenter_Server_version_5_keygen.zip

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.dll.vir

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.exe.vir

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.x64.dll.vir

C:\AdwCleaner\Quarantine\C\Program Files (x86)\mozilla firefox\dbghelp.dll.vir

C:\AdwCleaner\Quarantine\C\ProgramData\{e8f62260-3bf5-9a5e-e8f6-622603bf8980}\AOMEI.Dynamic.Disk.Manager.Pro.1.2.0.0.rar.exe.vir

C:\Program Files\PC-WELT-Fix-it-Pack\Tools\driveridentifier_setup.exe

C:\Program Files (x86)\Avaya\C3000\Fax Printer\pdfspme.dll

C:\Qoobox\Quarantine\C\Program Files (x86)\See Results Hub\Extensions\c3cbfe5d-53c1-44f9-8442-6faaf005aaa9.dll.vir

C:\Qoobox\Quarantine\C\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\hog1wvxp@mumnjwtj.com\content\bg.js.vir

C:\Qoobox\Quarantine\C\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\rbyi2@uibieo.co.uk\content\bg.js.vir

C:\swsetup\WinZBas\Setup.exe

C:\Tools\ExcelRecovery\setup.exe

C:\Users\MSC\AppData\Local\InstallShare\2_16472_installer.exe

C:\Windows\Installer\932638.msi

C:\Windows\Installer\98d22a2.msi

D:\Downloads\HP_

D:\Downloads\Installer

D:\Downloads\Installer

D:\Downloads\olftag15 - CHIP-Installer.exe

D:\Downloads\Paragon Backup Recovery 2014 Free - CHIP-Installer.exe

D:\Downloads\Paragon Partition Manager 2014 Free - CHIP-Installer.exe

D:\Downloads\pcwWinFixItPack_setup.exe

D:\Downloads\Unlocker1.9.2.exe

D:\Downloads\wclassic2 - CHIP-Installer.exe

GroupPolicyScripts: Group Policy detected <======= ATTENTION
GroupPolicyScripts\User: Group Policy detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Tcpip\Parameters: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{80710E33-1517-4612-A89E-CDD41C5A0DD9}: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{A51701BB-A804-4E1B-8457-21AFA11167D2}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
ZeroAccess:
C:\Users\MSC\AppData\Local\682008ce
C:\Users\MSC\AppData\Local\682008ce\@
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Frisches FRST log bitte.

Ontop144 · 27.07.2015, 08:39

Guten Morgen Schrauber,

hier ist nur das Fixlog mit dem aktuellen FRST log

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von michael.schmaus an 2015-07-27 09:30:58 Run:1
Gestartet von C:\Users\MSC\Desktop
Geladene Profile: michael.schmaus (Verfügbare Profile: Admin & postgres & sysaidinternal & AdminDE & Chris.Oleszczuk & michael.schmaus & michael.schmaus & Administrator)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\dfqc50@ytkxfpxaf.co.uk\content\bg.js

D:\Downloads\LOGINventory.v4.5.7.0.1637-BEAN.zip

D:\Downloads\VMWare_ESX_v4_1_keygen.zip

D:\Downloads\VMware_vCenter_Server_version_5_keygen.zip

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.dll.vir

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.exe.vir

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.x64.dll.vir

C:\AdwCleaner\Quarantine\C\Program Files (x86)\mozilla firefox\dbghelp.dll.vir

C:\AdwCleaner\Quarantine\C\ProgramData\{e8f62260-3bf5-9a5e-e8f6-622603bf8980}\AOMEI.Dynamic.Disk.Manager.Pro.1.2.0.0.rar.exe.vir

C:\Program Files\PC-WELT-Fix-it-Pack\Tools\driveridentifier_setup.exe

C:\Program Files (x86)\Avaya\C3000\Fax Printer\pdfspme.dll

C:\Qoobox\Quarantine\C\Program Files (x86)\See Results Hub\Extensions\c3cbfe5d-53c1-44f9-8442-6faaf005aaa9.dll.vir

C:\Qoobox\Quarantine\C\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\hog1wvxp@mumnjwtj.com\content\bg.js.vir

C:\Qoobox\Quarantine\C\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\rbyi2@uibieo.co.uk\content\bg.js.vir

C:\swsetup\WinZBas\Setup.exe

C:\Tools\ExcelRecovery\setup.exe

C:\Users\MSC\AppData\Local\InstallShare\2_16472_installer.exe

C:\Windows\Installer\932638.msi

C:\Windows\Installer\98d22a2.msi

D:\Downloads\HP_

D:\Downloads\Installer

D:\Downloads\Installer

D:\Downloads\olftag15 - CHIP-Installer.exe

D:\Downloads\Paragon Backup Recovery 2014 Free - CHIP-Installer.exe

D:\Downloads\Paragon Partition Manager 2014 Free - CHIP-Installer.exe

D:\Downloads\pcwWinFixItPack_setup.exe

D:\Downloads\Unlocker1.9.2.exe

D:\Downloads\wclassic2 - CHIP-Installer.exe

GroupPolicyScripts: Group Policy detected <======= ATTENTION
GroupPolicyScripts\User: Group Policy detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Tcpip\Parameters: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{80710E33-1517-4612-A89E-CDD41C5A0DD9}: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{A51701BB-A804-4E1B-8457-21AFA11167D2}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
ZeroAccess:
C:\Users\MSC\AppData\Local\682008ce
C:\Users\MSC\AppData\Local\682008ce\@
Emptytemp:
         
*****************

"C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\dfqc50@ytkxfpxaf.co.uk\content\bg.js" => Datei/Ordner nicht gefunden.
D:\Downloads\LOGINventory.v4.5.7.0.1637-BEAN.zip => erfolgreich verschoben.
D:\Downloads\VMWare_ESX_v4_1_keygen.zip => erfolgreich verschoben.
D:\Downloads\VMware_vCenter_Server_version_5_keygen.zip => erfolgreich verschoben.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.dll.vir => erfolgreich verschoben.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.exe.vir => erfolgreich verschoben.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BRowsiNNgclearrly\XfDXgxTjauslkg.x64.dll.vir => erfolgreich verschoben.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\mozilla firefox\dbghelp.dll.vir => erfolgreich verschoben.
C:\AdwCleaner\Quarantine\C\ProgramData\{e8f62260-3bf5-9a5e-e8f6-622603bf8980}\AOMEI.Dynamic.Disk.Manager.Pro.1.2.0.0.rar.exe.vir => erfolgreich verschoben.
C:\Program Files\PC-WELT-Fix-it-Pack\Tools\driveridentifier_setup.exe => erfolgreich verschoben.
C:\Program Files (x86)\Avaya\C3000\Fax Printer\pdfspme.dll => erfolgreich verschoben.
C:\Qoobox\Quarantine\C\Program Files (x86)\See Results Hub\Extensions\c3cbfe5d-53c1-44f9-8442-6faaf005aaa9.dll.vir => erfolgreich verschoben.
C:\Qoobox\Quarantine\C\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\hog1wvxp@mumnjwtj.com\content\bg.js.vir => erfolgreich verschoben.
C:\Qoobox\Quarantine\C\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\g51m6ksp.default\extensions\rbyi2@uibieo.co.uk\content\bg.js.vir => erfolgreich verschoben.
C:\swsetup\WinZBas\Setup.exe => erfolgreich verschoben.
C:\Tools\ExcelRecovery\setup.exe => erfolgreich verschoben.
C:\Users\MSC\AppData\Local\InstallShare\2_16472_installer.exe => erfolgreich verschoben.
C:\Windows\Installer\932638.msi => erfolgreich verschoben.
C:\Windows\Installer\98d22a2.msi => erfolgreich verschoben.
"D:\Downloads\HP_" => Datei/Ordner nicht gefunden.
"D:\Downloads\Installer" => Datei/Ordner nicht gefunden.
"D:\Downloads\Installer" => Datei/Ordner nicht gefunden.
D:\Downloads\olftag15 - CHIP-Installer.exe => erfolgreich verschoben.
D:\Downloads\Paragon Backup Recovery 2014 Free - CHIP-Installer.exe => erfolgreich verschoben.
D:\Downloads\Paragon Partition Manager 2014 Free - CHIP-Installer.exe => erfolgreich verschoben.
D:\Downloads\pcwWinFixItPack_setup.exe => erfolgreich verschoben.
D:\Downloads\Unlocker1.9.2.exe => erfolgreich verschoben.
D:\Downloads\wclassic2 - CHIP-Installer.exe => erfolgreich verschoben.
C:\Windows\system32\GroupPolicy\Machine => erfolgreich verschoben.
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben.
C:\Windows\system32\GroupPolicy\User => erfolgreich verschoben.
"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{80710E33-1517-4612-A89E-CDD41C5A0DD9}\\DhcpNameServer => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{A51701BB-A804-4E1B-8457-21AFA11167D2}\\NameServer => Wert erfolgreich entfernt
ZeroAccess: => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
C:\Users\MSC\AppData\Local\682008ce => erfolgreich verschoben.
"C:\Users\MSC\AppData\Local\682008ce\@" => Datei/Ordner nicht gefunden.
EmptyTemp: => 117.8 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 09:31:10 ====

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von michael.schmaus (Administrator) auf NB1140 (27-07-2015 09:36:58)
Gestartet von C:\Users\MSC\Desktop
Geladene Profile: michael.schmaus (Verfügbare Profile: Admin & postgres & sysaidinternal & AdminDE & Chris.Oleszczuk & michael.schmaus & michael.schmaus & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\psxss.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\BCMWLTRY.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\inetinfo.exe
(Inedo, LLC) C:\Program Files\ProGet\Service\ProGet.Service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Netop Business Solutions A/S) C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(SEP AG) C:\Program Files\SEPsesam\bin\sesam\sm_main.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(SEP AG) C:\Program Files\SEPsesam\bin\sesam\sm_ctrld_main.exe
() C:\Program Files\SEPsesam\bin\sesam\sm_sshd.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SysAid Technology Ltd.) C:\Program Files\SysAid\SysAidSM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\snmp.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer_Service.exe
(SysAid Technology Ltd.) C:\Program Files\SysAid\SysAidWorker.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
(Ericsson AB) C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\PatchManagementInstallation\Agent\lnssatt.exe
(Apache Software Foundation) C:\Program Files (x86)\PatchManagementInstallation\Agent\Httpd\bin\httpd.exe
(Apache Software Foundation) C:\Program Files (x86)\PatchManagementInstallation\Agent\Httpd\bin\httpd.exe
(GFI Software Development Ltd.) C:\Program Files (x86)\PatchManagementInstallation\Agent\mantle.exe
(Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(Microsoft Corporation) C:\Windows\CCM\RemCtrl\cmrcservice.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Policy Platform\policyHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\TeamViewer.exe
(Webroot) C:\Program Files (x86)\Webroot\WRSA.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\Teamviewer\Version8\tv_x64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Avaya Inc.) C:\Windows\System32\qtsp_sso.exe
(Hewlett-Packard Company, L.P.) C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Akamai Technologies, Inc.) C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ek-soft GmbH) C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe
(Akamai Technologies, Inc.) C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Microsoft) C:\Program Files (x86)\Avaya\Avaya Microsoft Lync Integration\LyncAddin.exe
(Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Lync\communicator.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Samsung Electronics) C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Microsoft Corporation) C:\Windows\CCM\SCNotification.exe
(ek-soft GmbH) C:\Program Files (x86)\CTI\DIALit-Client\TeleTab.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtwLyncIntf\BtwLyncIntf.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11\WLTRAY.exe [8641536 2014-07-25] (Broadcom Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-07-03] (IDT, Inc.)
HKLM\...\Run: [qtsp_sso] => C:\windows\system32\qtsp_sso.exe [1171968 2012-12-21] (Avaya Inc.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MultiScreen] => [X]
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [358944 2011-01-28] (Acronis)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-08-01] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2013-07-03] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-10-24] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-06-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-06-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Client Access Service] => C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe [14336 2010-01-15] (IBM Corporation)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [336672 2014-02-10] (Hewlett-Packard Company)
HKLM-x32\...\Run: [LyncAddin] => C:\Program Files (x86)\Avaya\Avaya Microsoft Lync Integration\LyncAddin.exe [1933824 2012-11-09] (Microsoft)
HKLM-x32\...\Run: [Check Point VPN] => C:\Program Files (x86)\CheckPoint\Endpoint Connect\TrGui.exe [826832 2013-12-04] (Check Point Software Technologies)
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2014-04-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MultiScreen] => [X]
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12118840 2015-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files (x86)\Webroot\WRSA.exe [822728 2015-07-24] (Webroot)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [168464 2012-10-25] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [139792 2012-10-25] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-14] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5145824 2011-01-28] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Run: [Akamai NetSession Interface] => C:\Users\MSC\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-03-11]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-10-18]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DIALit.lnk [2014-11-05]
ShortcutTarget: DIALit.lnk -> C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe (ek-soft GmbH)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-08-06]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DIALit.lnk [2014-11-05]
ShortcutTarget: DIALit.lnk -> C:\Program Files (x86)\CTI\DIALit-Client\Dialit32.exe (ek-soft GmbH)
Startup: C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2013-08-06]
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Microsoft Web Recorder Helper -> {06D7D698-1ECD-407F-A1C9-EFA54860490A} -> C:\Program Files\Microsoft System Center 2012 R2\Operations Manager\Console\Microsoft.Mom.RecorderBarBHO.dll [2013-09-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-11-03] (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-06-27] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3799292098-3196119086-2381476900-3276 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Keine Datei
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1383306434877
Tcpip\Parameters: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{80710E33-1517-4612-A89E-CDD41C5A0DD9}: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6

FireFox:
========
FF ProfilePath: C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\103qzzmr.default-1436867989260
FF SearchEngineOrder.2: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-24] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-28] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-05-28] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\MSC\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-05-28] (Cisco WebEx LLC)
FF Extension: GMX MailCheck - C:\Users\MSC\AppData\Roaming\Mozilla\Firefox\Profiles\103qzzmr.default-1436867989260\Extensions\toolbar@gmx.net [2015-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-07-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-10-18]
FF HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Firefox\Extensions: [firefoxaddon@ek-soft.de] - C:\Program Files (x86)\CTI\DIALit-Client\Firefox
FF Extension: ek-soft CTI Add ON - C:\Program Files (x86)\CTI\DIALit-Client\Firefox [2014-06-16]
FF HKU\S-1-5-21-3799292098-3196119086-2381476900-3276\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14]
CHR Extension: (Google Drive) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-14]
CHR Extension: (YouTube) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-14]
CHR Extension: (GMX MailCheck) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2015-07-14]
CHR Extension: (Google Search) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-14]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-14]
CHR Extension: (Google Wallet) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-14]
CHR Extension: (Gmail) - C:\Users\MSC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AdtAgent; C:\Windows\system32\AdtAgent.exe [410808 2013-09-06] (Microsoft Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 CcmExec; C:\windows\CCM\CcmExec.exe [1571000 2013-09-11] (Microsoft Corporation)
R2 CmRcService; C:\windows\CCM\RemCtrl\CmRcService.exe [577712 2014-05-29] (Microsoft Corporation)
S3 Cwbrxd; C:\windows\cwbrxd.exe [94208 2010-01-15] (IBM Corporation) [Datei ist nicht signiert]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [143872 2014-10-24] (Microsoft Corporation) [Datei ist nicht signiert]
R2 gfi_lanss11_attservice; C:\Program Files (x86)\PatchManagementInstallation\Agent\lnssatt.exe [133496 2012-11-23] (GFI Software Development Ltd.)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-07-14] (SurfRight B.V.)
S3 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [683296 2014-02-10] (Hewlett-Packard Company)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-10-09] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-21] (Microsoft Corporation)
R2 INEDOPROGETSVC; C:\Program Files\ProGet\Service\ProGet.Service.exe [133120 2015-07-16] (Inedo, LLC) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-10-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-10-24] (Intel Corporation)
R3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
S3 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 MSSQL$ACRONIS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)
R2 MSSQL$PROGET; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-11] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NetOp Host for NT Service; C:\Program Files (x86)\Netop\Netop Remote Control\Host\NHOSTSVC.EXE [1516568 2010-11-01] (Netop Business Solutions A/S)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [Datei ist nicht signiert]
S4 PuranDefrag; C:\windows\system32\PuranDefragS.exe [292736 2013-08-15] (Puran Software) [Datei ist nicht signiert]
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 smstsmgr; C:\windows\CCM\TSManager.exe [276152 2013-09-11] (Microsoft Corporation)
R2 sm_main; C:\Program Files\SEPsesam\bin\sesam\sm_main.exe [362696 2015-03-10] (SEP AG)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-21] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-21] (Microsoft Corporation)
S4 SQLAgent$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL10.HPWJA\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation)
R3 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-07-03] (IDT, Inc.) [Datei ist nicht signiert]
R2 SysAidAgent; C:\Program Files\SysAid\SysAidSM.exe [23192 2015-04-01] (SysAid Technology Ltd.)
S4 System Center Management APM; C:\Program Files\Microsoft System Center 2012 R2\Service Manager\APMDOTNETAgent\InterceptSvc.exe [626872 2013-09-06] (Microsoft Corp.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [122368 2015-02-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Connect\TracSrvWrapper.exe [4880512 2013-12-04] (Check Point Software Technologies)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11\bcmwltry.exe [5894144 2014-07-25] (Broadcom Corporation) [Datei ist nicht signiert]
R2 WMCoreService; C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe [689560 2012-10-18] (Ericsson AB)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-14] (Microsoft Corporation)
R2 WRSVC; C:\Program Files (x86)\Webroot\WRSA.exe [822728 2015-07-24] (Webroot)
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn [X]
S3 Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn; Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0400.PlugIn [X]

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [172760 2014-07-14] (Broadcom Corporation.)
S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R3 dwVSCD; C:\Windows\System32\DRIVERS\dwvscd.sys [11904 2010-11-01] (Danware Data A/S)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2011-10-05] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [29736 2011-10-05] (Ericsson AB)
R3 h36wgps; C:\Windows\System32\DRIVERS\h36wgps64.sys [103184 2012-03-02] (Ericsson AB)
R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331144 2013-03-11] (SafeNet Inc.)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [34056 2014-05-19] (Paragon Software Group)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2012-08-24] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [443648 2013-04-22] (MCCI Corporation)
R3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [455936 2013-04-22] (MCCI Corporation)
R3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [22272 2013-04-22] (MCCI Corporation)
R3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [508160 2013-04-22] (MCCI Corporation)
R3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2012-11-21] (Microsoft Corporation)
R3 PsxDrv; C:\Windows\System32\drivers\psxdrv.sys [10240 2009-07-14] (Microsoft Corporation)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
S3 sehutn; C:\Windows\System32\DRIVERS\sehutn.sys [49328 2013-10-08] (SEH Computertechnik GmbH)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1064184 2012-09-23] (Sunplus)
R1 UimBus; C:\Windows\System32\DRIVERS\UimBus.sys [102664 2014-05-09] ()
R1 Uim_DEVIM; C:\Windows\System32\DRIVERS\uim_devim.sys [25992 2014-05-09] ()
R1 Uim_IM; C:\Windows\System32\DRIVERS\uim_im.sys [700296 2014-05-09] ()
R3 vna_ap; C:\Windows\System32\DRIVERS\vnaap.sys [161256 2012-09-20] (Check Point Software Technologies)
R1 vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [456952 2013-12-04] (Check Point Software Technologies Ltd.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [116224 2015-07-24] (Webroot)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [284912 2013-11-25] (Ericsson AB)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 dmboot; No ImagePath
U0 SR; No ImagePath
U2 srservice; No ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-27 09:30 - 2015-07-27 09:30 - 00000000 ____D C:\Users\MSC\Desktop\FRST-OlderVersion
2015-07-27 09:29 - 2015-07-27 09:36 - 00035572 _____ C:\Users\MSC\Desktop\FRST.txt
2015-07-27 09:29 - 2015-07-27 09:30 - 02146816 _____ (Farbar) C:\Users\MSC\Desktop\FRST64.exe
2015-07-27 09:29 - 2015-07-24 11:01 - 00112785 _____ C:\Users\MSC\Desktop\Addition.txt
2015-07-24 14:24 - 2015-07-24 14:24 - 00000255 _____ C:\Users\MSC\SimpleConfig.ps1
2015-07-24 14:04 - 2015-07-24 14:34 - 00000849 _____ C:\Users\MSC\M2_Demo.ps1
2015-07-24 13:48 - 2015-07-24 15:35 - 00000000 ____D C:\DSC
2015-07-24 13:47 - 2015-07-24 13:48 - 00000412 _____ C:\Users\MSC\LCM_Push_NewWay.ps1
2015-07-24 11:10 - 2015-07-27 09:35 - 00026146 ____N C:\Windows\WindowsUpdate.log
2015-07-24 09:15 - 2015-07-24 09:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Inedo
2015-07-24 09:14 - 2015-07-24 09:15 - 00000000 ____D C:\ProgramData\ProGet
2015-07-24 09:14 - 2015-07-24 09:14 - 00000000 ____D C:\Program Files\ProGet
2015-07-24 09:04 - 2015-07-24 09:04 - 00003034 _____ C:\Users\MSC\Desktop\(X.systems.press) Peter Monadjemi (auth.)-PowerShell für die Windows-Administration_ Ein kompakter und praxisnaher Überblick-Vieweg+Teubner Verlag (2014).pdf - Verknüpfung.lnk
2015-07-24 08:10 - 2015-07-24 08:17 - 00000000 ____D C:\Users\MSC\Documents\Powershell
2015-07-24 08:01 - 2015-07-24 08:01 - 00022257 _____ C:\Users\MSC\Desktop\Error_ProGet.txt
2015-07-24 08:00 - 2015-07-24 07:58 - 02870984 _____ (ESET) C:\Users\MSC\Desktop\esetsmartinstaller_deu.exe
2015-07-23 15:46 - 2015-07-23 15:46 - 00001617 _____ C:\Users\MSC\Desktop\JRT.txt
2015-07-23 15:34 - 2015-07-23 15:36 - 00001210 _____ C:\mbam.txt
2015-07-23 14:04 - 2015-07-23 14:07 - 00018662 _____ C:\autoreply.txt
2015-07-22 19:23 - 2015-07-22 19:23 - 00000000 ____D C:\Scripts
2015-07-22 18:52 - 2015-07-22 18:52 - 00000000 ____D C:\Users\MSC\AppData\Local\NuGet
2015-07-22 17:13 - 2015-07-22 17:13 - 00000000 ____D C:\Users\MSC\AppData\Roaming\NuGet
2015-07-22 17:12 - 2015-07-22 17:12 - 00000000 ____D C:\Users\MSC\AppData\Local\PackageManagement
2015-07-22 17:12 - 2015-07-22 17:12 - 00000000 ____D C:\Program Files\PackageManagement
2015-07-22 16:57 - 2015-07-22 16:57 - 00000000 ____D C:\Windows\SysWOW64\Configuration
2015-07-22 16:55 - 2015-04-23 05:13 - 02172928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-07-22 16:55 - 2015-04-23 05:13 - 00019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Register-CimProvider.exe
2015-07-22 16:55 - 2015-04-23 05:12 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-07-22 16:55 - 2015-04-23 05:12 - 00139264 _____ (Windows (R) Win 7 DDK provider) C:\Windows\SysWOW64\DscCoreConfProv.dll
2015-07-22 16:55 - 2015-04-23 05:12 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmidcom.dll
2015-07-22 16:55 - 2015-04-23 05:11 - 00085504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pwrshplugin.dll
2015-07-22 16:55 - 2015-04-23 05:11 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2015-07-22 16:55 - 2015-04-23 05:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrssrv.dll
2015-07-22 16:55 - 2015-04-23 05:10 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrscmd.dll
2015-07-22 16:55 - 2015-04-23 05:10 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wecutil.exe
2015-07-22 16:55 - 2015-04-23 05:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prvdmofcomp.dll
2015-07-22 16:55 - 2015-04-23 05:10 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrshost.exe
2015-07-22 16:55 - 2015-04-23 05:10 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-07-22 16:55 - 2015-04-23 05:09 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtfwd.dll
2015-07-22 16:55 - 2015-04-23 05:09 - 00058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wecapi.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00535552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmGCDeps.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmitomi.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mi.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrs.exe
2015-07-22 16:55 - 2015-04-23 05:08 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PSModuleDiscoveryProvider.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2015-07-22 16:55 - 2015-04-23 05:08 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2015-07-22 16:55 - 2015-04-23 05:08 - 00001536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winrsmgr.dll
2015-07-22 16:55 - 2015-04-23 05:07 - 00201216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2015-07-22 16:55 - 2015-04-23 05:07 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2015-07-22 16:55 - 2015-04-23 05:07 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-07-22 16:55 - 2015-04-23 05:06 - 00384512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemcomn2.dll
2015-07-22 16:55 - 2015-04-23 05:05 - 00119296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mimofcodec.dll
2015-07-22 16:55 - 2015-04-23 05:05 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mibincodec.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2015-07-22 16:55 - 2015-04-23 05:03 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2015-07-22 16:55 - 2015-04-23 03:56 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\DscTimer.dll
2015-07-22 16:55 - 2015-04-23 03:55 - 02613760 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-07-22 16:55 - 2015-04-23 03:55 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\DscProxy.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\mpeval.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\wmidcom.dll
2015-07-22 16:55 - 2015-04-23 03:54 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\Register-CimProvider.exe
2015-07-22 16:55 - 2015-04-23 03:53 - 00196096 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\DscCoreConfProv.dll
2015-07-22 16:55 - 2015-04-23 03:53 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\winrssrv.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\pwrshplugin.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\winrscmd.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\prvdmofcomp.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2015-07-22 16:55 - 2015-04-23 03:52 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\winrshost.exe
2015-07-22 16:55 - 2015-04-23 03:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
2015-07-22 16:55 - 2015-04-23 03:51 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wecsvc.dll
2015-07-22 16:55 - 2015-04-23 03:51 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\wevtfwd.dll
2015-07-22 16:55 - 2015-04-23 03:51 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\wecutil.exe
2015-07-22 16:55 - 2015-04-23 03:51 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\wecapi.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\WsmGCDeps.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\wmitomi.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\mi.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\PSModuleDiscoveryProvider.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\winrs.exe
2015-07-22 16:55 - 2015-04-23 03:49 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2015-07-22 16:55 - 2015-04-23 03:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-07-22 16:55 - 2015-04-23 03:49 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2015-07-22 16:55 - 2015-04-23 03:49 - 00001536 _____ (Microsoft Corporation) C:\Windows\system32\winrsmgr.dll
2015-07-22 16:55 - 2015-04-23 03:47 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn2.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00512512 _____ (Microsoft Corporation) C:\Windows\system32\mpunits.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\mimofcodec.dll
2015-07-22 16:55 - 2015-04-23 03:46 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\mibincodec.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2015-07-22 16:55 - 2015-04-23 03:43 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2015-07-22 10:34 - 2015-07-22 10:34 - 00000000 ____D C:\LocalDumps
2015-07-22 09:39 - 2015-07-22 09:39 - 00039270 _____ C:\ComboFix.txt
2015-07-21 13:39 - 2015-07-27 09:36 - 00000000 ____D C:\FRST
2015-07-21 12:54 - 2015-07-02 22:31 - 19291136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-21 12:54 - 2015-07-02 21:15 - 14384640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-21 12:54 - 2015-07-02 20:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-21 12:54 - 2015-07-02 20:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-21 12:54 - 2015-06-29 15:30 - 02865152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-21 12:54 - 2015-06-29 15:27 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 13771264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 02056704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 01763328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-21 12:54 - 2015-06-17 15:28 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00690176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-21 12:54 - 2015-06-17 15:28 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 02237440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 01409024 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 00601600 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-21 12:54 - 2015-06-17 15:27 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-21 12:54 - 2015-06-17 15:26 - 15415296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 02656768 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-21 12:54 - 2015-06-17 15:26 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-21 12:54 - 2015-06-17 15:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-21 12:54 - 2015-06-11 20:03 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-21 12:54 - 2015-06-11 19:43 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-21 12:54 - 2015-06-11 19:38 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-07-21 12:54 - 2015-06-11 19:19 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-07-21 12:53 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 12:53 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 12:53 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 16:42 - 2015-07-20 16:42 - 00000000 ____D C:\Users\MSC\AppData\Local\CEF
2015-07-20 13:21 - 2015-07-20 13:21 - 00000000 ____D C:\ProgramData\VIPRE
2015-07-20 13:21 - 2015-07-20 13:21 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-20 13:12 - 2015-07-21 15:26 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-07-20 13:12 - 2015-07-20 13:12 - 00000000 ____D C:\Program Files (x86)\iS3
2015-07-20 12:41 - 2015-07-20 13:00 - 00000000 ____D C:\ProgramData\{cd5b4ee3-71a9-ecd7-cd5b-b4ee371a3b8d}
2015-07-16 09:31 - 2015-07-16 09:31 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 10:21 - 2015-03-30 00:47 - 00083624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 10:21 - 2015-03-30 00:43 - 00089264 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.52.4042.0.dll
2015-07-15 10:10 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 10:10 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 10:10 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 10:10 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 10:10 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 10:10 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 10:10 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 10:10 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 10:10 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 10:10 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 10:09 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-15 09:26 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 09:26 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 09:26 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 09:26 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 09:26 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 09:26 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 09:26 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 09:26 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 09:26 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 09:26 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 09:26 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 09:26 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 09:26 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 09:26 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 09:26 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 09:26 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 09:26 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 09:26 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 09:26 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 09:26 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 09:26 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 09:26 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 09:26 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 09:26 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 09:26 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 09:26 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 09:26 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 09:26 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 09:26 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 09:26 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 09:26 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 09:26 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 09:26 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 09:26 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 09:26 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 09:26 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 09:26 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 09:26 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 09:26 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 09:26 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 09:26 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 14:54 - 2015-07-14 14:54 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-14 14:54 - 2015-07-14 14:54 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-14 14:54 - 2015-07-14 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 14:21 - 2015-07-15 09:33 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 14:21 - 2015-07-14 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-14 14:20 - 2015-07-27 09:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 14:20 - 2015-07-27 09:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 14:20 - 2015-07-16 09:32 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-14 14:20 - 2015-07-16 09:32 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-14 13:47 - 2015-07-14 13:47 - 00000207 _____ C:\Windows\tweaking.com-regbackup-NB1140-Windows-7-Ultimate-(64-bit).dat
2015-07-14 13:47 - 2015-07-14 13:47 - 00000000 ____D C:\RegBackup
2015-07-14 13:43 - 2015-07-14 13:43 - 03034266 _____ (Malwarebytes Corporation) C:\Users\MSC\Desktop\JRT.exe
2015-07-14 11:59 - 2015-07-14 11:59 - 00000000 ____D C:\Users\MSC\Desktop\Alte Firefox-Daten
2015-07-14 10:47 - 2015-07-20 13:00 - 00000410 _____ C:\Windows\system32\.crusader
2015-07-14 10:40 - 2015-07-14 10:40 - 00001909 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2015-07-14 10:40 - 2015-07-14 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-07-13 18:01 - 2015-07-13 18:01 - 00002018 _____ C:\Users\MSC\Documents\Silverlieght in allen Browsern aktivieren.txt
2015-07-13 14:17 - 2015-07-14 14:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-13 14:08 - 2015-07-13 14:08 - 00003122 _____ C:\Windows\System32\Tasks\Samsung_PSSD_Registration
2015-07-13 11:30 - 2015-07-13 11:29 - 02248704 _____ C:\Users\MSC\Desktop\adwcleaner_4.208.exe
2015-07-13 11:09 - 2015-04-08 18:32 - 00000027 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-07-07 08:55 - 2015-07-07 08:55 - 00000000 ____D C:\Users\MSC\AppData\Roaming\SysAid
2015-07-03 09:33 - 2015-07-27 09:30 - 00006026 _____ C:\Users\MSC\Documents\ETG-Server.rdg
2015-07-02 13:41 - 2011-08-04 00:48 - 120893960 _____ (Oracle ) C:\Users\MSC\Downloads\SmartView.exe
2015-07-02 08:50 - 2015-07-02 08:50 - 00001088 _____ C:\Users\MSC\Documents\WER_Debug.reg
2015-07-02 08:44 - 2015-07-16 10:03 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-02 08:44 - 2015-07-02 08:44 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-07-01 11:23 - 2015-07-01 11:23 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-01 11:23 - 2015-07-01 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files\iTunes
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files\iPod
2015-07-01 11:22 - 2015-07-01 11:22 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-06-30 08:26 - 2015-06-30 14:21 - 00002234 ____H C:\Users\adminde\Documents\Default.rdp
2015-06-30 08:26 - 2015-06-30 08:26 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Intel Corporation
2015-06-30 08:25 - 2015-06-30 14:19 - 00000000 ____D C:\Users\adminde\Tracing
2015-06-30 08:25 - 2015-06-30 08:25 - 00124488 _____ C:\Users\adminde\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\Documents\IBM
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\Documents\Bluetooth Exchange Folder
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Synaptics
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\ICAClient
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\IBM
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\hpqLog
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Hewlett-Packard
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Avaya
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Apple Computer
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Packages
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Hewlett-Packard_Developme
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Citrix
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Broadcom
2015-06-30 08:25 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Local\Adobe
2015-06-30 08:24 - 2015-07-20 11:05 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0B921448-3CB6-4172-AC13-1384D54539F1}
2015-06-30 08:24 - 2015-07-20 11:05 - 00001200 __RSH C:\Users\adminde\ntuser.pol
2015-06-30 08:24 - 2015-07-20 11:05 - 00000000 ____D C:\Users\adminde
2015-06-30 08:24 - 2015-06-30 08:25 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Adobe
2015-06-30 08:24 - 2015-06-30 08:24 - 00001425 _____ C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Vorlagen
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Startmenü
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Netzwerkumgebung
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Lokale Einstellungen
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Eigene Dateien
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Druckumgebung
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Documents\Eigene Musik
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Documents\Eigene Bilder
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Local\Verlauf
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\AppData\Local\Anwendungsdaten
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 _SHDL C:\Users\adminde\Anwendungsdaten
2015-06-30 08:24 - 2015-06-30 08:24 - 00000000 ____D C:\Users\adminde\AppData\Local\Google
2015-06-30 08:24 - 2013-09-12 15:58 - 00000000 ____D C:\Users\adminde\AppData\Roaming\Macromedia
2015-06-30 08:24 - 2013-07-20 07:02 - 00000000 ____D C:\Users\adminde\AppData\Local\Microsoft Help
2015-06-30 08:24 - 2013-04-14 01:33 - 00000000 ___HD C:\Users\adminde\Documents\hp.system.package.metadata
2015-06-30 08:24 - 2011-02-11 07:19 - 00000020 ___SH C:\Users\adminde\ntuser.ini
2015-06-30 08:24 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-30 08:24 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\adminde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-27 12:29 - 2015-06-27 12:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-27 12:29 - 2015-06-27 12:29 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-27 12:27 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-27 12:27 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-27 12:27 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-27 12:27 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-27 12:27 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-27 12:27 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-27 12:27 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-27 12:27 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-27 12:27 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-27 12:27 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-27 12:27 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-27 12:27 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-27 12:27 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-27 12:27 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-27 12:27 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-27 12:27 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-27 12:27 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-27 12:27 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-27 12:27 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-27 09:36 - 2014-01-31 10:49 - 00000000 ____D C:\Users\MSC\Tracing
2015-07-27 09:36 - 2013-07-30 13:45 - 00000492 __RSH C:\Users\MSC\ntuser.pol
2015-07-27 09:36 - 2013-07-30 12:45 - 00000000 ____D C:\Users\MSC
2015-07-27 09:36 - 2013-04-13 22:35 - 01040974 _____ C:\Windows\system32\perfh007.dat
2015-07-27 09:36 - 2013-04-13 22:35 - 00273456 _____ C:\Windows\system32\perfc007.dat
2015-07-27 09:36 - 2012-02-09 12:10 - 00000000 ____D C:\Users\MSC\Documents\DIALIT
2015-07-27 09:36 - 2009-07-14 07:13 - 02553832 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 09:34 - 2013-07-05 11:11 - 00000580 _____ C:\Windows\SMSCFG.ini
2015-07-27 09:34 - 2013-07-03 14:11 - 00025130 __RSH C:\ProgramData\ntuser.pol
2015-07-27 09:34 - 2013-07-03 12:02 - 00002072 _____ C:\Windows\system32\config\netlogon.ftl
2015-07-27 09:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\inetsrv
2015-07-27 09:32 - 2015-05-29 10:52 - 00000782 _____ C:\Users\Public\Desktop\SysAid.lnk
2015-07-27 09:32 - 2015-05-29 10:52 - 00000000 ____D C:\Program Files\SysAid
2015-07-27 09:31 - 2014-11-14 13:14 - 00000000 ____D C:\ProgramData\WRData
2015-07-27 09:31 - 2014-08-15 14:19 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2015-07-27 09:31 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\InstallShare
2015-07-27 09:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-27 09:31 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-27 09:27 - 2009-07-14 06:45 - 00042336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-27 09:27 - 2009-07-14 06:45 - 00042336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-27 09:21 - 2013-04-14 01:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-24 15:42 - 2012-02-09 16:30 - 00000000 ____D C:\Users\MSC\Documents\Outlook-Dateien
2015-07-24 13:10 - 2014-11-14 13:14 - 00166128 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-07-24 13:10 - 2014-11-14 13:14 - 00116224 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-07-24 13:10 - 2014-11-14 13:14 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-07-24 11:05 - 2015-05-20 10:23 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-24 11:04 - 2013-07-30 18:09 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Notepad++
2015-07-24 10:59 - 2015-01-29 16:23 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-07-24 09:14 - 2013-08-01 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-24 09:14 - 2013-04-14 01:02 - 02449500 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-24 08:54 - 2012-02-09 16:12 - 00000000 ____D C:\Users\MSC\Documents\WindowsPowershell
2015-07-24 07:59 - 2013-10-15 09:36 - 00852662 _____ C:\Users\MSC\Desktop\SecurityCheck.exe
2015-07-24 07:36 - 2013-08-02 09:12 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-07-24 07:31 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\CrashDumps
2015-07-23 15:39 - 2013-10-14 12:14 - 00000000 ____D C:\AdwCleaner
2015-07-23 10:25 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-23 09:15 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Deployment
2015-07-22 18:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Windows\system32\dsc
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Windows\system32\Configuration
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Program Files\WindowsPowerShell
2015-07-22 16:57 - 2013-11-07 14:59 - 00000000 ____D C:\Program Files (x86)\WindowsPowerShell
2015-07-22 16:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-22 09:39 - 2013-11-15 10:41 - 00000000 ____D C:\Qoobox
2015-07-22 09:39 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Apps\2.0
2015-07-22 09:36 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-22 09:28 - 2013-11-15 10:38 - 05632853 ____R (Swearware) C:\Users\MSC\Desktop\ComboFix.exe
2015-07-21 13:34 - 2011-02-11 07:14 - 00000000 ____D C:\Windows\Panther
2015-07-21 13:29 - 2009-07-14 06:45 - 00529888 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 07:47 - 2013-06-21 00:13 - 00000000 ____D C:\Windows\Hewlett-Packard
2015-07-20 16:03 - 2013-10-14 12:11 - 00000000 ____D C:\Program Files\HitmanPro
2015-07-20 15:45 - 2013-07-30 18:13 - 00000600 _____ C:\Users\MSC\AppData\Roaming\winscp.rnd
2015-07-20 15:45 - 2013-07-30 18:07 - 00000600 _____ C:\Users\MSC\AppData\Local\PUTTY.RND
2015-07-20 11:11 - 2013-08-01 12:49 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{02EBB676-2F51-4EB5-BF5C-EFF12763F7AF}
2015-07-20 10:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\spool
2015-07-17 13:06 - 2015-01-26 13:24 - 00000000 ____D C:\Program Files\Java
2015-07-17 12:45 - 2015-01-26 13:24 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-17 10:28 - 2012-02-09 16:30 - 00000000 ____D C:\Users\MSC\IPViewer
2015-07-17 08:19 - 2013-07-30 12:05 - 00002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00002026 _____ C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2015-07-17 08:19 - 2013-07-30 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2015-07-15 11:21 - 2013-11-20 19:31 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 11:21 - 2013-04-14 01:38 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 11:21 - 2013-04-14 01:38 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 10:50 - 2014-12-10 19:58 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 10:50 - 2014-05-05 09:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 10:23 - 2013-07-19 13:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 10:20 - 2013-08-01 12:34 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-15 10:17 - 2013-07-25 17:46 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 14:36 - 2014-06-16 11:18 - 00001062 _____ C:\Users\Public\Desktop\DIALit.lnk
2015-07-14 14:36 - 2014-06-16 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DIALit
2015-07-14 14:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Speech
2015-07-14 14:21 - 2015-01-27 16:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-14 14:21 - 2013-07-30 18:04 - 00000000 ____D C:\Users\MSC\AppData\Local\Google
2015-07-14 10:47 - 2014-07-26 10:46 - 00000000 ____D C:\Users\MSC\AppData\Roaming\NirSoft Utilities
2015-07-14 10:47 - 2013-10-14 12:06 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-14 09:04 - 2013-07-05 11:09 - 00000000 ____D C:\Windows\ccmsetup
2015-07-13 11:08 - 2015-05-27 14:47 - 00002549 _____ C:\Users\Public\Desktop\Paragon Backup and Recovery™ 2014 Free.lnk
2015-07-13 11:08 - 2013-07-30 13:49 - 00001527 _____ C:\Users\MSC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 11:08 - 2013-07-03 10:57 - 00001529 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 11:08 - 2013-07-03 10:57 - 00001523 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-07-13 09:20 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-07 08:56 - 2014-05-14 09:38 - 00000000 ____D C:\Program Files (x86)\Citrix
2015-07-07 08:55 - 2013-07-03 14:17 - 00000000 ____D C:\Windows\system32\appmgmt
2015-07-07 08:55 - 2013-04-14 01:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-06 17:38 - 2012-02-08 15:35 - 00000000 ____D C:\Temp
2015-07-03 09:17 - 2015-02-17 08:23 - 00006219 _____ C:\Users\MSC\Documents\ETS-Server.rdg.old
2015-07-03 08:43 - 2013-07-25 17:35 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 13:59 - 2013-07-30 13:49 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Adobe
2015-07-02 13:58 - 2014-08-22 10:32 - 00000000 ____D C:\Users\MSC\AppData\Local\Adobe
2015-07-02 11:29 - 2014-11-12 12:43 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieBrowserModeList
2015-07-02 11:29 - 2014-04-09 14:33 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieUserList
2015-07-02 11:29 - 2014-04-09 14:33 - 00000000 __SHD C:\Users\MSC\AppData\Local\EmieSiteList
2015-07-02 08:44 - 2013-07-30 12:03 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-02 08:43 - 2013-07-30 12:03 - 00000000 ____D C:\ProgramData\Adobe
2015-07-01 11:26 - 2013-07-30 18:09 - 00000000 ____D C:\Users\MSC\AppData\Roaming\Apple Computer
2015-07-01 11:22 - 2015-03-18 14:44 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-01 11:22 - 2015-03-18 14:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-30 09:18 - 2015-04-14 15:02 - 00000000 ____D C:\Users\MSC\Documents\Wohnung
2015-06-30 08:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-06-29 08:43 - 2013-07-25 17:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-06-29 08:43 - 2013-07-25 17:33 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-06-27 12:29 - 2014-09-09 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Lync
2015-06-27 12:29 - 2014-09-09 12:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Lync
2015-06-27 12:28 - 2014-09-09 12:36 - 00000000 ____D C:\Program Files\Microsoft Lync
2015-06-27 12:28 - 2013-07-25 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-07-30 18:12 - 2013-01-24 18:35 - 0023176 _____ () C:\Users\MSC\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2013-07-30 18:12 - 2014-10-06 12:53 - 0023164 _____ () C:\Users\MSC\AppData\Roaming\Microsoft Excel 97-2003.ADR
2013-11-08 14:24 - 2015-02-09 18:50 - 0081642 _____ () C:\Users\MSC\AppData\Roaming\MultiScreen_log.log
2015-04-16 08:46 - 2015-04-16 08:46 - 0033193 _____ () C:\Users\MSC\AppData\Roaming\UserTile.png
2013-07-30 18:13 - 2015-07-20 15:45 - 0000600 _____ () C:\Users\MSC\AppData\Roaming\winscp.rnd
2013-07-30 18:04 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\AtStart.txt
2013-07-30 18:04 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\DSwitch.txt
2013-07-30 18:07 - 2015-07-20 15:45 - 0000600 _____ () C:\Users\MSC\AppData\Local\PUTTY.RND
2013-07-30 18:07 - 2012-10-31 16:05 - 0000000 _____ () C:\Users\MSC\AppData\Local\QSwitch.txt
2013-07-30 18:07 - 2012-12-02 16:08 - 0001832 _____ () C:\Users\MSC\AppData\Local\SLC_msc.prx
2013-10-18 17:29 - 2013-10-18 18:23 - 0000826 _____ () C:\ProgramData\hpzinstall.log
2013-08-01 12:45 - 2013-08-01 12:45 - 0000266 _____ () C:\ProgramData\LEDM_AdaptorInstall.log
2013-12-09 11:21 - 2013-12-09 14:12 - 0000227 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-23 13:29

==================== Ende von log ============================

schrauber · 28.07.2015, 06:41

Zitat:

Tcpip\Parameters: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6
Tcpip\..\Interfaces\{80710E33-1517-4612-A89E-CDD41C5A0DD9}: [DhcpNameServer] 10.101.0.54 10.101.0.55 10.101.0.5 10.101.0.6

Die ganzen DNS Einträge sind mit Absicht drin?

Ontop144 · 28.07.2015, 07:16

Ja, das passt. Sind unsere DNS-Server.

Gruß, Michael

schrauber · 28.07.2015, 11:24

ok

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

21.07.2015, 13:25	#2
schrauber /// the machine /// TB-Ausbilder	http://your-home-page.net Hi, Addition.txt fehlt noch __________________ __________________

http://your-home-page.net

Log-Analyse und Auswertung: http://your-home-page.net