OTL Logfile
 

OTL logfile created on: 28.03.2014 15:16:21 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Tools\O T L
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

15,95 Gb Total Physical Memory | 11,59 Gb Available Physical Memory | 72,63% Memory free
18,33 Gb Paging File | 13,63 Gb Available in Paging File | 74,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,23 Gb Total Space | 164,29 Gb Free Space | 73,60% Space Free | Partition Type: NTFS
Drive D: | 1045,70 Gb Total Space | 1015,94 Gb Free Space | 97,15% Space Free | Partition Type: NTFS
Drive J: | 351,56 Gb Total Space | 344,84 Gb Free Space | 98,09% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 862,02 Gb Free Space | 92,54% Space Free | Partition Type: NTFS
Drive N: | 931,51 Gb Total Space | 856,46 Gb Free Space | 91,94% Space Free | Partition Type: NTFS
Drive O: | 3,77 Gb Total Space | 3,62 Gb Free Space | 95,87% Space Free | Partition Type: FAT32

Computer Name: USERPC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\Tools\System Explorer\SystemExplorer.exe (Mister Group)
PRC - d:\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
PRC - D:\Programme\Klebezettel NG\klebez.exe (Hollie-Soft)
PRC - D:\Programme\MyConnection Server\msserver.exe ()
PRC - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe ()
PRC - D:\Tools\System Mechanic Professional\System Shield\ioloSSTray.exe (iolo technologies, LLC)
PRC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
PRC - C:\Programme\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe (BullGuard Ltd.)
PRC - C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe (Microsoft)
PRC - C:\Program Files (x86)\Heimdal\Client\HeimdalAgent.exe (CSIS Security Group)
PRC - C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe (CSIS Security Group)
PRC - C:\Windows\SysWOW64\java.exe (Oracle Corporation)
PRC - D:\Tools\O T L\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - D:\Programme\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
PRC - D:\Programme\Free Download Manager\fdm.exe (FreeDownloadManager.ORG)
PRC - D:\Tools\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - D:\Tools\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - D:\Tools\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe (SurfRight B.V.)
PRC - D:\Tools\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Secure Banking\SecureBanking.exe (Secure Banking)
PRC - D:\Programme\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY InfoPoisk LLC)
PRC - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - D:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
PRC - D:\Programme\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
PRC - C:\Program Files (x86)\Secure Banking\sbservice.exe ()
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - D:\Tools\Taskbar Eliminator 2.9\Taskbar Eliminator.exe ()
PRC - D:\Programme\ISDN-Monitor\ISDNMon.exe ( Michael Hampicke)
PRC - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\2155ee74acbc0781a44c2077ab3b95af\System.IdentityModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\fd55ac3f3e215b2ad0cfe87d56ae21b8\System.ServiceModel.Web.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\c2f2c5073965c1d04b9023f65d3fe349\SMDiagnostics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\805be8b7f84002fd634adf0a6cc01047\System.ServiceModel.Internals.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6ca943d545356e12f2d12e38146f203d\System.EnterpriseServices.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\6ca943d545356e12f2d12e38146f203d\System.EnterpriseServices.Wrapper.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\c26d68a7ce301c0ac1bf323e43d8f4c2\System.Numerics.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\fd6afdb3a9309e9af89222b778f5901c\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\d16bc7f3c78f5da5e6cda39fe71f943c\System.Xaml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ec3e85d83522363e943a978c0572e360\System.Windows.Forms.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\a196e5d6825a018267c6fe64c806cfe9\System.Transactions.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\31db5628e84268154f3bbeba0f7780df\System.ServiceModel.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b110ef93e43ad2abdfa7b12c99443144\System.Runtime.Serialization.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\3da259dc19800b323b95eaf2fdc38aa6\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\5d657eb91c57cf9b4f121a1a98874136\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\15ead42b8d352194f0f3fbba4f7ae02b\System.Drawing.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\1e68681f0a29fe2ce86b966f3eaeaa8a\System.Data.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\9ab0202718d44c5bfe5120745304808a\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a113135edf215a9ce15622d22d54de60\PresentationFramework.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\cbea5e962e34618c2e6c0ec22cef4a9f\PresentationCore.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\7f72c378b7371dc6ed32916e4283a96f\WindowsBase.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\5914b12c3dfc6f804a1fbfacbb083a3e\Microsoft.VisualBasic.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\ab8978239d891c4afffd6a6df3996a6e\System.Core.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\8455c031f8ffe82a0109c563873260e8\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\7ba8bc3c49fb30c9603bf070a0e0d51e\CustomMarshalers.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Accessibility\74558d5e0ce0aa099e7daf372e86bc26\Accessibility.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\ebdd49343f711b2029293f8e621b28a2\mscorlib.ni.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxmsw28u_xrc_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxmsw28u_core_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxmsw28u_adv_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxmsw28u_html_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxbase28u_vc_pro9.dll ()
MOD - D:\Programme\PDF-Tools\Nitro PDF\Pro 9\wxbase28u_xml_vc_pro9.dll ()
MOD - D:\Programme\Free Download Manager\fdmbtsupp.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf ()
MOD - C:\Program Files (x86)\Secure Banking\SecureBanking.dll ()
MOD - C:\Program Files (x86)\Secure Banking\funcs.dll ()
MOD - D:\Tools\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - D:\Tools\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\QTGui4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\QTXml4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\QTCore4.dll ()
MOD - D:\Programme\Logitech\LWS\Webcam Software\CameraHelperShell.exe ()
MOD - C:\Program Files (x86)\Secure Banking\sbservice.exe ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\eXPertPDFAddIn.dll ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\visage140.bpl ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\bblite140.bpl ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\vsmisc140.bpl ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\TMSlite140.bpl ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\js32.dll ()
MOD - D:\Programme\PDF-Tools\PDF Experte 7 Ultimate\PKIECtrl140.bpl ()
MOD - D:\Tools\Taskbar Eliminator 2.9\Taskbar Eliminator.exe ()
MOD - C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmms) -- C:\Windows\SysNative\vmms.exe (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WTService) -- C:\Windows\SysNative\atwtusb.exe ()
SRV - (HitmanProScheduler) -- C:\Programme\HitmanPro\hmpsched.exe (SurfRight B.V.)
SRV - (TuneUp.UtilitiesSvc) -- D:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (RealPlayer Cloud Service) -- d:\RealPlayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (BsFileScan) -- c:\Programme\BullGuard Ltd\BullGuard\BsFileScan.dll (BullGuard Ltd.)
SRV - (BsMailProxy) -- c:\Programme\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll (BullGuard Ltd.)
SRV - (BsCache) -- C:\Programme\BullGuard Ltd\BullGuard\BsCache.dll (BullGuard Ltd.)
SRV - (BsScanner) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardScanner.exe (BullGuard Ltd.)
SRV - (BsBackup) -- C:\Programme\BullGuard Ltd\BullGuard\BsBackup.dll (BullGuard Ltd.)
SRV - (BsFire) -- c:\Programme\BullGuard Ltd\BullGuard\BsFire.dll (BullGuard Ltd.)
SRV - (BsMain) -- C:\Programme\BullGuard Ltd\BullGuard\BsMain.dll (BullGuard Ltd.)
SRV - (BsBhvScan) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe (BullGuard Ltd.)
SRV - (BsUpdate) -- C:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (BullGuard Ltd.)
SRV - (MyConnectionServer-43957d47) -- D:\Programme\MyConnection Server\msserver.exe ()
SRV - (RealPlayerUpdateSvc) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe ()
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (ioloSystemService) -- C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SRV - (LavasoftAdAwareService11) -- D:\Tools\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe ()
SRV - (HeimdalSecureDNS) -- C:\Program Files (x86)\Heimdal\HeimdalSecureDNS\DnsService.exe (Microsoft)
SRV - (HeimdalService) -- C:\Program Files (x86)\Heimdal\Service\HeimdalAgentService.exe (CSIS Security Group)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\NLSSRV32.EXE (Nalpeiron Ltd.)
SRV - (NitroDriverReadSpool9) -- C:\Programme\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe (Nitro PDF Software)
SRV - (DirMngr) -- D:\Mail-Tools\GNU\GnuPG\dirmngr.exe ()
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (hmpalertsvc) -- C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe (SurfRight B.V.)
SRV - (ABBYY.Licensing.FineReader.Professional.11.0) -- D:\Programme\ABBYY FineReader 11\NetworkLicenseServer.exe (ABBYY InfoPoisk LLC)
SRV - (BingDesktopUpdate) -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corp.)
SRV - (MBAMService) -- D:\Tools\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- D:\Tools\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (IaStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (ISCTAgent) -- C:\Programme\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ()
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (Riverbed Technology, Inc.)
SRV - (SystemExplorerHelpService) -- D:\Tools\System Explorer\service\SystemExplorerService64.exe (Mister Group)
SRV - (vseqrts) -- C:\Programme\Common Files\Authentium\AntiVirus5\vseqrts.exe (Commtouch, Inc.)
SRV - (vsedsps) -- C:\Programme\Common Files\Authentium\AntiVirus5\vsedsps.exe (Commtouch, Inc.)
SRV - (vseamps) -- C:\Programme\Common Files\Authentium\AntiVirus5\vseamps.exe (Commtouch, Inc.)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (NovaShieldFilterDriver) -- C:\Windows\SysNative\drivers\NSKernel.sys (BullGuard Ltd.)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\drivers\SWDUMon.sys ()
DRV:64bit: - (xhcdrv) -- C:\Windows\SysNative\drivers\xhcdrv.sys (VIA Technologies, Inc.)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (BdSpy) -- C:\Windows\SysNative\drivers\BdSpy.sys (BullGuard Ltd.)
DRV:64bit: - (RTWlanE) -- C:\Windows\SysNative\drivers\rtwlane.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (passthruparser) -- C:\Windows\SysNative\drivers\passthruparser.sys (Microsoft Corporation)
DRV:64bit: - (pvhdparser) -- C:\Windows\SysNative\drivers\pvhdparser.sys (Microsoft Corporation)
DRV:64bit: - (lunparser) -- C:\Windows\SysNative\drivers\lunparser.sys (Microsoft Corporation)
DRV:64bit: - (vhdparser) -- C:\Windows\SysNative\drivers\vhdparser.sys (Microsoft Corporation)
DRV:64bit: - (afwcore) -- C:\Windows\SysNative\drivers\afwcore.sys (Agnitum Ltd.)
DRV:64bit: - (AFW) -- C:\Windows\SysNative\drivers\afw.sys (Agnitum Ltd.)
DRV:64bit: - (Trufos) -- C:\Windows\SysNative\drivers\Trufos.sys (BitDefender S.R.L.)
DRV:64bit: - (BdAgent) -- C:\Windows\SysNative\drivers\BdAgent.sys (BullGuard Ltd.)
DRV:64bit: - (BdNet) -- C:\Windows\SysNative\drivers\BdNet.sys (BullGuard Ltd.)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (VMSVSP) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation)
DRV:64bit: - (VMSVSF) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation)
DRV:64bit: - (VMSP) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation)
DRV:64bit: - (VMSMP) -- C:\Windows\SysNative\drivers\vmswitch.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (pimou) -- C:\Windows\SysNative\drivers\pimou.sys (Christian Gulden)
DRV:64bit: - (pikbd) -- C:\Windows\SysNative\drivers\pikbd.sys (Christian Gulden)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (VUSB3HUB) -- C:\Windows\SysNative\drivers\ViaHub3.sys (VIA Technologies, Inc.)
DRV:64bit: - (RTLE8023x64) -- C:\Windows\SysNative\drivers\Rtenic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (cxbu0x64) -- C:\Windows\SysNative\drivers\cxbu0x64.sys (HID Global Corporation)
DRV:64bit: - (hmpalert) -- C:\Windows\SysNative\drivers\hmpalert.sys ()
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD64.sys ()
DRV:64bit: - (imsevent) -- C:\Windows\SysNative\drivers\imsevent.sys ()
DRV:64bit: - (ikbevent) -- C:\Windows\SysNative\drivers\ikbevent.sys ()
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (Riverbed Technology, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (PDFsFilter) -- C:\Windows\SysNative\drivers\PDFsFilter.sys (Raxco Software, Inc.)
DRV:64bit: - (ElRawDisk) -- C:\Windows\SysNative\drivers\ElRawDsk.sys (EldoS Corporation)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AMP) -- C:\Windows\SysNative\drivers\amp.sys (Commtouch, Inc.)
DRV:64bit: - (AMPSE) -- C:\Windows\SysNative\drivers\ampse.sys (Commtouch, Inc.)
DRV:64bit: - (TabletFilter) -- C:\Windows\SysNative\drivers\TabletFilter.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (pmkbdfltr) -- C:\Windows\SysNative\drivers\pmkbdfltr.sys (PenMount)
DRV:64bit: - (fpcibase) -- C:\Windows\SysNative\drivers\fpcibase.sys (AVM Berlin)
DRV:64bit: - (AVMCOWAN) -- C:\Windows\SysNative\drivers\avmcowan.sys (AVM GmbH)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (Ch64USB) -- C:\Windows\SysNative\drivers\Ch64USB.sys (Cherry GmbH)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (MBfilt) -- C:\Windows\SysNative\drivers\MBfilt64.sys (Creative Technology Ltd.)
DRV:64bit: - (vhidmini) -- C:\Windows\SysNative\drivers\walvhid.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (moufiltr) -- C:\Windows\SysNative\drivers\moufiltr.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (CYUSB) -- C:\Windows\SysNative\drivers\CYUSB.sys (Cypress Semiconductor)
DRV:64bit: - (ElbyCDFL) -- C:\Windows\SysNative\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (A2DDA) -- D:\Tools\EmsisoftEmergencyKit\Run\a2ddax64.sys (Emsisoft GmbH)
DRV - (cleanhlp) -- D:\Tools\EmsisoftEmergencyKit\Run\cleanhlp64.sys (Emsisoft GmbH)
DRV - (esgiguard) -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys ()
DRV - (TuneUpUtilitiesDrv) -- D:\Tools\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (DrvAgent64) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS (Phoenix Technologies)
DRV - (cpudrv64) -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys ()
DRV - (UnlockerDriver5) -- D:\Tools\Unlocker\UnlockerDriver5.sys ()
DRV - (ElbyCDFL) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys (SlySoft, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://duckduckgo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,ru;q=0.6,fr-FR;q=0.4,fr;q=0.2
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FC A7 0A 4D 0B 8D CE 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKCU\..\SearchScopes\{08240C0C-C500-4ECB-BBF7-73DEA4B04F4F}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{124E2F8E-71DD-46D5-8261-53F9CD1A601A}: "URL" = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.4: D:\Programme\VLC-Player x64\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: File not found
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Programme\Bild-Tools\Google\Picasa 3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: D:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: D:\Programme\PDF-Tools\Nitro PDF\Pro 9\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=17.0.6.13: d:\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=17.0.6: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=17.0.6.13: d:\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Users\User\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\User\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\User\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 26.0\extensions\\Components: D:\BROWSER\WATERFOX\COMPONENTS [2013.01.22 20:42:28 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 26.0\extensions\\Plugins: D:\BROWSER\WATERFOX\PLUGINS [2013.03.01 15:52:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014.03.16 11:22:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\antiphishing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard\ [2013.10.18 19:40:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2014.03.16 11:22:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: D:\Browser\Mozilla Firefox\plugins [2014.03.16 11:21:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.03.16 11:21:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: D:\Programme\Mozilla Sunbird\components [2014.03.16 11:21:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: D:\Browser\Mozilla Firefox\plugins [2014.03.16 11:21:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{380AE6CB-09B9-4373-B360-D01C2462A6E7}: C:\Program Files\BullGuard Ltd\BullGuard\Files32\backup\thunderbirdbkplugin [2013.11.13 17:32:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Thunderbird\Extensions\\{0E810812-F4BB-4309-942A-755587587A5E}: C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\TbSpamfilter [2013.11.13 17:32:48 | 000,000,000 | ---D | M]

[2013.12.21 14:43:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2013.12.21 14:43:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.11.20 10:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions
[2012.11.20 12:47:59 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2012.12.30 11:20:11 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2012.12.30 11:20:11 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2012.11.20 12:47:59 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2012.11.20 12:28:15 | 000,000,000 | ---D | M] (Clippings) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{91aa5abe-9de4-4347-b7b5-322c38dd9271}
[2013.01.30 18:42:41 | 000,000,000 | ---D | M] (WOT) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.03.01 16:06:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.11.16 21:19:37 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2012.11.24 18:47:36 | 000,000,000 | ---D | M] (Youtubeâ„¢ Search) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a000b9@wips.com
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com
[2013.06.26 19:44:45 | 000,000,000 | ---D | M] (Amazon-Icon) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\amazon-icon@winload.de
[2013.03.01 16:06:30 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\firefox@ghostery.com
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\plugins
[2014.03.28 14:43:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\c19ssglt.default\extensions\a54e453c-130a-4769-9333-c5ec2aa914c5@9bd7cc89-9c7c-44e9-a03b-042b92d363f0.com\extensionData\userCode
[2013.06.26 19:44:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\extensions
[2013.06.26 19:44:45 | 000,000,000 | ---D | M] (Amazon-Icon) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\extensions\amazon-icon@winload.de
[2013.06.15 16:04:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Mozilla Profile\Waterfox_1\extensions
[2013.06.15 16:04:59 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Mozilla Profile\Waterfox_1\extensions\ffxtlbr@delta.com
[2013.06.15 16:05:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Mozilla Profile\Waterfox_2\extensions
[2013.06.15 16:05:00 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Mozilla Profile\Waterfox_2\extensions\ffxtlbr@delta.com
[2013.06.15 16:05:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Waterfox\Profile\extensions
[2013.06.15 16:05:01 | 000,000,000 | ---D | M] (Delta Toolbar) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\r\Waterfox\Profile\extensions\ffxtlbr@delta.com
[2014.03.28 14:50:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions
[2014.03.04 14:06:16 | 000,000,000 | ---D | M] (Nightly Tester Tools) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}
[2014.03.04 12:22:41 | 000,000,000 | ---D | M] (WOT) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014.03.25 12:31:15 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014.03.04 11:33:32 | 000,000,000 | ---D | M] (Cookies Manager+) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
[2014.03.10 17:59:16 | 000,000,000 | ---D | M] (CSHelper) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473}
[2014.03.04 12:20:23 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2014.03.04 15:37:00 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\scf19795.Cyberfox_Bernd 2\extensions\fb_add_on@avm.de
[2012.11.20 10:19:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Sunbird\Profiles\fper4c5r.default\extensions
[2013.01.31 20:08:15 | 000,130,828 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\adblockpopups@jessehakanen.net.xpi
[2012.11.24 18:47:36 | 000,025,781 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\add-to-searchbox@maltekraus.de.xpi
[2012.12.05 10:36:12 | 000,087,753 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\ciuvo-extension@billiger.de.xpi
[2012.11.20 12:47:59 | 000,174,405 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\guiconfig@slosd.net.xpi
[2013.03.01 16:06:29 | 000,306,394 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\langpack-de@firefox.mozilla.org.xpi
[2012.11.20 12:47:59 | 000,015,624 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\notifier@coupons24.com.xpi
[2012.11.20 13:49:14 | 000,113,783 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\organize-search-engines@maltekraus.de.xpi
[2013.01.16 20:00:05 | 000,255,318 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
[2013.03.01 16:06:29 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\stealthyextension@gmail.com.xpi
[2012.11.16 21:12:20 | 000,455,379 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2013.03.01 16:06:29 | 000,348,178 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012.11.20 12:33:41 | 000,032,919 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{1deb4a26-d4c3-47e9-a59a-c2c01671455a}.xpi
[2012.12.30 11:20:10 | 000,399,507 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi
[2012.11.20 12:28:15 | 000,030,926 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi
[2012.11.16 21:25:45 | 000,167,607 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}.xpi
[2012.11.20 12:33:41 | 000,016,921 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi
[2012.11.20 12:33:41 | 000,017,696 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi
[2013.03.01 16:00:36 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.20 12:28:15 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2012.11.20 12:33:41 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013.03.01 16:06:26 | 000,754,446 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\c19ssglt.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2014.03.06 09:42:27 | 000,362,592 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\admin@snapilicious.com.xpi
[2014.03.04 12:34:49 | 000,087,753 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\ciuvo-extension@billiger.de.xpi
[2014.03.12 13:22:03 | 000,114,278 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\compatibility@addons.mozilla.org.xpi
[2014.03.04 11:33:33 | 000,261,821 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\cslite-mod@wantora.bitbucket.org.xpi
[2014.03.06 16:20:50 | 001,393,079 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\firefox@ghostery.com.xpi
[2014.03.04 14:06:17 | 000,174,405 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\guiconfig@slosd.net.xpi
[2014.03.22 14:27:11 | 000,857,038 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi
[2014.03.19 09:12:11 | 000,360,788 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\langpack-de@8pecxstudios.com.xpi
[2014.03.04 12:07:40 | 000,015,624 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\notifier@coupons24.com.xpi
[2014.03.04 12:35:40 | 000,113,783 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\organize-search-engines@maltekraus.de.xpi
[2014.03.09 12:24:17 | 000,217,068 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\spam@trashmail.net.xpi
[2014.03.04 11:30:21 | 000,475,779 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2014.03.14 11:51:42 | 000,383,888 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2014.03.06 16:46:59 | 000,850,224 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi
[2014.03.25 12:31:16 | 000,537,316 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014.03.04 11:30:20 | 000,030,926 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{99B98C2C-7274-45a3-A640-D9DF1A1C8460}.xpi
[2014.03.08 20:23:43 | 000,325,530 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{a1109c2a-1187-4027-901d-13097b755625}.xpi
[2014.03.04 14:14:44 | 000,188,418 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{a6ca9b3b-5e52-4f47-85d8-cca35bb57596}.xpi
[2014.03.04 14:04:18 | 000,019,530 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
[2014.03.04 11:35:20 | 000,016,921 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{c72c0c73-4eb0-4fb3-af0f-074e97326cfd}.xpi
[2014.03.04 11:30:20 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2014.03.04 12:35:40 | 000,026,312 | ---- | M] () (No name found) -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\scf19795.Cyberfox_Bernd 2\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
[2013.09.03 19:18:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.01.24 18:37:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013.08.18 17:19:35 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.02.04 15:32:07 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014.03.16 11:20:54 | 000,148,040 | ---- | M] (RealPlayer Cloud) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll

O1 HOSTS File: ([2013.03.09 16:32:46 | 000,000,857 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 192.168.178.1 fritz.box
O2:64bit: - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Mediaplayer) - {1536BA74-8625-4240-99B0-BE65883689C8} - D:\Programme\Mediapiraten\Mediapiraten\IEButtonMPInterface.dll ()
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - D:\Programme\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (FRITZ!Box Addon BHO) - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61A832B6-C0D9-4349-AF14-0A1573659266} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] D:\Tools\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [AtwtusbIcon] C:\WINDOWS\SysNative\AtwtusbIcon.exe ()
O4:64bit: - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.)
O4:64bit: - HKLM..\Run: [BullGuardUpdate2] c:\Programme\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe (BullGuard Ltd.)
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe (TODO: <Company name>)
O4 - HKLM..\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe (Microsoft Corp.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [LWS] D:\Programme\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [SDTray] D:\Tools\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SystemExplorerAutoStart] D:\Tools\System Explorer\SystemExplorer.exe (Mister Group)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe (Ulead Systems, Inc.)
O4 - HKCU..\Run: [Alle meine Passworte] C:\Programme\AlleMeinePassworte\AmP.exe (Mirko Böer)
O4 - HKCU..\Run: [CCleaner Monitoring] D:\Tools\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Ditto] D:\Programme\Ditto\Ditto.exe ()
O4 - HKCU..\Run: [Klebezettel NG] D:\Programme\Klebezettel NG\klebez.exe (Hollie-Soft)
O4 - HKCU..\Run: [SecureBanking] C:\Program Files (x86)\Secure Banking\SecureBanking.exe (Secure Banking)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] D:\Tools\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SystemExplorerAutoStart] D:\Tools\System Explorer\SystemExplorer.exe (Mister Group)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013.10.18 14:33:21 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CW News.lnk = D:\Tools\PC-Pannenhelfer - Special Edition 2013\CW News.exe ()
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fritz!Box Tray Tool.lnk = N:\Treiber und Updates\Fritz! und CAPI\FritzBox_Tray_Tool_1.2\FritzBox_Tray_Tool.exe (RPworld.de)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ISDN-Monitor.lnk = D:\Programme\ISDN-Monitor\ISDNMon.exe ( Michael Hampicke)
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2013.10.18 14:35:52 | 000,000,000 | -H-D | M]
O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Taskbar Eliminator.lnk = D:\Tools\Taskbar Eliminator 2.9\Taskbar Eliminator.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - D:\Programme\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - D:\Programme\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - D:\Programme\Free Download Manager\dllink.htm ()
O8:64bit: - Extra context menu item: Mit FRITZ!Box Anrufen - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - D:\Programme\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Alles mit FDM herunterladen - D:\Programme\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - D:\Programme\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - D:\Programme\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Mit FRITZ!Box Anrufen - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\fb_addon_dial_ie.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - D:\Programme\Free Download Manager\dlfvideo.htm ()
O9:64bit: - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra 'Tools' menuitem : Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Programme\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
O9 - Extra Button: An Mindjet MindManager senden - {2F72393D-2472-4F82-B600-ED77F354B7FF} - D:\Programme\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra Button: FRITZ!Box AddOn - {328ECD19-C167-40eb-A0C7-16FE7634105F} - C:\Program Files (x86)\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\WINDOWS\SysNative\iavlsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\WINDOWS\SysNative\iavlsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\WINDOWS\SysNative\iavlsp64.dll ()
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 10.51.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EE78588-375E-4043-B151-6FF228BA3431}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EE78588-375E-4043-B151-6FF228BA3431}: NameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F235A5C-2D65-4E83-9679-1952A46429F3}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.03.28 12:50:27 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{a198bd91-577d-11e3-8220-8c89a55ab07d}\Shell - "" = AutoRun
O33 - MountPoints2\{a198bd91-577d-11e3-8220-8c89a55ab07d}\Shell\AutoRun\command - "" = "M:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014.03.28 13:35:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegHunter
[2014.03.28 12:47:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
[2014.03.28 12:47:49 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2014.03.28 12:47:49 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2014.03.27 15:16:03 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Babylon
[2014.03.27 15:15:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Babylon
[2014.03.27 15:15:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2014.03.27 14:58:07 | 000,000,000 | ---D | C] -- C:\Users\User\Documents\ProcAlyzer Dumps
[2014.03.27 14:17:34 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\WINDOWS\SysNative\bootdelete.exe
[2014.03.27 13:26:41 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\AGAVA TBP
[2014.03.27 12:47:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Download Manager
[2014.03.27 12:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Bat! E-Mail
[2014.03.26 19:27:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\LavasoftStatistics
[2014.03.26 19:00:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014.03.26 18:54:45 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Lavasoft
[2014.03.26 18:53:12 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014.03.26 18:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2014.03.26 09:56:00 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\zebNet
[2014.03.25 20:11:43 | 000,029,496 | ---- | C] (TuneUp Software) -- C:\WINDOWS\SysNative\authuitu.dll
[2014.03.25 20:11:37 | 000,025,400 | ---- | C] (TuneUp Software) -- C:\WINDOWS\SysWow64\authuitu.dll
[2014.03.25 20:11:35 | 000,043,320 | ---- | C] (TuneUp Software) -- C:\WINDOWS\SysNative\uxtuneup.dll
[2014.03.25 20:11:31 | 000,036,152 | ---- | C] (TuneUp Software) -- C:\WINDOWS\SysWow64\uxtuneup.dll
[2014.03.25 20:10:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\TuneUp Software
[2014.03.25 19:51:04 | 000,077,312 | ---- | C] (Emsisoft GmbH) -- C:\WINDOWS\SysNative\eamclean.exe
[2014.03.25 19:44:10 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SARDU
[2014.03.25 19:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SARDU
[2014.03.25 18:00:43 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.03.24 18:28:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.03.20 23:03:06 | 015,783,992 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2014.03.20 23:03:02 | 000,832,936 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2014.03.20 23:03:00 | 011,589,272 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2014.03.20 23:03:00 | 009,690,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2014.03.20 23:02:58 | 031,474,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2014.03.20 23:02:56 | 023,716,640 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2014.03.20 23:02:56 | 000,305,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2014.03.20 23:02:54 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2014.03.20 23:02:54 | 000,863,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2014.03.20 23:02:54 | 000,377,688 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2014.03.20 23:02:54 | 000,333,600 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2014.03.20 23:02:54 | 000,174,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2014.03.20 23:02:54 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2014.03.20 23:02:52 | 001,885,472 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433523.dll
[2014.03.20 23:02:52 | 001,516,488 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433523.dll
[2014.03.20 23:02:52 | 001,515,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2014.03.20 23:02:52 | 000,877,856 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2014.03.20 23:02:52 | 000,846,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2014.03.20 23:02:52 | 000,484,296 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2014.03.20 23:02:52 | 000,409,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2014.03.20 23:02:52 | 000,197,408 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2014.03.20 23:02:52 | 000,031,520 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2014.03.20 23:02:50 | 017,755,424 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2014.03.20 23:02:50 | 014,709,720 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2014.03.20 23:02:50 | 003,143,456 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2014.03.20 23:02:48 | 011,636,176 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2014.03.20 23:02:48 | 009,728,064 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2014.03.20 23:02:48 | 002,958,792 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2014.03.20 23:02:48 | 002,783,008 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2014.03.20 23:02:48 | 002,411,976 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2014.03.20 23:02:32 | 017,561,544 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2014.03.20 23:02:30 | 025,255,256 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2014.03.20 23:02:28 | 002,715,264 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2014.03.19 21:03:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Laplink
[2014.03.19 21:02:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Laplink
[2014.03.19 21:02:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laplink PCmover
[2014.03.19 21:00:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Downloaded Installations
[2014.03.18 13:53:17 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014.03.18 13:53:16 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014.03.16 18:04:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Help
[2014.03.16 11:23:08 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\RealNetworks
[2014.03.16 11:22:03 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2014.03.16 11:22:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2014.03.16 11:21:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2014.03.16 11:21:08 | 000,201,800 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\SysWow64\rmoc3260.dll
[2014.03.16 11:20:47 | 000,278,600 | ---- | C] (Progressive Networks) -- C:\WINDOWS\SysWow64\pncrt.dll
[2014.03.14 21:04:23 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AGAVA TBP
[2014.03.14 21:02:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGAVA AntispamServant für TheBat!
[2014.03.14 10:19:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\AntispamSniper
[2014.03.12 20:12:58 | 001,643,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014.03.12 20:12:58 | 001,507,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014.03.12 20:12:51 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.03.12 20:12:51 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.03.12 20:12:50 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014.03.12 20:12:50 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014.03.12 20:12:50 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.03.12 20:12:02 | 006,640,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014.03.12 20:12:02 | 005,770,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014.03.12 20:12:02 | 002,133,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014.03.12 20:12:01 | 004,175,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2014.03.12 20:12:01 | 002,143,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014.03.12 20:12:01 | 001,928,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014.03.12 20:12:01 | 001,486,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2014.03.12 20:12:01 | 001,371,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014.03.12 20:12:01 | 001,287,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014.03.12 20:12:01 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014.03.12 20:12:01 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014.03.12 20:12:01 | 000,764,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2014.03.12 20:12:01 | 000,669,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2014.03.12 20:12:01 | 000,458,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014.03.12 20:12:01 | 000,407,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Faultrep.dll
[2014.03.12 20:12:01 | 000,369,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Faultrep.dll
[2014.03.12 20:12:01 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpencom.dll
[2014.03.12 20:12:01 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpencom.dll
[2014.03.12 20:12:00 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2014.03.12 20:12:00 | 001,238,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2014.03.12 20:12:00 | 000,447,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcomapi.dll
[2014.03.12 20:12:00 | 000,408,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014.03.12 20:12:00 | 000,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014.03.12 20:12:00 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWWIN.EXE
[2014.03.12 20:12:00 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DWWIN.EXE
[2014.03.12 20:12:00 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsgqec.dll
[2014.03.12 20:12:00 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tsgqec.dll
[2014.03.12 20:10:21 | 000,236,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014.03.12 20:10:21 | 000,124,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014.03.12 20:10:21 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014.03.12 20:09:46 | 000,586,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014.03.12 20:09:46 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014.03.12 16:17:54 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VampireX
[2014.03.12 16:17:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VampireX
[2014.03.12 11:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntispamSniper for TheBat!
[2014.03.11 09:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
[2014.03.11 09:57:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SRWare Iron
[2014.03.08 21:04:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2014.03.05 18:57:21 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eMailTrackerPro
[2014.03.05 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyConnection Server
[2014.03.05 18:37:34 | 000,000,000 | ---D | C] -- C:\MCSRACache-E8A0897E9D
[2014.03.05 18:37:31 | 000,000,000 | ---D | C] -- C:\vw
[2014.03.04 19:55:15 | 001,504,608 | R--- | C] (Commtouch, Inc.) -- C:\WINDOWS\SysNative\drivers\ampse.sys
[2014.03.04 19:55:15 | 000,173,408 | R--- | C] (Commtouch, Inc.) -- C:\WINDOWS\SysNative\drivers\amp.sys
[2014.03.04 19:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Authentium
[2014.03.04 19:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Authentium
[2014.03.04 19:55:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Authentium
[2014.03.04 19:47:09 | 002,135,040 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\SysNative\Incinerator64.dll
[2014.03.04 19:46:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ioloGovernor
[2014.03.04 19:46:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\ioloGovernor
[2014.03.03 17:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Waterfox
[2013.08.30 16:51:14 | 028,779,232 | ---- | C] (8pecxstudios ) -- C:\Users\User\AppData\Roaming\LatestVersionIntel.exe
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014.03.28 15:10:07 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3421421347-3586464235-1710720214-1001UA.job
[2014.03.28 14:40:03 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.03.28 14:38:07 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.03.28 13:35:41 | 000,001,185 | ---- | M] () -- C:\Users\Public\Desktop\RegHunter.lnk
[2014.03.28 12:50:27 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2014.03.28 12:47:50 | 000,002,278 | ---- | M] () -- C:\Users\User\Desktop\SpyHunter.lnk
[2014.03.28 12:40:14 | 000,002,201 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.03.28 12:40:13 | 000,001,116 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.03.28 10:32:19 | 000,765,378 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2014.03.28 10:32:19 | 000,723,316 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.03.28 10:32:19 | 000,159,696 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2014.03.28 10:32:19 | 000,135,930 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.03.28 10:32:18 | 001,780,340 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.03.28 10:27:31 | 000,000,480 | ---- | M] () -- C:\WINDOWS\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2014.03.28 10:27:27 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.03.28 10:26:10 | 000,000,408 | ---- | M] () -- C:\WINDOWS\SysWow64\iolo.ini
[2014.03.28 10:26:10 | 000,000,408 | ---- | M] () -- C:\WINDOWS\SysNative\iolo.ini
[2014.03.28 10:25:50 | 000,001,092 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014.03.28 10:25:07 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2014.03.28 10:25:07 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\lvuvc.hs
[2014.03.27 14:17:34 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\WINDOWS\SysNative\bootdelete.exe
[2014.03.25 19:52:47 | 000,077,312 | ---- | M] (Emsisoft GmbH) -- C:\WINDOWS\SysNative\eamclean.exe
[2014.03.25 19:52:47 | 000,001,120 | ---- | M] () -- C:\WINDOWS\SysNative\eamclean.dat
[2014.03.25 16:10:15 | 000,001,078 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3421421347-3586464235-1710720214-1001Core.job
[2014.03.25 12:42:03 | 000,089,304 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2014.03.24 14:41:24 | 000,000,884 | ---- | M] () -- C:\WINDOWS\SysNative\.crusader
[2014.03.24 14:34:51 | 000,001,927 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2014.03.24 10:26:28 | 000,002,922 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2014.03.21 10:17:25 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Pale Moon.lnk
[2014.03.20 23:03:10 | 000,062,408 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.dll
[2014.03.20 23:03:10 | 000,054,216 | ---- | M] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.dll
[2014.03.20 23:03:06 | 018,302,384 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvwgf2umx.dll
[2014.03.20 23:03:06 | 015,783,992 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvwgf2um.dll
[2014.03.20 23:03:02 | 000,947,808 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvumdshimx.dll
[2014.03.20 23:03:02 | 000,832,936 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvumdshim.dll
[2014.03.20 23:03:00 | 011,589,272 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvopencl.dll
[2014.03.20 23:03:00 | 009,690,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvopencl.dll
[2014.03.20 23:02:58 | 031,474,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglv64.dll
[2014.03.20 23:02:56 | 023,716,640 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglv32.dll
[2014.03.20 23:02:56 | 000,353,504 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvoglshim64.dll
[2014.03.20 23:02:56 | 000,305,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvoglshim32.dll
[2014.03.20 23:02:54 | 000,892,704 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFR64.dll
[2014.03.20 23:02:54 | 000,863,064 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFR.dll
[2014.03.20 23:02:54 | 000,377,688 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvIFROpenGL.dll
[2014.03.20 23:02:54 | 000,333,600 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
[2014.03.20 23:02:54 | 000,174,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvinitx.dll
[2014.03.20 23:02:54 | 000,148,016 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvinit.dll
[2014.03.20 23:02:54 | 000,024,544 | ---- | M] () -- C:\WINDOWS\SysNative\nvinfo.pb
[2014.03.20 23:02:52 | 001,885,472 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispco6433523.dll
[2014.03.20 23:02:52 | 001,516,488 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvdispgenco6433523.dll
[2014.03.20 23:02:52 | 001,515,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdagenco6420103.dll
[2014.03.20 23:02:52 | 000,877,856 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\NvFBC64.dll
[2014.03.20 23:02:52 | 000,846,168 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\NvFBC.dll
[2014.03.20 23:02:52 | 000,484,296 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvEncodeAPI64.dll
[2014.03.20 23:02:52 | 000,409,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
[2014.03.20 23:02:52 | 000,197,408 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys
[2014.03.20 23:02:52 | 000,031,520 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvhdap64.dll
[2014.03.20 23:02:50 | 017,755,424 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvd3dumx.dll
[2014.03.20 23:02:50 | 014,709,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvd3dum.dll
[2014.03.20 23:02:50 | 003,143,456 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvid.dll
[2014.03.20 23:02:48 | 011,636,176 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuda.dll
[2014.03.20 23:02:48 | 009,728,064 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuda.dll
[2014.03.20 23:02:48 | 002,958,792 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvid.dll
[2014.03.20 23:02:48 | 002,783,008 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcuvenc.dll
[2014.03.20 23:02:48 | 002,411,976 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcuvenc.dll
[2014.03.20 23:02:32 | 017,561,544 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvcompiler.dll
[2014.03.20 23:02:30 | 025,255,256 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcompiler.dll
[2014.03.20 23:02:30 | 003,093,280 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvapi64.dll
[2014.03.20 23:02:28 | 002,715,264 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysWow64\nvapi.dll
[2014.03.20 14:44:20 | 000,043,320 | ---- | M] (TuneUp Software) -- C:\WINDOWS\SysNative\uxtuneup.dll
[2014.03.20 14:44:20 | 000,036,152 | ---- | M] (TuneUp Software) -- C:\WINDOWS\SysWow64\uxtuneup.dll
[2014.03.20 14:44:20 | 000,029,496 | ---- | M] (TuneUp Software) -- C:\WINDOWS\SysNative\authuitu.dll
[2014.03.20 14:44:20 | 000,025,400 | ---- | M] (TuneUp Software) -- C:\WINDOWS\SysWow64\authuitu.dll
[2014.03.19 21:02:42 | 000,001,727 | ---- | M] () -- C:\Users\Public\Desktop\PCmover Free.lnk
[2014.03.19 09:09:37 | 000,000,671 | ---- | M] () -- C:\Users\Public\Desktop\Cyberfox.lnk
[2014.03.16 11:22:24 | 000,000,679 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014.03.16 11:21:08 | 000,201,800 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\SysWow64\rmoc3260.dll
[2014.03.16 11:21:04 | 000,000,717 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014.03.16 11:20:47 | 000,278,600 | ---- | M] (Progressive Networks) -- C:\WINDOWS\SysWow64\pncrt.dll
[2014.03.14 09:42:35 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
[2014.03.14 09:27:21 | 000,654,736 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.03.11 09:57:20 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\SRWare Iron.lnk
[2014.03.04 23:53:05 | 000,105,464 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014.03.04 23:53:04 | 000,693,240 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014.03.04 19:41:17 | 000,000,677 | ---- | M] () -- C:\Users\Public\Desktop\Cyberfox Profilmanager.lnk
[2014.03.04 14:06:00 | 006,714,312 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvcpl.dll
[2014.03.04 14:06:00 | 003,497,816 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvc64.dll
[2014.03.04 14:05:58 | 002,558,808 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvsvcr.dll
[2014.03.04 14:05:58 | 000,064,968 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvshext.dll
[2014.03.04 14:05:57 | 000,386,336 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\SysNative\nvmctray.dll
[2014.03.04 14:05:53 | 003,649,185 | ---- | M] () -- C:\WINDOWS\SysNative\nvcoproc.bin
[2014.03.03 17:39:25 | 000,000,900 | ---- | M] () -- C:\Users\Public\Desktop\Waterfox.lnk
[2014.03.01 05:17:43 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.03.01 04:54:33 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.03.01 04:42:12 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.03.01 03:25:42 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014.03.01 03:25:22 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014.03.28 13:35:41 | 000,001,185 | ---- | C] () -- C:\Users\Public\Desktop\RegHunter.lnk
[2014.03.28 12:50:27 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2014.03.28 12:47:50 | 000,002,278 | ---- | C] () -- C:\Users\User\Desktop\SpyHunter.lnk
[2014.03.28 10:27:31 | 000,000,480 | ---- | C] () -- C:\WINDOWS\SysNative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
[2014.03.26 19:00:30 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014.03.25 19:51:04 | 000,001,120 | ---- | C] () -- C:\WINDOWS\SysNative\eamclean.dat
[2014.03.25 18:30:52 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\zebNet® Byte Calculator TNG.lnk
[2014.03.24 18:28:17 | 000,002,201 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.03.21 10:17:25 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Pale Moon.lnk
[2014.03.19 21:02:42 | 000,001,727 | ---- | C] () -- C:\Users\Public\Desktop\PCmover Free.lnk
[2014.03.19 09:09:37 | 000,000,671 | ---- | C] () -- C:\Users\Public\Desktop\Cyberfox.lnk
[2014.03.16 11:22:24 | 000,000,679 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer Cloud.lnk
[2014.03.16 11:21:04 | 000,000,717 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
[2014.03.12 20:12:00 | 000,386,722 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014.03.12 19:54:22 | 000,000,722 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Bat!.LNK
[2014.03.11 09:57:20 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\SRWare Iron.lnk
[2014.03.08 21:04:24 | 000,002,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2014.03.03 17:39:25 | 000,000,900 | ---- | C] () -- C:\Users\Public\Desktop\Waterfox.lnk
[2014.02.12 19:57:15 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2013.12.10 11:16:48 | 000,000,098 | ---- | C] () -- C:\Users\User\advanced_ip_scanner_MAC.bin
[2013.12.08 11:40:08 | 000,000,876 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013.11.19 21:15:50 | 000,000,144 | ---- | C] () -- C:\Users\User\AppData\Roaming\PronunciationEditor.ini
[2013.09.24 11:19:15 | 000,000,024 | -HS- | C] () -- C:\Users\User\AppData\Roaming\System5908ConfigCollection.dat
[2013.09.24 11:19:15 | 000,000,024 | -HS- | C] () -- C:\Users\User\AppData\Roaming\1D959CA221C7573.sys
[2013.09.17 13:00:11 | 000,000,111 | ---- | C] () -- C:\Users\User\AppData\Roaming\profiles.ini
[2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013.06.13 16:42:31 | 003,661,266 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013.06.12 16:40:26 | 000,000,197 | ---- | C] () -- C:\WINDOWS\LSExifCleaner.ini
[2013.06.01 15:02:29 | 000,009,216 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.29 10:12:54 | 000,002,922 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.05.07 09:40:25 | 000,074,240 | ---- | C] () -- C:\WINDOWS\AKDeInstall.exe
[2013.05.05 20:23:58 | 000,000,408 | ---- | C] () -- C:\WINDOWS\SysWow64\iolo.ini
[2013.05.05 20:17:36 | 000,074,703 | ---- | C] () -- C:\WINDOWS\SysWow64\mfc45.dat
[2013.04.25 20:07:51 | 000,000,105 | R--- | C] () -- C:\ProgramData\Ppster.ini
[2013.04.13 16:11:51 | 000,105,292 | ---- | C] () -- C:\WINDOWS\restart.exe
[2013.03.14 20:08:49 | 000,559,104 | ---- | C] () -- C:\WINDOWS\RmTablet.exe
[2013.03.13 22:12:47 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2013.03.13 22:12:47 | 000,036,864 | ---- | C] () -- C:\WINDOWS\runSW.exe
[2013.03.07 19:53:45 | 000,000,034 | ---- | C] () -- C:\Users\User\eMailTrackerPro-Path
[2013.03.01 02:47:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\SysWow64\pthreadVC.dll
[2013.02.28 18:56:13 | 000,007,605 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg
[2013.02.26 16:29:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2013.01.03 12:09:55 | 000,004,096 | -H-- | C] () -- C:\Users\User\AppData\Local\keyfile3.drm
[2013.01.01 15:44:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2012.12.02 20:20:25 | 000,000,021 | ---- | C] () -- C:\WINDOWS\progman.ini
[2012.11.25 12:39:18 | 000,000,034 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2012.11.20 12:28:17 | 000,000,457 | ---- | C] () -- C:\Users\User\clipdat2.rdf
[2012.11.18 11:53:00 | 000,000,265 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012.11.17 12:17:31 | 000,000,022 | -HS- | C] () -- C:\Users\User\AppData\Roaming\Windows1569_SettingsRepository.bin
[2012.11.17 12:17:31 | 000,000,022 | -HS- | C] () -- C:\WINDOWS\90C7D912BE2316.sys
[2012.11.16 14:45:18 | 000,000,215 | ---- | C] () -- C:\WINDOWS\HBCIKRNL.ini
[2012.11.16 14:45:15 | 000,000,287 | ---- | C] () -- C:\ProgramData\{BABE1E59-F3A3-4B2B-80B1-41928543A042}_WiseFW.ini
[2012.11.02 17:48:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012.10.26 16:42:24 | 000,336,232 | ---- | C] () -- C:\WINDOWS\SysWow64\DevManagerCore.dll
[2012.10.26 16:42:22 | 010,919,784 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPP.dll
[2012.10.26 16:42:22 | 000,103,272 | ---- | C] () -- C:\WINDOWS\SysWow64\LogiDPPApp.exe
[2012.10.07 11:23:08 | 000,138,368 | ---- | C] () -- C:\WINDOWS\SysWow64\LxDNTvmc100.dll
[2012.10.07 11:23:08 | 000,074,368 | ---- | C] () -- C:\WINDOWS\SysWow64\LxDNTvm100.dll
[2012.10.07 11:23:06 | 000,318,592 | ---- | C] () -- C:\WINDOWS\SysWow64\LxDNT100.dll
[2012.08.13 04:29:51 | 000,007,800 | ---- | C] () -- C:\WINDOWS\cadx2.ini
[2012.07.17 14:22:04 | 000,179,200 | ---- | C] () -- C:\WINDOWS\SysWow64\unrar.dll

========== ZeroAccess Check ==========

[2014.02.16 12:43:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.12.09 09:05:24 | 021,199,256 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.12.09 05:51:04 | 018,643,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.01.02 18:27:09 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\0W1L1G1Q1F2W1Bzz0D1F2W1G1I1F1T1Q1B
[2012.12.03 17:50:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AAV
[2012.11.27 11:41:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Abelssoft
[2013.11.12 18:52:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Acapela Group
[2013.11.20 18:04:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Advanced
[2014.03.14 21:04:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AGAVA TBP
[2013.06.18 09:38:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ahnenblatt
[2013.02.25 18:47:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\aignes
[2012.11.17 18:08:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Alle meine Passworte
[2014.03.14 10:19:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AntispamSniper
[2013.11.03 14:46:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\AnvSoft
[2013.04.12 15:03:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ArcticLine
[2013.03.01 14:31:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ASCOMP Software
[2013.12.30 12:34:23 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ashampoo
[2014.03.27 15:15:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Babylon
[2014.03.28 11:18:10 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\BullGuard
[2013.06.15 17:50:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Canon
[2013.08.23 18:09:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\com.dansl.QRreader
[2013.02.02 20:54:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\COMPUTERBILD-Abzockschutz Premium
[2012.11.16 22:02:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DataDesign
[2012.11.17 12:09:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Dirk Jansen
[2014.01.13 17:51:19 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Downloaded Installations
[2013.12.31 19:05:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\DVDVideoSoft
[2012.12.12 17:39:52 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Epson
[2012.12.03 11:32:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ESBUnitConv
[2013.09.03 17:53:15 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\EssentialPIM Pro
[2014.02.10 15:26:21 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FileZilla
[2013.04.07 16:38:51 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FRITZ!
[2013.04.23 19:25:08 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Fritz!Box Tray Tool
[2013.04.20 13:23:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2013.06.25 18:06:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GetFoldersize
[2013.03.18 15:12:08 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GHISLER
[2014.03.05 17:01:18 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\gnupg
[2014.01.18 13:06:02 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\GrabPro
[2013.02.11 20:25:43 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\gramps
[2012.12.02 20:21:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\HaCon
[2013.05.11 09:06:55 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\hdbADS
[2013.11.10 11:30:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IGC
[2013.08.01 20:42:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\iolo
[2014.03.04 19:46:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ioloGovernor
[2013.12.19 15:32:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\IrfanView
[2014.02.23 11:49:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\JFritz
[2013.01.18 20:40:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\KC Softwares
[2013.01.03 16:37:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Leadertech
[2012.11.16 22:02:07 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Lexware
[2014.02.02 11:52:03 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Mael
[2013.06.20 20:05:57 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MAGIX
[2013.09.22 18:07:32 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Maxthon3
[2013.04.07 15:56:25 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Moonchild Productions
[2013.05.11 09:05:54 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MrJobs
[2013.05.05 11:05:56 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\MxPacker
[2014.03.28 15:26:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\NetSpeedMonitor
[2014.01.13 18:15:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nitro
[2014.03.24 17:35:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Nitro PDF
[2014.03.09 18:02:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Notepad++
[2014.03.24 17:30:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ObviousIdea
[2013.09.28 10:14:16 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Opera
[2014.01.09 14:53:59 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Opera Software
[2014.03.26 20:25:22 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Orbit
[2013.12.15 19:33:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PC-Pannenhelfer - Special Edition 2013
[2014.02.08 18:45:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\pcwJavaUpdate
[2012.11.30 19:12:26 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PDF Experte 7
[2013.06.26 20:02:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\PhotoScape
[2013.09.17 13:00:11 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Profiles
[2012.11.17 16:53:12 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ProgSense
[2013.10.18 19:39:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\QuickScan
[2014.01.02 16:05:42 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Shark007
[2014.02.10 10:50:29 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\StarOffice8
[2013.02.04 17:40:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\SymMover
[2014.03.28 10:32:05 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Thunderbird
[2013.09.08 12:58:13 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\TuneUp Software
[2013.03.14 20:34:35 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Ulead Systems
[2014.03.23 21:30:53 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\uTorrent
[2013.01.29 10:28:31 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Waterfox Limited
[2013.02.26 17:08:44 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Win8codecs
[2013.05.06 12:28:27 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\Wise Registry Cleaner
[2013.01.29 20:01:24 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\WSCC2
[2014.01.21 18:17:06 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\wxMozBrowserLib
[2013.11.20 10:57:37 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\XnView
[2013.02.12 12:00:28 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\ZapWallPaper
[2014.03.26 09:56:00 | 000,000,000 | ---D | M] -- C:\Users\User\AppData\Roaming\zebNet

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 220 bytes -> C:\Users\User\SkyDrive:ms-properties
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences

< End of report >

schönes Logfile. Nicht in Codetags, falsches Programm. Aber schön ;)

und so ganz ohne Fehlerbeschreibung......