Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Probleme mit Edeals, Snap.do und dem download von tools (https://www.trojaner-board.de/160015-probleme-edeals-snap-do-download-tools.html)

Komprex 23.10.2014 14:12
Probleme mit Edeals, Snap.do und dem download von tools
 
Hallo allerseits

Habe mir irgendwelche Malware durch unvorsichtiges downloaden eingefangen.
Lange Zeit wurde mir in der Systemsteuerung unter den Programmen Edeals und Snap.do angezeigt. ich konnte beides entfernen mittels Adware Cleaner, Malwarebytes Anti Malware Premium und IObit Uninstaller.
Trotzdem ist die Werbung noch direkt auf den Seiten vorhanden mit penetranten Werbelinks und dazu öffnen sich auch ungewollt pop ups mit unseriösen links.
Ich wollte die Logs wie im Hilfethread erarbeiten, leider lassen sich aber weder FRST, noch eset online scanner und diverse andere Tools downloaden. bei "normalen" dateien problemloser download. ich erhalte die Fehlermeldung: C:\Users\S9B32~1.AER\AppData\Local\Temp\O2h2DXRT.exe.part konnte nicht gespeichert werden, weil die Quelldatei nicht gelesen werden konnte.
egal wie oft ich das versuche. alternativ poste ich JRT und Adware Cleaner logs.
Bitte um Hilfestellung. Besten Dank

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows 7 Professional x64
Ran by S.Aerne on 23.10.2014 at 14:47:48.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\S.Aerne\AppData\Roaming\mozilla\firefox\profiles\hca1uvkk.default-1413971435070\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.10.2014 at 14:51:46.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




# AdwCleaner v4.001 - Bericht erstellt am 23/10/2014 um 15:05:13
# Aktualisiert 20/10/2014 von Xplode
# Datenbank : 2014-10-21.1
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : S.Aerne - SAERNE-PC
# Gestartet von : C:\Users\S.Aerne\Downloads\adwcleaner_4.001(1).exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Users\S.Aerne\AppData\Local\CheckCode

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Schlüssel Gefunden : HKLM\SOFTWARE\RST
Schlüssel Gefunden : HKLM\SOFTWARE\SI-App
Schlüssel Gefunden : HKLM\SOFTWARE\Upt
Schlüssel Gefunden : HKLM\SOFTWARE\WinUpd
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\RST
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\SI-App
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Upt
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\WinUpd

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.0 (x86 de)


*************************

AdwCleaner[R0].txt - [11560 octets] - [14/09/2014 09:39:43]
AdwCleaner[R10].txt - [2160 octets] - [21/10/2014 14:35:18]
AdwCleaner[R11].txt - [2529 octets] - [22/10/2014 11:45:02]
AdwCleaner[R12].txt - [2654 octets] - [22/10/2014 12:25:57]
AdwCleaner[R13].txt - [1356 octets] - [23/10/2014 15:05:13]
AdwCleaner[R1].txt - [1275 octets] - [14/09/2014 09:50:58]
AdwCleaner[R2].txt - [1398 octets] - [14/09/2014 10:06:10]
AdwCleaner[R3].txt - [1518 octets] - [14/09/2014 10:17:04]
AdwCleaner[R4].txt - [1506 octets] - [14/09/2014 11:00:38]
AdwCleaner[R5].txt - [2012 octets] - [15/10/2014 10:58:32]
AdwCleaner[R6].txt - [2207 octets] - [16/10/2014 11:25:51]
AdwCleaner[R7].txt - [2267 octets] - [16/10/2014 11:28:42]
AdwCleaner[R8].txt - [2108 octets] - [16/10/2014 11:38:26]
AdwCleaner[R9].txt - [8479 octets] - [21/10/2014 13:19:24]
AdwCleaner[S0].txt - [8584 octets] - [14/09/2014 09:40:37]
AdwCleaner[S10].txt - [2583 octets] - [22/10/2014 11:47:44]
AdwCleaner[S11].txt - [2708 octets] - [22/10/2014 12:27:56]
AdwCleaner[S1].txt - [1340 octets] - [14/09/2014 09:53:15]
AdwCleaner[S2].txt - [1327 octets] - [14/09/2014 10:08:10]
AdwCleaner[S3].txt - [1583 octets] - [14/09/2014 10:18:22]
AdwCleaner[S4].txt - [1567 octets] - [14/09/2014 11:02:35]
AdwCleaner[S5].txt - [2065 octets] - [15/10/2014 11:01:24]
AdwCleaner[S6].txt - [2274 octets] - [16/10/2014 11:32:29]
AdwCleaner[S7].txt - [2161 octets] - [16/10/2014 11:41:46]
AdwCleaner[S8].txt - [8642 octets] - [21/10/2014 13:21:53]
AdwCleaner[S9].txt - [2167 octets] - [21/10/2014 14:37:59]

########## EOF - C:\AdwCleaner\AdwCleaner[R13].txt - [2679 octets] ##########

schrauber 23.10.2014 14:15
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Komprex 23.10.2014 14:24

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014
Ran by S.Aerne (administrator) on SAERNE-PC on 23-10-2014 15:22:20
Running from C:\Users\S.Aerne\Downloads
Loaded Profile: S.Aerne (Available profiles: S.Aerne)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
() C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\MountPoints2: {dc1faa98-1187-11e2-a7c6-485b39b2a165} - I:\Start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13661
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x41B09D54AA43CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070
FF Homepage: https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\S.Aerne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-16]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 GammaMethodRegister; C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe [68096 2014-10-13] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-21] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 0175861394189491mcinstcleanup; C:\Users\S9B32~1.AER\AppData\Local\Temp\017586~1.EXE -cleanup -nolog [X]
S2 ClipboardFAT32Program.exe; C:\Users\S.Aerne\AppData\Local\ClipboardFAT32Program\ClipboardFAT32Program.exe [X]
S2 CodecFolderMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecFolderMotion\CodecFolderMotion.exe [X]
S2 CodecImportMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecImportMotion\CodecImportMotion.exe [X]
S2 ControlDebugOCR.exe; C:\Users\S.Aerne\AppData\Local\ControlDebugOCR\ControlDebugOCR.exe [X]
S2 FileKernelScreenshot.exe; C:\Users\S.Aerne\AppData\Local\FileKernelScreenshot\FileKernelScreenshot.exe [X]
S2 FormatMemoryMotion.exe; C:\Users\S.Aerne\AppData\Local\FormatMemoryMotion\FormatMemoryMotion.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-10-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-10-21] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2011-05-29] (Microsoft Corporation)
U3 awdiqpob; \??\C:\Users\S9B32~1.AER\AppData\Local\Temp\awdiqpob.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 15:22 - 2014-10-23 15:22 - 00015096 _____ () C:\Users\S.Aerne\Downloads\FRST.txt
2014-10-23 15:22 - 2014-10-23 15:22 - 00000000 ____D () C:\FRST
2014-10-23 15:21 - 2014-10-23 15:22 - 02112000 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST64.exe
2014-10-23 15:18 - 2014-10-23 15:18 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\CheckCode
2014-10-23 14:51 - 2014-10-23 14:51 - 00000774 _____ () C:\Users\S.Aerne\Desktop\JRT.txt
2014-10-23 14:47 - 2014-10-23 14:47 - 01705698 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT633.exe
2014-10-23 14:29 - 2014-10-23 14:29 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck.exe
2014-10-23 13:32 - 2014-10-23 13:32 - 01103360 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST.exe
2014-10-23 13:31 - 2014-10-23 13:31 - 00000790 _____ () C:\Users\S.Aerne\Desktop\Defogger.lnk
2014-10-23 13:23 - 2014-10-23 13:23 - 00380416 _____ () C:\Users\S.Aerne\Downloads\Gmer-19357.exe
2014-10-23 13:15 - 2014-10-23 13:31 - 00000528 _____ () C:\Users\S.Aerne\Downloads\defogger_disable.log
2014-10-23 13:15 - 2014-10-23 13:15 - 00000188 _____ () C:\Users\S.Aerne\defogger_reenable
2014-10-23 13:14 - 2014-10-23 13:14 - 00050477 _____ () C:\Users\S.Aerne\Downloads\Defogger.exe
2014-10-22 12:25 - 2014-10-22 12:25 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001(1).exe
2014-10-22 12:24 - 2014-10-22 12:24 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-22 12:23 - 2014-10-22 12:23 - 36254312 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup 33.0.exe
2014-10-22 12:20 - 2014-10-22 12:20 - 00244408 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup Stub 33.0.exe
2014-10-21 15:00 - 2014-10-21 15:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part6.rar
2014-10-21 14:52 - 2014-10-21 15:14 - 141500350 _____ () C:\Users\S.Aerne\Downloads\01artus01.part7.rar
2014-10-21 14:25 - 2014-10-21 14:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\S.Aerne\Downloads\revosetup95.exe
2014-10-21 14:25 - 2014-10-21 14:25 - 00001264 _____ () C:\Users\S.Aerne\Desktop\Revo Uninstaller.lnk
2014-10-21 13:51 - 2014-10-21 13:51 - 00014848 ___SH () C:\Users\S.Aerne\Thumbs.db
2014-10-21 13:43 - 2014-10-21 13:43 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\ProductData
2014-10-21 13:42 - 2014-10-23 12:55 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-21 13:42 - 2014-10-21 13:43 - 00002890 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_S.Aerne
2014-10-21 13:42 - 2014-10-21 13:43 - 00000000 ____D () C:\ProgramData\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00001252 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00001228 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-21 13:41 - 2014-10-21 13:41 - 01125200 _____ () C:\Users\S.Aerne\Downloads\IObit Uninstaller - CHIP-Installer.exe
2014-10-21 13:19 - 2014-10-21 13:19 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001.exe
2014-10-21 12:41 - 2014-10-21 12:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part5.rar
2014-10-21 12:27 - 2014-10-21 12:37 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part4.rar
2014-10-21 12:07 - 2014-10-21 12:59 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part1.rar
2014-10-21 12:01 - 2014-10-21 12:21 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part3.rar
2014-10-21 11:59 - 2014-10-21 12:09 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part2.rar
2014-10-21 10:48 - 2014-10-21 10:48 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\S.Aerne\Downloads\mbam_premium.exe
2014-10-21 10:48 - 2014-10-21 10:48 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-20 16:52 - 2014-10-20 16:52 - 05401624 _____ (Canneverbe Limited ) C:\Users\S.Aerne\Downloads\cdbxp_setup_4.5.4.5118.exe
2014-10-20 16:52 - 2014-10-20 16:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-20 16:24 - 2014-10-20 16:24 - 00000208 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Pack.url
2014-10-17 15:47 - 2014-10-17 15:47 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Company of Heroes 2.url
2014-10-17 15:44 - 2014-10-17 15:44 - 00000223 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Unfinished Business.url
2014-10-16 23:53 - 2014-10-16 23:53 - 00245760 _____ () C:\Users\S.Aerne\Downloads\Q-Dance_Hardstyle_Top_40_June_2014.rar.part
2014-10-16 19:51 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-16 19:49 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20141016-194925.backup
2014-10-16 18:38 - 2014-10-16 18:38 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\QuickScan
2014-10-16 18:35 - 2014-10-16 18:35 - 00567639 _____ () C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu.exe
2014-10-16 18:34 - 2014-10-16 18:34 - 01170104 _____ (Zugara Investments Limited ) C:\Users\S.Aerne\Downloads\esetsmartinstallerdeuexe.exe
2014-10-16 18:30 - 2014-10-21 10:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-16 18:30 - 2014-10-21 10:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-16 18:30 - 2014-10-16 18:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-16 18:29 - 2014-10-16 18:30 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4(1).exe
2014-10-16 18:29 - 2014-10-16 18:29 - 04321294 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4.exe
2014-10-16 13:23 - 2014-10-16 13:23 - 00002187 _____ () C:\Users\S.Aerne\Desktop\Pox Nora.lnk
2014-10-16 13:23 - 2014-10-16 13:23 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pox Nora
2014-10-16 13:22 - 2014-10-16 13:22 - 00000000 ____D () C:\Program Files (x86)\Desert Owl Games
2014-10-16 13:21 - 2014-10-16 13:22 - 34412032 _____ (Desert Owl Games) C:\Users\S.Aerne\Downloads\PoxNora.exe
2014-10-16 11:55 - 2014-10-16 11:55 - 04280468 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot_27341.exe
2014-10-16 11:53 - 2014-10-16 11:53 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\LavasoftStatistics
2014-10-16 11:47 - 2014-10-16 11:47 - 02806920 _____ () C:\Users\S.Aerne\Downloads\Adaware_Installer_11.3.exe
2014-10-16 11:27 - 2014-10-16 11:27 - 01705141 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT-631.exe
2014-10-16 11:27 - 2014-10-14 13:43 - 01705698 _____ (Thisisu) C:\Users\S.Aerne\Desktop\JRT_NEW.exe
2014-10-15 13:11 - 2014-10-15 13:11 - 00000000 _____ () C:\autoexec.bat
2014-10-15 13:10 - 2014-10-16 11:18 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-15 13:09 - 2014-10-15 13:09 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\S.Aerne\Downloads\SpyHunter-Installer.exe
2014-10-15 11:59 - 2014-10-15 11:59 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-10-15 11:56 - 2014-10-15 11:56 - 00003400 _____ () C:\Windows\system32\.crusader
2014-10-15 11:46 - 2014-10-15 11:58 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-15 11:46 - 2014-10-15 11:46 - 11194928 _____ (SurfRight B.V.) C:\Users\S.Aerne\Downloads\HitmanPro_x64.exe
2014-10-15 11:14 - 2014-10-15 12:06 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Nico Mak Computing
2014-10-15 11:13 - 2014-10-15 11:14 - 04892480 _____ (WinZip International LLC ) C:\Users\S.Aerne\Downloads\wzmp_8.exe
2014-10-15 11:10 - 2014-10-23 15:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 11:07 - 2014-10-15 11:07 - 01125200 _____ () C:\Users\S.Aerne\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-10-15 10:50 - 2014-10-15 10:50 - 01169160 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\csbsetup.exe
2014-10-15 10:49 - 2014-10-15 10:49 - 02894945 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\asdsetup.exe
2014-10-15 10:33 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 10:33 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 10:32 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 10:32 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 10:32 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 10:32 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 10:32 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 10:32 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 10:32 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 10:32 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 10:32 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 10:32 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 10:32 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 10:31 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 10:31 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 10:31 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 10:31 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 10:31 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 10:31 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 10:31 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:31 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 10:31 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 10:31 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:31 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:31 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 10:31 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 10:31 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 10:31 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 10:31 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 10:31 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 10:31 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 10:31 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 10:31 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 10:31 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 10:31 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 10:31 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 10:30 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 10:30 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:30 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 10:30 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:30 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 10:30 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 10:30 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 10:21 - 2014-10-15 10:21 - 00000000 ____D () C:\Windows\SysWOW64\GammaMethodRegister
2014-10-11 17:22 - 2014-10-11 17:24 - 00000000 ____D () C:\Users\S.Aerne\Documents\Heroes of the Storm
2014-10-11 17:18 - 2014-10-11 17:18 - 00001189 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2014-10-11 17:18 - 2014-10-11 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-10-11 17:06 - 2014-10-17 08:59 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-10-11 17:04 - 2014-10-11 17:04 - 07080744 _____ (Blizzard Entertainment) C:\Users\S.Aerne\Downloads\Heroes-of-the-Storm-Setup-enUS.exe
2014-10-11 15:18 - 2014-10-11 15:19 - 09020704 _____ (HEX Entertainment ) C:\Users\S.Aerne\Downloads\HEXSetup(1).exe
2014-10-10 18:48 - 2014-10-10 19:30 - 00000000 ____D () C:\Users\S.Aerne\Documents\BloodBowlChaos
2014-10-10 08:40 - 2014-10-10 08:40 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Blood Bowl Chaos Edition.url
2014-10-07 11:00 - 2014-10-07 11:10 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part4.rar
2014-10-07 10:37 - 2014-10-07 10:47 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part3.rar
2014-10-07 10:25 - 2014-10-07 11:26 - 186626412 _____ () C:\Users\S.Aerne\Downloads\01terror.part5.rar
2014-10-07 10:25 - 2014-10-07 11:22 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part1.rar
2014-10-07 10:25 - 2014-10-07 10:35 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part2.rar
2014-10-03 13:17 - 2014-10-10 08:41 - 00000000 ____D () C:\Users\S.Aerne\Documents\majesty2
2014-10-03 13:17 - 2014-10-03 13:17 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive
2014-10-03 12:40 - 2014-10-03 12:40 - 00000221 _____ () C:\Users\S.Aerne\Desktop\Majesty 2 Collection.url
2014-10-01 12:18 - 2014-10-01 12:18 - 00000218 _____ () C:\Users\S.Aerne\Desktop\Half-Life.url
2014-10-01 09:29 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:29 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 15:20 - 2014-09-30 15:20 - 00001618 _____ () C:\Users\Public\Desktop\Braveland.lnk
2014-09-26 12:36 - 2014-09-26 12:36 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Prime World.url
2014-09-24 10:21 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:21 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 15:20 - 2010-08-24 18:03 - 01434901 _____ () C:\Windows\WindowsUpdate.log
2014-10-23 15:15 - 2014-02-23 12:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-23 15:14 - 2010-08-25 01:42 - 00449034 _____ () C:\Windows\PFRO.log
2014-10-23 15:14 - 2010-08-24 21:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-23 15:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-23 15:14 - 2009-07-14 06:51 - 00215800 _____ () C:\Windows\setupact.log
2014-10-23 15:13 - 2014-09-14 09:39 - 00000000 ____D () C:\AdwCleaner
2014-10-23 15:09 - 2012-07-18 08:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-23 13:45 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 13:45 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 13:36 - 2014-09-13 09:24 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-10-23 13:15 - 2010-08-24 18:16 - 00000000 ____D () C:\Users\S.Aerne
2014-10-21 20:27 - 2010-12-29 12:14 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Hörbücher
2014-10-21 15:10 - 2009-07-14 19:58 - 00711602 _____ () C:\Windows\system32\perfh007.dat
2014-10-21 15:10 - 2009-07-14 19:58 - 00155078 _____ () C:\Windows\system32\perfc007.dat
2014-10-21 15:10 - 2009-07-14 07:13 - 01649556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-21 14:46 - 2010-12-27 14:22 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-21 14:45 - 2010-12-27 14:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-21 14:45 - 2010-12-27 14:22 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-21 14:25 - 2014-09-14 10:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-21 13:54 - 2013-03-23 20:33 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\My Games
2014-10-21 13:54 - 2010-08-25 17:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-21 13:21 - 2014-09-12 07:25 - 00001079 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-20 17:08 - 2014-09-12 15:02 - 00000000 ____D () C:\Program Files (x86)\HEX
2014-10-20 16:52 - 2010-11-08 22:11 - 00001155 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-10-20 16:52 - 2010-11-08 22:11 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-20 16:40 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 16:27 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-18 08:44 - 2013-10-25 11:31 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\Battle.net
2014-10-17 16:13 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-10-16 16:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-16 11:03 - 2009-07-14 06:45 - 00299528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 11:01 - 2014-05-06 15:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 13:39 - 2013-08-15 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:37 - 2010-09-04 12:08 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 11:59 - 2010-08-24 18:42 - 00000000 ____D () C:\Users\S.Aerne\Tracing
2014-10-15 11:56 - 2014-09-13 09:25 - 00000000 ____D () C:\Windows\SysWOW64\FormatMBRRuntime
2014-10-13 09:41 - 2013-10-25 11:33 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-11 17:22 - 2010-08-25 00:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-11 17:05 - 2013-10-25 11:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-11 15:19 - 2014-09-12 15:02 - 00001070 _____ () C:\Users\Public\Desktop\HEX.lnk
2014-10-11 15:19 - 2014-09-12 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEX
2014-10-11 09:12 - 2014-07-10 15:02 - 00000000 ____D () C:\Users\S.Aerne\Documents\Stronghold Crusader
2014-10-10 18:32 - 2010-09-27 11:58 - 00621293 _____ () C:\Windows\DirectX.log
2014-10-02 15:53 - 2010-08-24 18:36 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-30 15:20 - 2014-02-07 10:40 - 00000000 ____D () C:\GOG Games
2014-09-30 15:20 - 2014-02-07 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-09-30 15:20 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-30 13:42 - 2014-02-07 10:34 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\GOG.com
2014-09-26 12:48 - 2012-05-18 19:27 - 00000000 ____D () C:\Users\S.Aerne\Documents\My Games
2014-09-24 11:09 - 2012-07-18 08:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 11:09 - 2012-07-18 08:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 11:09 - 2011-12-02 03:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\S.Aerne\AppData\Local\Temp\msvcr80.dll
C:\Users\S.Aerne\AppData\Local\Temp\Quarantine.exe
C:\Users\S.Aerne\AppData\Local\Temp\SimPack.exe
C:\Users\S.Aerne\AppData\Local\Temp\sqlite3.dll
C:\Users\S.Aerne\AppData\Local\Temp\zlib1.dll
C:\Users\S.Aerne\AppData\Local\Temp\_isAB6B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 15:53

==================== End Of Log ============================
--- --- ---
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014
Ran by S.Aerne at 2014-10-23 15:23:02
Running from C:\Users\S.Aerne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle Isle Platinum (HKLM-x32\...\GOGPACKBATTLEISLEPLATINUM_is1) (Version: 2.1.0.19 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackguards (HKLM-x32\...\Steam App 249650) (Version:  - Daedalic Entertainment)
Blood Bowl: Chaos Edition (HKLM-x32\...\Steam App 216890) (Version:  - Cyanide Studios)
Braveland (HKLM-x32\...\GOGPACKBRAVELAND_is1) (Version: 2.1.0.3 - GOG.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version:  - Level Up Labs, LLC)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Draconian Wars (HKLM-x32\...\Steam App 296590) (Version:  - Kardfy Studios)
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
Etherlords (HKLM-x32\...\Steam App 270770) (Version:  - Nival)
Etherlords II (HKLM-x32\...\Steam App 270790) (Version:  - Nival)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version:  - Stardock Entertainment)
FLOCK! (HKLM-x32\...\Steam App 21640) (Version:  - Proper Games)
Foxit Reader 5.0 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.0.2.718 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Gorky 17 (HKLM-x32\...\Steam App 253920) (Version:  - )
Grotesque Tactics: Evil Heroes (HKLM-x32\...\Steam App 46450) (Version:  - Headup Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version:  - HEX Entertainment)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Jagged Alliance 2 Gold: Unfinished Business (HKLM-x32\...\Steam App 12380) (Version:  - Strategy First)
Jagged Alliance 2: Gold Pack (HKLM-x32\...\Steam App 12370) (Version:  - Strategy First)
Java Auto Updater (x32 Version: 2.0.4.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Majesty 2 Collection (HKLM-x32\...\Steam App 73020) (Version:  - 1C:InoCo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
MMDoC-PDCLive Launcher (HKCU\...\3114a86aa00b92d7) (Version: 1.0.1.1 - Ubisoft)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MP Manager (HKLM-x32\...\{D62460AF-5A0E-44F7-A647-C79076C5CA65}) (Version: 1.0.4715 - MPMAN)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Pox Nora 1.8 (HKLM-x32\...\3055-2232-0137-3195) (Version: 1.8 - Desert Owl Games)
Prime World (HKLM-x32\...\Steam App 235340) (Version:  - Nival)
Prime World: Defenders (HKLM-x32\...\Steam App 235360) (Version:  - Nival)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version:  - 3D Realms)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10511 - TeamViewer GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Wakfu (HKLM-x32\...\Steam App 215080) (Version:  - Ankama)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Paradox Interactive)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinSCP 5.1.4 (HKLM-x32\...\winscp3_is1) (Version: 5.1.4 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

20-10-2014 05:53:03 Geplanter Prüfpunkt
21-10-2014 08:50:30 AA11
21-10-2014 08:50:43 Windows Update
21-10-2014 10:59:15 Removed Bonjour
21-10-2014 10:59:55 Removed Apple Mobile Device Support
21-10-2014 11:00:40 Removed Apple Application Support
21-10-2014 11:01:16 Removed Apple Software Update
21-10-2014 12:27:09 Revo Uninstaller's restore point - Shopping Helper Smartbar
21-10-2014 12:43:33 Removed iTunes
21-10-2014 12:45:15 Removed QuickTime

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-10-16 19:49 - 00450713 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        Gadgets And More
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1497AE49-32B5-4CB5-A34B-5E683461C01E} - System32\Tasks\{2D11BC38-BC04-40C6-89C1-82353F9ABE4B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {1BCDBB30-79DA-45F0-AC6A-7EFA2D763068} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {84850552-32DC-4798-9EC5-B9406A0C9465} - System32\Tasks\Uninstaller_SkipUac_S.Aerne => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-21] (IObit)
Task: {AEAE8254-C339-44CE-BD29-B2E72526D93C} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {AF1BE5C7-2138-4C5F-869C-7C3ED971F9F7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {BBCE63A8-9FDD-48C8-8CF0-BFFB6A9A450A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {FBDB51E8-1AC7-4A3B-867F-D2B43E4FF7A5} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-12-19 14:04 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-15 10:21 - 2014-10-13 11:01 - 00068096 _____ () C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe
2014-10-22 12:24 - 2014-10-11 14:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-11 10:09 - 2014-09-11 10:09 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-762131175-2521822999-1656188121-500 - Administrator - Disabled)
ASPNET (S-1-5-21-762131175-2521822999-1656188121-1004 - Administrator - Enabled)
Gast (S-1-5-21-762131175-2521822999-1656188121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-762131175-2521822999-1656188121-1002 - Limited - Enabled)
S.Aerne (S-1-5-21-762131175-2521822999-1656188121-1000 - Administrator - Enabled) => C:\Users\S.Aerne

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2014 03:16:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xdc8
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3

Error: (10/23/2014 03:13:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xdf0
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3


System errors:
=============
Error: (10/23/2014 03:16:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FormatMemoryMotion.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FileKernelScreenshot.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ControlDebugOCR.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CodecImportMotion.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CodecFolderMotion.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (10/23/2014 03:16:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aadc801cfeec36c5b52dfC:\Users\S.Aerne\Downloads\Gmer-19357.exeC:\Users\S.Aerne\Downloads\Gmer-19357.exebeaeae00-5ab6-11e4-b9ce-485b39b2a165

Error: (10/23/2014 03:13:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aadf001cfeec31aae0926C:\Users\S.Aerne\Downloads\Gmer-19357.exeC:\Users\S.Aerne\Downloads\Gmer-19357.exe5c599704-5ab6-11e4-a67e-485b39b2a165


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 4095.18 MB
Available physical RAM: 1944.14 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5840.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:319.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7A745740)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Komprex 23.10.2014 14:26
FRST liess sich mit Internet Explorer downloaden. Hier die Logs:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014
Ran by S.Aerne (administrator) on SAERNE-PC on 23-10-2014 15:22:20
Running from C:\Users\S.Aerne\Downloads
Loaded Profile: S.Aerne (Available profiles: S.Aerne)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
() C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\MountPoints2: {dc1faa98-1187-11e2-a7c6-485b39b2a165} - I:\Start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13661
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x41B09D54AA43CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070
FF Homepage: https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\S.Aerne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-16]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 GammaMethodRegister; C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe [68096 2014-10-13] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-21] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 0175861394189491mcinstcleanup; C:\Users\S9B32~1.AER\AppData\Local\Temp\017586~1.EXE -cleanup -nolog [X]
S2 ClipboardFAT32Program.exe; C:\Users\S.Aerne\AppData\Local\ClipboardFAT32Program\ClipboardFAT32Program.exe [X]
S2 CodecFolderMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecFolderMotion\CodecFolderMotion.exe [X]
S2 CodecImportMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecImportMotion\CodecImportMotion.exe [X]
S2 ControlDebugOCR.exe; C:\Users\S.Aerne\AppData\Local\ControlDebugOCR\ControlDebugOCR.exe [X]
S2 FileKernelScreenshot.exe; C:\Users\S.Aerne\AppData\Local\FileKernelScreenshot\FileKernelScreenshot.exe [X]
S2 FormatMemoryMotion.exe; C:\Users\S.Aerne\AppData\Local\FormatMemoryMotion\FormatMemoryMotion.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-10-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-10-21] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2011-05-29] (Microsoft Corporation)
U3 awdiqpob; \??\C:\Users\S9B32~1.AER\AppData\Local\Temp\awdiqpob.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 15:22 - 2014-10-23 15:22 - 00015096 _____ () C:\Users\S.Aerne\Downloads\FRST.txt
2014-10-23 15:22 - 2014-10-23 15:22 - 00000000 ____D () C:\FRST
2014-10-23 15:21 - 2014-10-23 15:22 - 02112000 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST64.exe
2014-10-23 15:18 - 2014-10-23 15:18 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\CheckCode
2014-10-23 14:51 - 2014-10-23 14:51 - 00000774 _____ () C:\Users\S.Aerne\Desktop\JRT.txt
2014-10-23 14:47 - 2014-10-23 14:47 - 01705698 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT633.exe
2014-10-23 14:29 - 2014-10-23 14:29 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck.exe
2014-10-23 13:32 - 2014-10-23 13:32 - 01103360 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST.exe
2014-10-23 13:31 - 2014-10-23 13:31 - 00000790 _____ () C:\Users\S.Aerne\Desktop\Defogger.lnk
2014-10-23 13:23 - 2014-10-23 13:23 - 00380416 _____ () C:\Users\S.Aerne\Downloads\Gmer-19357.exe
2014-10-23 13:15 - 2014-10-23 13:31 - 00000528 _____ () C:\Users\S.Aerne\Downloads\defogger_disable.log
2014-10-23 13:15 - 2014-10-23 13:15 - 00000188 _____ () C:\Users\S.Aerne\defogger_reenable
2014-10-23 13:14 - 2014-10-23 13:14 - 00050477 _____ () C:\Users\S.Aerne\Downloads\Defogger.exe
2014-10-22 12:25 - 2014-10-22 12:25 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001(1).exe
2014-10-22 12:24 - 2014-10-22 12:24 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-22 12:23 - 2014-10-22 12:23 - 36254312 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup 33.0.exe
2014-10-22 12:20 - 2014-10-22 12:20 - 00244408 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup Stub 33.0.exe
2014-10-21 15:00 - 2014-10-21 15:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part6.rar
2014-10-21 14:52 - 2014-10-21 15:14 - 141500350 _____ () C:\Users\S.Aerne\Downloads\01artus01.part7.rar
2014-10-21 14:25 - 2014-10-21 14:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\S.Aerne\Downloads\revosetup95.exe
2014-10-21 14:25 - 2014-10-21 14:25 - 00001264 _____ () C:\Users\S.Aerne\Desktop\Revo Uninstaller.lnk
2014-10-21 13:51 - 2014-10-21 13:51 - 00014848 ___SH () C:\Users\S.Aerne\Thumbs.db
2014-10-21 13:43 - 2014-10-21 13:43 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\ProductData
2014-10-21 13:42 - 2014-10-23 12:55 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-21 13:42 - 2014-10-21 13:43 - 00002890 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_S.Aerne
2014-10-21 13:42 - 2014-10-21 13:43 - 00000000 ____D () C:\ProgramData\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00001252 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00001228 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-21 13:41 - 2014-10-21 13:41 - 01125200 _____ () C:\Users\S.Aerne\Downloads\IObit Uninstaller - CHIP-Installer.exe
2014-10-21 13:19 - 2014-10-21 13:19 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001.exe
2014-10-21 12:41 - 2014-10-21 12:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part5.rar
2014-10-21 12:27 - 2014-10-21 12:37 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part4.rar
2014-10-21 12:07 - 2014-10-21 12:59 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part1.rar
2014-10-21 12:01 - 2014-10-21 12:21 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part3.rar
2014-10-21 11:59 - 2014-10-21 12:09 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part2.rar
2014-10-21 10:48 - 2014-10-21 10:48 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\S.Aerne\Downloads\mbam_premium.exe
2014-10-21 10:48 - 2014-10-21 10:48 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-20 16:52 - 2014-10-20 16:52 - 05401624 _____ (Canneverbe Limited ) C:\Users\S.Aerne\Downloads\cdbxp_setup_4.5.4.5118.exe
2014-10-20 16:52 - 2014-10-20 16:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-20 16:24 - 2014-10-20 16:24 - 00000208 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Pack.url
2014-10-17 15:47 - 2014-10-17 15:47 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Company of Heroes 2.url
2014-10-17 15:44 - 2014-10-17 15:44 - 00000223 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Unfinished Business.url
2014-10-16 23:53 - 2014-10-16 23:53 - 00245760 _____ () C:\Users\S.Aerne\Downloads\Q-Dance_Hardstyle_Top_40_June_2014.rar.part
2014-10-16 19:51 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-16 19:49 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20141016-194925.backup
2014-10-16 18:38 - 2014-10-16 18:38 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\QuickScan
2014-10-16 18:35 - 2014-10-16 18:35 - 00567639 _____ () C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu.exe
2014-10-16 18:34 - 2014-10-16 18:34 - 01170104 _____ (Zugara Investments Limited ) C:\Users\S.Aerne\Downloads\esetsmartinstallerdeuexe.exe
2014-10-16 18:30 - 2014-10-21 10:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-16 18:30 - 2014-10-21 10:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-16 18:30 - 2014-10-16 18:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-16 18:29 - 2014-10-16 18:30 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4(1).exe
2014-10-16 18:29 - 2014-10-16 18:29 - 04321294 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4.exe
2014-10-16 13:23 - 2014-10-16 13:23 - 00002187 _____ () C:\Users\S.Aerne\Desktop\Pox Nora.lnk
2014-10-16 13:23 - 2014-10-16 13:23 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pox Nora
2014-10-16 13:22 - 2014-10-16 13:22 - 00000000 ____D () C:\Program Files (x86)\Desert Owl Games
2014-10-16 13:21 - 2014-10-16 13:22 - 34412032 _____ (Desert Owl Games) C:\Users\S.Aerne\Downloads\PoxNora.exe
2014-10-16 11:55 - 2014-10-16 11:55 - 04280468 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot_27341.exe
2014-10-16 11:53 - 2014-10-16 11:53 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\LavasoftStatistics
2014-10-16 11:47 - 2014-10-16 11:47 - 02806920 _____ () C:\Users\S.Aerne\Downloads\Adaware_Installer_11.3.exe
2014-10-16 11:27 - 2014-10-16 11:27 - 01705141 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT-631.exe
2014-10-16 11:27 - 2014-10-14 13:43 - 01705698 _____ (Thisisu) C:\Users\S.Aerne\Desktop\JRT_NEW.exe
2014-10-15 13:11 - 2014-10-15 13:11 - 00000000 _____ () C:\autoexec.bat
2014-10-15 13:10 - 2014-10-16 11:18 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-15 13:09 - 2014-10-15 13:09 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\S.Aerne\Downloads\SpyHunter-Installer.exe
2014-10-15 11:59 - 2014-10-15 11:59 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-10-15 11:56 - 2014-10-15 11:56 - 00003400 _____ () C:\Windows\system32\.crusader
2014-10-15 11:46 - 2014-10-15 11:58 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-15 11:46 - 2014-10-15 11:46 - 11194928 _____ (SurfRight B.V.) C:\Users\S.Aerne\Downloads\HitmanPro_x64.exe
2014-10-15 11:14 - 2014-10-15 12:06 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Nico Mak Computing
2014-10-15 11:13 - 2014-10-15 11:14 - 04892480 _____ (WinZip International LLC ) C:\Users\S.Aerne\Downloads\wzmp_8.exe
2014-10-15 11:10 - 2014-10-23 15:16 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 11:07 - 2014-10-15 11:07 - 01125200 _____ () C:\Users\S.Aerne\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-10-15 10:50 - 2014-10-15 10:50 - 01169160 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\csbsetup.exe
2014-10-15 10:49 - 2014-10-15 10:49 - 02894945 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\asdsetup.exe
2014-10-15 10:33 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 10:33 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 10:32 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 10:32 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 10:32 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 10:32 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 10:32 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 10:32 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 10:32 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 10:32 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 10:32 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 10:32 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 10:32 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 10:31 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 10:31 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 10:31 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 10:31 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 10:31 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 10:31 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 10:31 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:31 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 10:31 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 10:31 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:31 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:31 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 10:31 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 10:31 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 10:31 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 10:31 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 10:31 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 10:31 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 10:31 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 10:31 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 10:31 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 10:31 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 10:31 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 10:30 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 10:30 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:30 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 10:30 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:30 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 10:30 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 10:30 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 10:21 - 2014-10-15 10:21 - 00000000 ____D () C:\Windows\SysWOW64\GammaMethodRegister
2014-10-11 17:22 - 2014-10-11 17:24 - 00000000 ____D () C:\Users\S.Aerne\Documents\Heroes of the Storm
2014-10-11 17:18 - 2014-10-11 17:18 - 00001189 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2014-10-11 17:18 - 2014-10-11 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-10-11 17:06 - 2014-10-17 08:59 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-10-11 17:04 - 2014-10-11 17:04 - 07080744 _____ (Blizzard Entertainment) C:\Users\S.Aerne\Downloads\Heroes-of-the-Storm-Setup-enUS.exe
2014-10-11 15:18 - 2014-10-11 15:19 - 09020704 _____ (HEX Entertainment ) C:\Users\S.Aerne\Downloads\HEXSetup(1).exe
2014-10-10 18:48 - 2014-10-10 19:30 - 00000000 ____D () C:\Users\S.Aerne\Documents\BloodBowlChaos
2014-10-10 08:40 - 2014-10-10 08:40 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Blood Bowl Chaos Edition.url
2014-10-07 11:00 - 2014-10-07 11:10 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part4.rar
2014-10-07 10:37 - 2014-10-07 10:47 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part3.rar
2014-10-07 10:25 - 2014-10-07 11:26 - 186626412 _____ () C:\Users\S.Aerne\Downloads\01terror.part5.rar
2014-10-07 10:25 - 2014-10-07 11:22 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part1.rar
2014-10-07 10:25 - 2014-10-07 10:35 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part2.rar
2014-10-03 13:17 - 2014-10-10 08:41 - 00000000 ____D () C:\Users\S.Aerne\Documents\majesty2
2014-10-03 13:17 - 2014-10-03 13:17 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive
2014-10-03 12:40 - 2014-10-03 12:40 - 00000221 _____ () C:\Users\S.Aerne\Desktop\Majesty 2 Collection.url
2014-10-01 12:18 - 2014-10-01 12:18 - 00000218 _____ () C:\Users\S.Aerne\Desktop\Half-Life.url
2014-10-01 09:29 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:29 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 15:20 - 2014-09-30 15:20 - 00001618 _____ () C:\Users\Public\Desktop\Braveland.lnk
2014-09-26 12:36 - 2014-09-26 12:36 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Prime World.url
2014-09-24 10:21 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:21 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-23 15:20 - 2010-08-24 18:03 - 01434901 _____ () C:\Windows\WindowsUpdate.log
2014-10-23 15:15 - 2014-02-23 12:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-23 15:14 - 2010-08-25 01:42 - 00449034 _____ () C:\Windows\PFRO.log
2014-10-23 15:14 - 2010-08-24 21:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-23 15:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-23 15:14 - 2009-07-14 06:51 - 00215800 _____ () C:\Windows\setupact.log
2014-10-23 15:13 - 2014-09-14 09:39 - 00000000 ____D () C:\AdwCleaner
2014-10-23 15:09 - 2012-07-18 08:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-23 13:45 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-23 13:45 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-23 13:36 - 2014-09-13 09:24 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-10-23 13:15 - 2010-08-24 18:16 - 00000000 ____D () C:\Users\S.Aerne
2014-10-21 20:27 - 2010-12-29 12:14 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Hörbücher
2014-10-21 15:10 - 2009-07-14 19:58 - 00711602 _____ () C:\Windows\system32\perfh007.dat
2014-10-21 15:10 - 2009-07-14 19:58 - 00155078 _____ () C:\Windows\system32\perfc007.dat
2014-10-21 15:10 - 2009-07-14 07:13 - 01649556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-21 14:46 - 2010-12-27 14:22 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-21 14:45 - 2010-12-27 14:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-21 14:45 - 2010-12-27 14:22 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-21 14:25 - 2014-09-14 10:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-21 13:54 - 2013-03-23 20:33 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\My Games
2014-10-21 13:54 - 2010-08-25 17:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-21 13:21 - 2014-09-12 07:25 - 00001079 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-20 17:08 - 2014-09-12 15:02 - 00000000 ____D () C:\Program Files (x86)\HEX
2014-10-20 16:52 - 2010-11-08 22:11 - 00001155 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-10-20 16:52 - 2010-11-08 22:11 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-20 16:40 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 16:27 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-18 08:44 - 2013-10-25 11:31 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\Battle.net
2014-10-17 16:13 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-10-16 16:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-16 11:03 - 2009-07-14 06:45 - 00299528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 11:01 - 2014-05-06 15:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 13:39 - 2013-08-15 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:37 - 2010-09-04 12:08 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 11:59 - 2010-08-24 18:42 - 00000000 ____D () C:\Users\S.Aerne\Tracing
2014-10-15 11:56 - 2014-09-13 09:25 - 00000000 ____D () C:\Windows\SysWOW64\FormatMBRRuntime
2014-10-13 09:41 - 2013-10-25 11:33 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-11 17:22 - 2010-08-25 00:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-11 17:05 - 2013-10-25 11:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-11 15:19 - 2014-09-12 15:02 - 00001070 _____ () C:\Users\Public\Desktop\HEX.lnk
2014-10-11 15:19 - 2014-09-12 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEX
2014-10-11 09:12 - 2014-07-10 15:02 - 00000000 ____D () C:\Users\S.Aerne\Documents\Stronghold Crusader
2014-10-10 18:32 - 2010-09-27 11:58 - 00621293 _____ () C:\Windows\DirectX.log
2014-10-02 15:53 - 2010-08-24 18:36 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-30 15:20 - 2014-02-07 10:40 - 00000000 ____D () C:\GOG Games
2014-09-30 15:20 - 2014-02-07 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-09-30 15:20 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-30 13:42 - 2014-02-07 10:34 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\GOG.com
2014-09-26 12:48 - 2012-05-18 19:27 - 00000000 ____D () C:\Users\S.Aerne\Documents\My Games
2014-09-24 11:09 - 2012-07-18 08:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 11:09 - 2012-07-18 08:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 11:09 - 2011-12-02 03:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\S.Aerne\AppData\Local\Temp\msvcr80.dll
C:\Users\S.Aerne\AppData\Local\Temp\Quarantine.exe
C:\Users\S.Aerne\AppData\Local\Temp\SimPack.exe
C:\Users\S.Aerne\AppData\Local\Temp\sqlite3.dll
C:\Users\S.Aerne\AppData\Local\Temp\zlib1.dll
C:\Users\S.Aerne\AppData\Local\Temp\_isAB6B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 15:53

==================== End Of Log ============================
--- --- ---

--- --- ---

FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014
Ran by S.Aerne at 2014-10-23 15:23:02
Running from C:\Users\S.Aerne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle Isle Platinum (HKLM-x32\...\GOGPACKBATTLEISLEPLATINUM_is1) (Version: 2.1.0.19 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackguards (HKLM-x32\...\Steam App 249650) (Version:  - Daedalic Entertainment)
Blood Bowl: Chaos Edition (HKLM-x32\...\Steam App 216890) (Version:  - Cyanide Studios)
Braveland (HKLM-x32\...\GOGPACKBRAVELAND_is1) (Version: 2.1.0.3 - GOG.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version:  - Level Up Labs, LLC)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Draconian Wars (HKLM-x32\...\Steam App 296590) (Version:  - Kardfy Studios)
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
Etherlords (HKLM-x32\...\Steam App 270770) (Version:  - Nival)
Etherlords II (HKLM-x32\...\Steam App 270790) (Version:  - Nival)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version:  - Stardock Entertainment)
FLOCK! (HKLM-x32\...\Steam App 21640) (Version:  - Proper Games)
Foxit Reader 5.0 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.0.2.718 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Gorky 17 (HKLM-x32\...\Steam App 253920) (Version:  - )
Grotesque Tactics: Evil Heroes (HKLM-x32\...\Steam App 46450) (Version:  - Headup Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version:  - HEX Entertainment)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Jagged Alliance 2 Gold: Unfinished Business (HKLM-x32\...\Steam App 12380) (Version:  - Strategy First)
Jagged Alliance 2: Gold Pack (HKLM-x32\...\Steam App 12370) (Version:  - Strategy First)
Java Auto Updater (x32 Version: 2.0.4.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Majesty 2 Collection (HKLM-x32\...\Steam App 73020) (Version:  - 1C:InoCo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
MMDoC-PDCLive Launcher (HKCU\...\3114a86aa00b92d7) (Version: 1.0.1.1 - Ubisoft)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MP Manager (HKLM-x32\...\{D62460AF-5A0E-44F7-A647-C79076C5CA65}) (Version: 1.0.4715 - MPMAN)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Pox Nora 1.8 (HKLM-x32\...\3055-2232-0137-3195) (Version: 1.8 - Desert Owl Games)
Prime World (HKLM-x32\...\Steam App 235340) (Version:  - Nival)
Prime World: Defenders (HKLM-x32\...\Steam App 235360) (Version:  - Nival)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version:  - 3D Realms)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10511 - TeamViewer GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Wakfu (HKLM-x32\...\Steam App 215080) (Version:  - Ankama)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Paradox Interactive)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinSCP 5.1.4 (HKLM-x32\...\winscp3_is1) (Version: 5.1.4 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

20-10-2014 05:53:03 Geplanter Prüfpunkt
21-10-2014 08:50:30 AA11
21-10-2014 08:50:43 Windows Update
21-10-2014 10:59:15 Removed Bonjour
21-10-2014 10:59:55 Removed Apple Mobile Device Support
21-10-2014 11:00:40 Removed Apple Application Support
21-10-2014 11:01:16 Removed Apple Software Update
21-10-2014 12:27:09 Revo Uninstaller's restore point - Shopping Helper Smartbar
21-10-2014 12:43:33 Removed iTunes
21-10-2014 12:45:15 Removed QuickTime

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-10-16 19:49 - 00450713 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        Gadgets And More
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1497AE49-32B5-4CB5-A34B-5E683461C01E} - System32\Tasks\{2D11BC38-BC04-40C6-89C1-82353F9ABE4B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {1BCDBB30-79DA-45F0-AC6A-7EFA2D763068} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {84850552-32DC-4798-9EC5-B9406A0C9465} - System32\Tasks\Uninstaller_SkipUac_S.Aerne => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-21] (IObit)
Task: {AEAE8254-C339-44CE-BD29-B2E72526D93C} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {AF1BE5C7-2138-4C5F-869C-7C3ED971F9F7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {BBCE63A8-9FDD-48C8-8CF0-BFFB6A9A450A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {FBDB51E8-1AC7-4A3B-867F-D2B43E4FF7A5} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-12-19 14:04 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-15 10:21 - 2014-10-13 11:01 - 00068096 _____ () C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe
2014-10-22 12:24 - 2014-10-11 14:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-11 10:09 - 2014-09-11 10:09 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-762131175-2521822999-1656188121-500 - Administrator - Disabled)
ASPNET (S-1-5-21-762131175-2521822999-1656188121-1004 - Administrator - Enabled)
Gast (S-1-5-21-762131175-2521822999-1656188121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-762131175-2521822999-1656188121-1002 - Limited - Enabled)
S.Aerne (S-1-5-21-762131175-2521822999-1656188121-1000 - Administrator - Enabled) => C:\Users\S.Aerne

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2014 03:16:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xdc8
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3

Error: (10/23/2014 03:13:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000011aa
ID des fehlerhaften Prozesses: 0xdf0
Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0
Pfad der fehlerhaften Anwendung: Gmer-19357.exe1
Pfad des fehlerhaften Moduls: Gmer-19357.exe2
Berichtskennung: Gmer-19357.exe3


System errors:
=============
Error: (10/23/2014 03:16:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FormatMemoryMotion.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FileKernelScreenshot.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ControlDebugOCR.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CodecImportMotion.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CodecFolderMotion.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/23/2014 03:14:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (10/23/2014 03:16:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aadc801cfeec36c5b52dfC:\Users\S.Aerne\Downloads\Gmer-19357.exeC:\Users\S.Aerne\Downloads\Gmer-19357.exebeaeae00-5ab6-11e4-b9ce-485b39b2a165

Error: (10/23/2014 03:13:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Gmer-19357.exe2.1.19357.052e7ea83Gmer-19357.exe2.1.19357.052e7ea83c0000005000011aadf001cfeec31aae0926C:\Users\S.Aerne\Downloads\Gmer-19357.exeC:\Users\S.Aerne\Downloads\Gmer-19357.exe5c599704-5ab6-11e4-a67e-485b39b2a165


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 52%
Total physical RAM: 4095.18 MB
Available physical RAM: 1944.14 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5840.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:319.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7A745740)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

schrauber 24.10.2014 08:05
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Komprex 24.10.2014 08:47
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 24.10.2014
Suchlauf-Zeit: 09:09:28
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.10.24.03
Rootkit Datenbank: v2014.10.22.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: S.Aerne

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 349801
Verstrichene Zeit: 8 Min, 36 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.SuperFish.A, HKU\S-1-5-21-762131175-2521822999-1656188121-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, In Quarantäne, [8201ae6ae89461d5b34785ae2cd7e020],

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 1
PUP.Optional.UptUpdater.A, C:\Windows\Temp\UptUpdater.exe, In Quarantäne, [077c0b0d85f76bcbc54edcf73dc4aa56],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)


AdwCleaner Logfile:
Code:
# AdwCleaner v4.001 - Bericht erstellt am 24/10/2014 um 09:29:44
# DB v2014-10-23.2
# Aktualisiert 20/10/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : S.Aerne - SAERNE-PC
# Gestartet von : C:\Users\S.Aerne\Downloads\adwcleaner_4.001(1).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\S.Aerne\AppData\Local\CheckCode
Ordner Gelöscht : C:\Users\S.Aerne\AppData\Local\CrashRpt

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : HKLM\SOFTWARE\WinUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\SI-App
Schlüssel Gelöscht : HKLM\SOFTWARE\RST
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Upt
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WinUpd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SI-App
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\RST

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.0 (x86 de)


*************************

AdwCleaner[R0].txt - [11560 octets] - [14/09/2014 09:39:43]
AdwCleaner[R10].txt - [2160 octets] - [21/10/2014 14:35:18]
AdwCleaner[R11].txt - [2529 octets] - [22/10/2014 11:45:02]
AdwCleaner[R12].txt - [2654 octets] - [22/10/2014 12:25:57]
AdwCleaner[R13].txt - [2776 octets] - [23/10/2014 15:05:13]
AdwCleaner[R14].txt - [2981 octets] - [24/10/2014 09:27:40]
AdwCleaner[R1].txt - [1275 octets] - [14/09/2014 09:50:58]
AdwCleaner[R2].txt - [1398 octets] - [14/09/2014 10:06:10]
AdwCleaner[R3].txt - [1518 octets] - [14/09/2014 10:17:04]
AdwCleaner[R4].txt - [1506 octets] - [14/09/2014 11:00:38]
AdwCleaner[R5].txt - [2012 octets] - [15/10/2014 10:58:32]
AdwCleaner[R6].txt - [2207 octets] - [16/10/2014 11:25:51]
AdwCleaner[R7].txt - [2267 octets] - [16/10/2014 11:28:42]
AdwCleaner[R8].txt - [2108 octets] - [16/10/2014 11:38:26]
AdwCleaner[R9].txt - [8479 octets] - [21/10/2014 13:19:24]
AdwCleaner[S0].txt - [8584 octets] - [14/09/2014 09:40:37]
AdwCleaner[S10].txt - [2583 octets] - [22/10/2014 11:47:44]
AdwCleaner[S11].txt - [2708 octets] - [22/10/2014 12:27:56]
AdwCleaner[S12].txt - [2830 octets] - [23/10/2014 15:13:40]
AdwCleaner[S13].txt - [2337 octets] - [24/10/2014 09:29:44]
AdwCleaner[S1].txt - [1340 octets] - [14/09/2014 09:53:15]
AdwCleaner[S2].txt - [1327 octets] - [14/09/2014 10:08:10]
AdwCleaner[S3].txt - [1583 octets] - [14/09/2014 10:18:22]
AdwCleaner[S4].txt - [1567 octets] - [14/09/2014 11:02:35]
AdwCleaner[S5].txt - [2065 octets] - [15/10/2014 11:01:24]
AdwCleaner[S6].txt - [2274 octets] - [16/10/2014 11:32:29]
AdwCleaner[S7].txt - [2161 octets] - [16/10/2014 11:41:46]
AdwCleaner[S8].txt - [8642 octets] - [21/10/2014 13:21:53]
AdwCleaner[S9].txt - [2167 octets] - [21/10/2014 14:37:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S13].txt - [2938 octets] ##########
--- --- ---




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 7 Professional x64
Ran by S.Aerne on 24.10.2014 at 9:33:13.38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.10.2014 at 9:37:56.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014
Ran by S.Aerne (administrator) on SAERNE-PC on 24-10-2014 09:43:53
Running from C:\Users\S.Aerne\Downloads
Loaded Profile: S.Aerne (Available profiles: S.Aerne)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\MountPoints2: {dc1faa98-1187-11e2-a7c6-485b39b2a165} - I:\Start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:16621
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x41B09D54AA43CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070
FF Homepage: https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\S.Aerne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-16]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 GammaMethodRegister; C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe [68096 2014-10-13] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-21] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 0175861394189491mcinstcleanup; C:\Users\S9B32~1.AER\AppData\Local\Temp\017586~1.EXE -cleanup -nolog [X]
S2 ClipboardFAT32Program.exe; C:\Users\S.Aerne\AppData\Local\ClipboardFAT32Program\ClipboardFAT32Program.exe [X]
S2 CodecFolderMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecFolderMotion\CodecFolderMotion.exe [X]
S2 CodecImportMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecImportMotion\CodecImportMotion.exe [X]
S2 ControlDebugOCR.exe; C:\Users\S.Aerne\AppData\Local\ControlDebugOCR\ControlDebugOCR.exe [X]
S2 FileKernelScreenshot.exe; C:\Users\S.Aerne\AppData\Local\FileKernelScreenshot\FileKernelScreenshot.exe [X]
S2 FormatMemoryMotion.exe; C:\Users\S.Aerne\AppData\Local\FormatMemoryMotion\FormatMemoryMotion.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-10-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-10-21] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2011-05-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 09:37 - 2014-10-24 09:37 - 00000627 _____ () C:\Users\S.Aerne\Desktop\JRT.txt
2014-10-24 09:32 - 2014-10-24 09:32 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT(1).exe
2014-10-24 09:19 - 2014-10-24 09:26 - 00001469 _____ () C:\Users\S.Aerne\Desktop\mbam.txt
2014-10-23 21:51 - 2014-10-23 21:51 - 00001648 _____ () C:\Users\S.Aerne\Desktop\eset.txt
2014-10-23 17:57 - 2014-10-23 17:57 - 02347384 _____ (ESET) C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (1).exe
2014-10-23 17:57 - 2014-10-23 17:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-23 15:23 - 2014-10-23 15:23 - 00026283 _____ () C:\Users\S.Aerne\Downloads\Addition.txt
2014-10-23 15:22 - 2014-10-24 09:44 - 00015212 _____ () C:\Users\S.Aerne\Downloads\FRST.txt
2014-10-23 15:22 - 2014-10-24 09:43 - 00000000 ____D () C:\FRST
2014-10-23 15:21 - 2014-10-23 15:22 - 02112000 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST64.exe
2014-10-23 14:47 - 2014-10-23 14:47 - 01705698 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT633.exe
2014-10-23 14:29 - 2014-10-23 14:29 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck.exe
2014-10-23 13:32 - 2014-10-23 13:32 - 01103360 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST.exe
2014-10-23 13:31 - 2014-10-23 13:31 - 00000790 _____ () C:\Users\S.Aerne\Desktop\Defogger.lnk
2014-10-23 13:23 - 2014-10-23 13:23 - 00380416 _____ () C:\Users\S.Aerne\Downloads\Gmer-19357.exe
2014-10-23 13:15 - 2014-10-23 13:31 - 00000528 _____ () C:\Users\S.Aerne\Downloads\defogger_disable.log
2014-10-23 13:15 - 2014-10-23 13:15 - 00000188 _____ () C:\Users\S.Aerne\defogger_reenable
2014-10-23 13:14 - 2014-10-23 13:14 - 00050477 _____ () C:\Users\S.Aerne\Downloads\Defogger.exe
2014-10-22 12:25 - 2014-10-22 12:25 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001(1).exe
2014-10-22 12:24 - 2014-10-22 12:24 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-22 12:23 - 2014-10-22 12:23 - 36254312 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup 33.0.exe
2014-10-22 12:20 - 2014-10-22 12:20 - 00244408 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup Stub 33.0.exe
2014-10-21 15:00 - 2014-10-21 15:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part6.rar
2014-10-21 14:52 - 2014-10-21 15:14 - 141500350 _____ () C:\Users\S.Aerne\Downloads\01artus01.part7.rar
2014-10-21 14:25 - 2014-10-21 14:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\S.Aerne\Downloads\revosetup95.exe
2014-10-21 14:25 - 2014-10-21 14:25 - 00001264 _____ () C:\Users\S.Aerne\Desktop\Revo Uninstaller.lnk
2014-10-21 13:51 - 2014-10-21 13:51 - 00014848 ___SH () C:\Users\S.Aerne\Thumbs.db
2014-10-21 13:43 - 2014-10-21 13:43 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\ProductData
2014-10-21 13:42 - 2014-10-23 12:55 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-21 13:42 - 2014-10-21 13:43 - 00002890 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_S.Aerne
2014-10-21 13:42 - 2014-10-21 13:43 - 00000000 ____D () C:\ProgramData\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00001252 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00001228 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-21 13:41 - 2014-10-21 13:41 - 01125200 _____ () C:\Users\S.Aerne\Downloads\IObit Uninstaller - CHIP-Installer.exe
2014-10-21 13:19 - 2014-10-21 13:19 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001.exe
2014-10-21 12:41 - 2014-10-21 12:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part5.rar
2014-10-21 12:27 - 2014-10-21 12:37 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part4.rar
2014-10-21 12:07 - 2014-10-21 12:59 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part1.rar
2014-10-21 12:01 - 2014-10-21 12:21 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part3.rar
2014-10-21 11:59 - 2014-10-21 12:09 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part2.rar
2014-10-21 10:48 - 2014-10-21 10:48 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\S.Aerne\Downloads\mbam_premium.exe
2014-10-21 10:48 - 2014-10-21 10:48 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-20 16:52 - 2014-10-20 16:52 - 05401624 _____ (Canneverbe Limited ) C:\Users\S.Aerne\Downloads\cdbxp_setup_4.5.4.5118.exe
2014-10-20 16:52 - 2014-10-20 16:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-20 16:24 - 2014-10-20 16:24 - 00000208 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Pack.url
2014-10-17 15:47 - 2014-10-17 15:47 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Company of Heroes 2.url
2014-10-17 15:44 - 2014-10-17 15:44 - 00000223 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Unfinished Business.url
2014-10-16 23:53 - 2014-10-16 23:53 - 00245760 _____ () C:\Users\S.Aerne\Downloads\Q-Dance_Hardstyle_Top_40_June_2014.rar.part
2014-10-16 19:51 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-16 19:49 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20141016-194925.backup
2014-10-16 18:38 - 2014-10-16 18:38 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\QuickScan
2014-10-16 18:35 - 2014-10-16 18:35 - 00567639 _____ () C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu.exe
2014-10-16 18:34 - 2014-10-16 18:34 - 01170104 _____ (Zugara Investments Limited ) C:\Users\S.Aerne\Downloads\esetsmartinstallerdeuexe.exe
2014-10-16 18:30 - 2014-10-21 10:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-16 18:30 - 2014-10-21 10:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-16 18:30 - 2014-10-16 18:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-16 18:29 - 2014-10-16 18:30 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4(1).exe
2014-10-16 18:29 - 2014-10-16 18:29 - 04321294 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4.exe
2014-10-16 13:23 - 2014-10-16 13:23 - 00002187 _____ () C:\Users\S.Aerne\Desktop\Pox Nora.lnk
2014-10-16 13:23 - 2014-10-16 13:23 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pox Nora
2014-10-16 13:22 - 2014-10-16 13:22 - 00000000 ____D () C:\Program Files (x86)\Desert Owl Games
2014-10-16 13:21 - 2014-10-16 13:22 - 34412032 _____ (Desert Owl Games) C:\Users\S.Aerne\Downloads\PoxNora.exe
2014-10-16 11:55 - 2014-10-16 11:55 - 04280468 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot_27341.exe
2014-10-16 11:53 - 2014-10-16 11:53 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\LavasoftStatistics
2014-10-16 11:47 - 2014-10-16 11:47 - 02806920 _____ () C:\Users\S.Aerne\Downloads\Adaware_Installer_11.3.exe
2014-10-16 11:27 - 2014-10-21 20:25 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Desktop\JRT_NEW.exe
2014-10-16 11:27 - 2014-10-16 11:27 - 01705141 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT-631.exe
2014-10-15 13:11 - 2014-10-15 13:11 - 00000000 _____ () C:\autoexec.bat
2014-10-15 13:10 - 2014-10-16 11:18 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-15 13:09 - 2014-10-15 13:09 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\S.Aerne\Downloads\SpyHunter-Installer.exe
2014-10-15 11:59 - 2014-10-15 11:59 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-10-15 11:56 - 2014-10-15 11:56 - 00003400 _____ () C:\Windows\system32\.crusader
2014-10-15 11:46 - 2014-10-15 11:58 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-15 11:46 - 2014-10-15 11:46 - 11194928 _____ (SurfRight B.V.) C:\Users\S.Aerne\Downloads\HitmanPro_x64.exe
2014-10-15 11:14 - 2014-10-15 12:06 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Nico Mak Computing
2014-10-15 11:13 - 2014-10-15 11:14 - 04892480 _____ (WinZip International LLC ) C:\Users\S.Aerne\Downloads\wzmp_8.exe
2014-10-15 11:10 - 2014-10-24 09:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 11:07 - 2014-10-15 11:07 - 01125200 _____ () C:\Users\S.Aerne\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-10-15 10:50 - 2014-10-15 10:50 - 01169160 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\csbsetup.exe
2014-10-15 10:49 - 2014-10-15 10:49 - 02894945 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\asdsetup.exe
2014-10-15 10:33 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 10:33 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 10:32 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 10:32 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 10:32 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 10:32 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 10:32 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 10:32 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 10:32 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 10:32 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 10:32 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 10:32 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 10:32 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 10:31 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 10:31 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 10:31 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 10:31 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 10:31 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 10:31 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 10:31 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:31 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 10:31 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 10:31 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:31 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:31 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 10:31 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 10:31 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 10:31 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 10:31 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 10:31 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 10:31 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 10:31 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 10:31 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 10:31 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 10:31 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 10:31 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 10:30 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 10:30 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:30 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 10:30 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:30 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 10:30 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 10:30 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 10:21 - 2014-10-15 10:21 - 00000000 ____D () C:\Windows\SysWOW64\GammaMethodRegister
2014-10-11 17:22 - 2014-10-11 17:24 - 00000000 ____D () C:\Users\S.Aerne\Documents\Heroes of the Storm
2014-10-11 17:18 - 2014-10-11 17:18 - 00001189 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2014-10-11 17:18 - 2014-10-11 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-10-11 17:06 - 2014-10-17 08:59 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-10-11 17:04 - 2014-10-11 17:04 - 07080744 _____ (Blizzard Entertainment) C:\Users\S.Aerne\Downloads\Heroes-of-the-Storm-Setup-enUS.exe
2014-10-11 15:18 - 2014-10-11 15:19 - 09020704 _____ (HEX Entertainment ) C:\Users\S.Aerne\Downloads\HEXSetup(1).exe
2014-10-10 18:48 - 2014-10-10 19:30 - 00000000 ____D () C:\Users\S.Aerne\Documents\BloodBowlChaos
2014-10-10 08:40 - 2014-10-10 08:40 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Blood Bowl Chaos Edition.url
2014-10-07 11:00 - 2014-10-07 11:10 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part4.rar
2014-10-07 10:37 - 2014-10-07 10:47 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part3.rar
2014-10-07 10:25 - 2014-10-07 11:26 - 186626412 _____ () C:\Users\S.Aerne\Downloads\01terror.part5.rar
2014-10-07 10:25 - 2014-10-07 11:22 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part1.rar
2014-10-07 10:25 - 2014-10-07 10:35 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part2.rar
2014-10-03 13:17 - 2014-10-10 08:41 - 00000000 ____D () C:\Users\S.Aerne\Documents\majesty2
2014-10-03 13:17 - 2014-10-03 13:17 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive
2014-10-03 12:40 - 2014-10-03 12:40 - 00000221 _____ () C:\Users\S.Aerne\Desktop\Majesty 2 Collection.url
2014-10-01 12:18 - 2014-10-01 12:18 - 00000218 _____ () C:\Users\S.Aerne\Desktop\Half-Life.url
2014-10-01 09:29 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:29 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 15:20 - 2014-09-30 15:20 - 00001618 _____ () C:\Users\Public\Desktop\Braveland.lnk
2014-09-26 12:36 - 2014-09-26 12:36 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Prime World.url
2014-09-24 10:21 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:21 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 09:39 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-24 09:39 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-24 09:35 - 2010-08-24 18:03 - 01454691 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 09:30 - 2014-02-23 12:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-24 09:30 - 2010-08-25 01:42 - 00449904 _____ () C:\Windows\PFRO.log
2014-10-24 09:30 - 2010-08-24 21:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-24 09:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-24 09:30 - 2009-07-14 06:51 - 00216304 _____ () C:\Windows\setupact.log
2014-10-24 09:29 - 2014-09-14 09:39 - 00000000 ____D () C:\AdwCleaner
2014-10-24 09:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-10-24 09:09 - 2012-07-18 08:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-23 13:36 - 2014-09-13 09:24 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-10-23 13:15 - 2010-08-24 18:16 - 00000000 ____D () C:\Users\S.Aerne
2014-10-21 20:27 - 2010-12-29 12:14 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Hörbücher
2014-10-21 15:10 - 2009-07-14 19:58 - 00711602 _____ () C:\Windows\system32\perfh007.dat
2014-10-21 15:10 - 2009-07-14 19:58 - 00155078 _____ () C:\Windows\system32\perfc007.dat
2014-10-21 15:10 - 2009-07-14 07:13 - 01649556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-21 14:46 - 2010-12-27 14:22 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-21 14:45 - 2010-12-27 14:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-21 14:45 - 2010-12-27 14:22 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-21 14:25 - 2014-09-14 10:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-21 13:54 - 2013-03-23 20:33 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\My Games
2014-10-21 13:54 - 2010-08-25 17:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-21 13:21 - 2014-09-12 07:25 - 00001079 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-20 17:08 - 2014-09-12 15:02 - 00000000 ____D () C:\Program Files (x86)\HEX
2014-10-20 16:52 - 2010-11-08 22:11 - 00001155 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-10-20 16:52 - 2010-11-08 22:11 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-20 16:40 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 16:27 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-18 08:44 - 2013-10-25 11:31 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\Battle.net
2014-10-17 16:13 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-10-16 16:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-16 11:03 - 2009-07-14 06:45 - 00299528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 11:01 - 2014-05-06 15:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 13:39 - 2013-08-15 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:37 - 2010-09-04 12:08 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 11:59 - 2010-08-24 18:42 - 00000000 ____D () C:\Users\S.Aerne\Tracing
2014-10-15 11:56 - 2014-09-13 09:25 - 00000000 ____D () C:\Windows\SysWOW64\FormatMBRRuntime
2014-10-13 09:41 - 2013-10-25 11:33 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-11 17:22 - 2010-08-25 00:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-11 17:05 - 2013-10-25 11:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-11 15:19 - 2014-09-12 15:02 - 00001070 _____ () C:\Users\Public\Desktop\HEX.lnk
2014-10-11 15:19 - 2014-09-12 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEX
2014-10-11 09:12 - 2014-07-10 15:02 - 00000000 ____D () C:\Users\S.Aerne\Documents\Stronghold Crusader
2014-10-10 18:32 - 2010-09-27 11:58 - 00621293 _____ () C:\Windows\DirectX.log
2014-10-02 15:53 - 2010-08-24 18:36 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-30 15:20 - 2014-02-07 10:40 - 00000000 ____D () C:\GOG Games
2014-09-30 15:20 - 2014-02-07 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-09-30 15:20 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-30 13:42 - 2014-02-07 10:34 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\GOG.com
2014-09-26 12:48 - 2012-05-18 19:27 - 00000000 ____D () C:\Users\S.Aerne\Documents\My Games
2014-09-24 11:09 - 2012-07-18 08:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 11:09 - 2012-07-18 08:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 11:09 - 2011-12-02 03:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\S.Aerne\AppData\Local\Temp\msvcr80.dll
C:\Users\S.Aerne\AppData\Local\Temp\Quarantine.exe
C:\Users\S.Aerne\AppData\Local\Temp\SimPack.exe
C:\Users\S.Aerne\AppData\Local\Temp\sqlite3.dll
C:\Users\S.Aerne\AppData\Local\Temp\zlib1.dll
C:\Users\S.Aerne\AppData\Local\Temp\_isAB6B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 15:53

==================== End Of Log ============================
--- --- ---

--- --- ---



FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014
Ran by S.Aerne at 2014-10-24 09:44:20
Running from C:\Users\S.Aerne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle Isle Platinum (HKLM-x32\...\GOGPACKBATTLEISLEPLATINUM_is1) (Version: 2.1.0.19 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackguards (HKLM-x32\...\Steam App 249650) (Version:  - Daedalic Entertainment)
Blood Bowl: Chaos Edition (HKLM-x32\...\Steam App 216890) (Version:  - Cyanide Studios)
Braveland (HKLM-x32\...\GOGPACKBRAVELAND_is1) (Version: 2.1.0.3 - GOG.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version:  - Level Up Labs, LLC)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Draconian Wars (HKLM-x32\...\Steam App 296590) (Version:  - Kardfy Studios)
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Etherlords (HKLM-x32\...\Steam App 270770) (Version:  - Nival)
Etherlords II (HKLM-x32\...\Steam App 270790) (Version:  - Nival)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version:  - Stardock Entertainment)
FLOCK! (HKLM-x32\...\Steam App 21640) (Version:  - Proper Games)
Foxit Reader 5.0 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.0.2.718 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Gorky 17 (HKLM-x32\...\Steam App 253920) (Version:  - )
Grotesque Tactics: Evil Heroes (HKLM-x32\...\Steam App 46450) (Version:  - Headup Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version:  - HEX Entertainment)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Jagged Alliance 2 Gold: Unfinished Business (HKLM-x32\...\Steam App 12380) (Version:  - Strategy First)
Jagged Alliance 2: Gold Pack (HKLM-x32\...\Steam App 12370) (Version:  - Strategy First)
Java Auto Updater (x32 Version: 2.0.4.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Majesty 2 Collection (HKLM-x32\...\Steam App 73020) (Version:  - 1C:InoCo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
MMDoC-PDCLive Launcher (HKCU\...\3114a86aa00b92d7) (Version: 1.0.1.1 - Ubisoft)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MP Manager (HKLM-x32\...\{D62460AF-5A0E-44F7-A647-C79076C5CA65}) (Version: 1.0.4715 - MPMAN)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Pox Nora 1.8 (HKLM-x32\...\3055-2232-0137-3195) (Version: 1.8 - Desert Owl Games)
Prime World (HKLM-x32\...\Steam App 235340) (Version:  - Nival)
Prime World: Defenders (HKLM-x32\...\Steam App 235360) (Version:  - Nival)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version:  - 3D Realms)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10511 - TeamViewer GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Wakfu (HKLM-x32\...\Steam App 215080) (Version:  - Ankama)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Paradox Interactive)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinSCP 5.1.4 (HKLM-x32\...\winscp3_is1) (Version: 5.1.4 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

20-10-2014 05:53:03 Geplanter Prüfpunkt
21-10-2014 08:50:30 AA11
21-10-2014 08:50:43 Windows Update
21-10-2014 10:59:15 Removed Bonjour
21-10-2014 10:59:55 Removed Apple Mobile Device Support
21-10-2014 11:00:40 Removed Apple Application Support
21-10-2014 11:01:16 Removed Apple Software Update
21-10-2014 12:27:09 Revo Uninstaller's restore point - Shopping Helper Smartbar
21-10-2014 12:43:33 Removed iTunes
21-10-2014 12:45:15 Removed QuickTime

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-10-16 19:49 - 00450713 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1497AE49-32B5-4CB5-A34B-5E683461C01E} - System32\Tasks\{2D11BC38-BC04-40C6-89C1-82353F9ABE4B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {1BCDBB30-79DA-45F0-AC6A-7EFA2D763068} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {84850552-32DC-4798-9EC5-B9406A0C9465} - System32\Tasks\Uninstaller_SkipUac_S.Aerne => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-21] (IObit)
Task: {AEAE8254-C339-44CE-BD29-B2E72526D93C} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {AF1BE5C7-2138-4C5F-869C-7C3ED971F9F7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {BBCE63A8-9FDD-48C8-8CF0-BFFB6A9A450A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {FBDB51E8-1AC7-4A3B-867F-D2B43E4FF7A5} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-12-19 14:04 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-15 10:21 - 2014-10-13 11:01 - 00068096 _____ () C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe
2014-08-29 09:22 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 09:22 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 09:22 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-02-23 12:53 - 2014-10-02 01:16 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 11:44 - 2014-10-21 21:22 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 09:22 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 09:22 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-02-23 12:53 - 2014-10-21 21:22 - 00682176 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-02-23 12:53 - 2014-09-05 01:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-22 12:24 - 2014-10-11 14:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-11 10:09 - 2014-09-11 10:09 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-762131175-2521822999-1656188121-500 - Administrator - Disabled)
ASPNET (S-1-5-21-762131175-2521822999-1656188121-1004 - Administrator - Enabled)
Gast (S-1-5-21-762131175-2521822999-1656188121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-762131175-2521822999-1656188121-1002 - Limited - Enabled)
S.Aerne (S-1-5-21-762131175-2521822999-1656188121-1000 - Administrator - Enabled) => C:\Users\S.Aerne

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 09:41:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (10/24/2014 09:41:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (1).exe


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 48%
Total physical RAM: 4095.18 MB
Available physical RAM: 2088.54 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5958.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:315.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7A745740)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

schrauber 24.10.2014 18:07

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Komprex 24.10.2014 21:46
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\HpUI.exe.vir Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir Win32/Thinknice.E evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir Win64/Thinknice.E evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir Win32/Thinknice.E evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Users\S.Aerne\AppData\Local\Temp\VOPackage.exe.vir Win32/VOPackage.AD evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Documents\Downloads\Integrated_BrotherSoft_TB.exe Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Documents\Downloads\Integrated_CT2776682.exe Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\wzmp_8.exe Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\Games\Brothersoft_downloader_For_Dungeon_Keeper.exe Variante von Win32/BSDownloader evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\Games\com.herocraft.game.revivaldeluxe.demo.apk Variante von Android/TrojanSMS.Agent.AJM Trojaner gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\Games\installer_elven__legacy_1_0_Deutsch.exe Win32/Toggle evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\Musik\Eluveitie_2010_Everything_Remains_As_It_Never_Was_[Limited_Edition].exe Win32/AdWare.1ClickDownload.AT Anwendung Gesäubert durch Löschen - in Quarantäne kopiert
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014
Ran by S.Aerne (administrator) on SAERNE-PC on 24-10-2014 22:42:58
Running from C:\Users\S.Aerne\Downloads
Loaded Profile: S.Aerne (Available profiles: S.Aerne)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\MountPoints2: {dc1faa98-1187-11e2-a7c6-485b39b2a165} - I:\Start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:23868
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x41B09D54AA43CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070
FF Homepage: https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\S.Aerne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-16]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 GammaMethodRegister; C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe [68096 2014-10-13] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-21] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 0175861394189491mcinstcleanup; C:\Users\S9B32~1.AER\AppData\Local\Temp\017586~1.EXE -cleanup -nolog [X]
S2 ClipboardFAT32Program.exe; C:\Users\S.Aerne\AppData\Local\ClipboardFAT32Program\ClipboardFAT32Program.exe [X]
S2 CodecFolderMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecFolderMotion\CodecFolderMotion.exe [X]
S2 CodecImportMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecImportMotion\CodecImportMotion.exe [X]
S2 ControlDebugOCR.exe; C:\Users\S.Aerne\AppData\Local\ControlDebugOCR\ControlDebugOCR.exe [X]
S2 FileKernelScreenshot.exe; C:\Users\S.Aerne\AppData\Local\FileKernelScreenshot\FileKernelScreenshot.exe [X]
S2 FormatMemoryMotion.exe; C:\Users\S.Aerne\AppData\Local\FormatMemoryMotion\FormatMemoryMotion.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-10-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-10-21] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2011-05-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 22:39 - 2014-10-24 22:39 - 00000627 _____ () C:\Users\S.Aerne\Desktop\JRT.txt
2014-10-24 22:26 - 2014-10-24 22:26 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck(2).exe
2014-10-24 19:24 - 2014-10-24 19:24 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck(1).exe
2014-10-24 19:14 - 2014-10-24 19:14 - 02347384 _____ (ESET) C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (2).exe
2014-10-24 09:32 - 2014-10-24 09:32 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT(1).exe
2014-10-24 09:19 - 2014-10-24 09:26 - 00001469 _____ () C:\Users\S.Aerne\Desktop\mbam.txt
2014-10-23 21:51 - 2014-10-24 22:22 - 00002092 _____ () C:\Users\S.Aerne\Desktop\eset.txt
2014-10-23 17:57 - 2014-10-23 17:57 - 02347384 _____ (ESET) C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (1).exe
2014-10-23 15:23 - 2014-10-24 09:44 - 00025584 _____ () C:\Users\S.Aerne\Downloads\Addition.txt
2014-10-23 15:22 - 2014-10-24 22:43 - 00015021 _____ () C:\Users\S.Aerne\Downloads\FRST.txt
2014-10-23 15:22 - 2014-10-24 22:42 - 00000000 ____D () C:\FRST
2014-10-23 15:21 - 2014-10-23 15:22 - 02112000 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST64.exe
2014-10-23 14:47 - 2014-10-23 14:47 - 01705698 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT633.exe
2014-10-23 14:29 - 2014-10-23 14:29 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck.exe
2014-10-23 13:32 - 2014-10-23 13:32 - 01103360 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST.exe
2014-10-23 13:31 - 2014-10-23 13:31 - 00000790 _____ () C:\Users\S.Aerne\Desktop\Defogger.lnk
2014-10-23 13:23 - 2014-10-23 13:23 - 00380416 _____ () C:\Users\S.Aerne\Downloads\Gmer-19357.exe
2014-10-23 13:15 - 2014-10-23 13:31 - 00000528 _____ () C:\Users\S.Aerne\Downloads\defogger_disable.log
2014-10-23 13:15 - 2014-10-23 13:15 - 00000188 _____ () C:\Users\S.Aerne\defogger_reenable
2014-10-23 13:14 - 2014-10-23 13:14 - 00050477 _____ () C:\Users\S.Aerne\Downloads\Defogger.exe
2014-10-22 12:25 - 2014-10-22 12:25 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001(1).exe
2014-10-22 12:24 - 2014-10-22 12:24 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-22 12:23 - 2014-10-22 12:23 - 36254312 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup 33.0.exe
2014-10-22 12:20 - 2014-10-22 12:20 - 00244408 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup Stub 33.0.exe
2014-10-21 15:00 - 2014-10-21 15:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part6.rar
2014-10-21 14:52 - 2014-10-21 15:14 - 141500350 _____ () C:\Users\S.Aerne\Downloads\01artus01.part7.rar
2014-10-21 14:25 - 2014-10-21 14:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\S.Aerne\Downloads\revosetup95.exe
2014-10-21 14:25 - 2014-10-21 14:25 - 00001264 _____ () C:\Users\S.Aerne\Desktop\Revo Uninstaller.lnk
2014-10-21 13:51 - 2014-10-21 13:51 - 00014848 ___SH () C:\Users\S.Aerne\Thumbs.db
2014-10-21 13:43 - 2014-10-21 13:43 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\ProductData
2014-10-21 13:42 - 2014-10-24 22:35 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-21 13:42 - 2014-10-21 13:43 - 00002890 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_S.Aerne
2014-10-21 13:42 - 2014-10-21 13:43 - 00000000 ____D () C:\ProgramData\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00001252 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00001228 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-21 13:41 - 2014-10-21 13:41 - 01125200 _____ () C:\Users\S.Aerne\Downloads\IObit Uninstaller - CHIP-Installer.exe
2014-10-21 13:19 - 2014-10-21 13:19 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001.exe
2014-10-21 12:41 - 2014-10-21 12:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part5.rar
2014-10-21 12:27 - 2014-10-21 12:37 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part4.rar
2014-10-21 12:07 - 2014-10-21 12:59 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part1.rar
2014-10-21 12:01 - 2014-10-21 12:21 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part3.rar
2014-10-21 11:59 - 2014-10-21 12:09 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part2.rar
2014-10-21 10:48 - 2014-10-21 10:48 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\S.Aerne\Downloads\mbam_premium.exe
2014-10-21 10:48 - 2014-10-21 10:48 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-20 16:52 - 2014-10-20 16:52 - 05401624 _____ (Canneverbe Limited ) C:\Users\S.Aerne\Downloads\cdbxp_setup_4.5.4.5118.exe
2014-10-20 16:52 - 2014-10-20 16:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-20 16:24 - 2014-10-20 16:24 - 00000208 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Pack.url
2014-10-17 15:47 - 2014-10-17 15:47 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Company of Heroes 2.url
2014-10-17 15:44 - 2014-10-17 15:44 - 00000223 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Unfinished Business.url
2014-10-16 23:53 - 2014-10-16 23:53 - 00245760 _____ () C:\Users\S.Aerne\Downloads\Q-Dance_Hardstyle_Top_40_June_2014.rar.part
2014-10-16 19:51 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-16 19:49 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20141016-194925.backup
2014-10-16 18:38 - 2014-10-16 18:38 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\QuickScan
2014-10-16 18:35 - 2014-10-16 18:35 - 00567639 _____ () C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu.exe
2014-10-16 18:34 - 2014-10-16 18:34 - 01170104 _____ (Zugara Investments Limited ) C:\Users\S.Aerne\Downloads\esetsmartinstallerdeuexe.exe
2014-10-16 18:30 - 2014-10-21 10:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-16 18:30 - 2014-10-21 10:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-16 18:30 - 2014-10-16 18:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-16 18:29 - 2014-10-16 18:30 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4(1).exe
2014-10-16 18:29 - 2014-10-16 18:29 - 04321294 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4.exe
2014-10-16 13:23 - 2014-10-16 13:23 - 00002187 _____ () C:\Users\S.Aerne\Desktop\Pox Nora.lnk
2014-10-16 13:23 - 2014-10-16 13:23 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pox Nora
2014-10-16 13:22 - 2014-10-16 13:22 - 00000000 ____D () C:\Program Files (x86)\Desert Owl Games
2014-10-16 13:21 - 2014-10-16 13:22 - 34412032 _____ (Desert Owl Games) C:\Users\S.Aerne\Downloads\PoxNora.exe
2014-10-16 11:55 - 2014-10-16 11:55 - 04280468 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot_27341.exe
2014-10-16 11:53 - 2014-10-16 11:53 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\LavasoftStatistics
2014-10-16 11:47 - 2014-10-16 11:47 - 02806920 _____ () C:\Users\S.Aerne\Downloads\Adaware_Installer_11.3.exe
2014-10-16 11:27 - 2014-10-21 20:25 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Desktop\JRT_NEW.exe
2014-10-16 11:27 - 2014-10-16 11:27 - 01705141 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT-631.exe
2014-10-15 13:11 - 2014-10-15 13:11 - 00000000 _____ () C:\autoexec.bat
2014-10-15 13:10 - 2014-10-16 11:18 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-15 13:09 - 2014-10-15 13:09 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\S.Aerne\Downloads\SpyHunter-Installer.exe
2014-10-15 11:59 - 2014-10-15 11:59 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-10-15 11:56 - 2014-10-15 11:56 - 00003400 _____ () C:\Windows\system32\.crusader
2014-10-15 11:46 - 2014-10-15 11:58 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-15 11:46 - 2014-10-15 11:46 - 11194928 _____ (SurfRight B.V.) C:\Users\S.Aerne\Downloads\HitmanPro_x64.exe
2014-10-15 11:14 - 2014-10-15 12:06 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Nico Mak Computing
2014-10-15 11:10 - 2014-10-24 22:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 11:07 - 2014-10-15 11:07 - 01125200 _____ () C:\Users\S.Aerne\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-10-15 10:50 - 2014-10-15 10:50 - 01169160 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\csbsetup.exe
2014-10-15 10:49 - 2014-10-15 10:49 - 02894945 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\asdsetup.exe
2014-10-15 10:33 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 10:33 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 10:32 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 10:32 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 10:32 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 10:32 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 10:32 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 10:32 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 10:32 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 10:32 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 10:32 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 10:32 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 10:32 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 10:31 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 10:31 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 10:31 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 10:31 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 10:31 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 10:31 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 10:31 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:31 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 10:31 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 10:31 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:31 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:31 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 10:31 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 10:31 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 10:31 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 10:31 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 10:31 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 10:31 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 10:31 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 10:31 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 10:31 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 10:31 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 10:31 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 10:30 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 10:30 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:30 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 10:30 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:30 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 10:30 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 10:30 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 10:21 - 2014-10-15 10:21 - 00000000 ____D () C:\Windows\SysWOW64\GammaMethodRegister
2014-10-11 17:22 - 2014-10-11 17:24 - 00000000 ____D () C:\Users\S.Aerne\Documents\Heroes of the Storm
2014-10-11 17:18 - 2014-10-11 17:18 - 00001189 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2014-10-11 17:18 - 2014-10-11 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-10-11 17:06 - 2014-10-17 08:59 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-10-11 17:04 - 2014-10-11 17:04 - 07080744 _____ (Blizzard Entertainment) C:\Users\S.Aerne\Downloads\Heroes-of-the-Storm-Setup-enUS.exe
2014-10-11 15:18 - 2014-10-11 15:19 - 09020704 _____ (HEX Entertainment ) C:\Users\S.Aerne\Downloads\HEXSetup(1).exe
2014-10-10 18:48 - 2014-10-10 19:30 - 00000000 ____D () C:\Users\S.Aerne\Documents\BloodBowlChaos
2014-10-10 08:40 - 2014-10-10 08:40 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Blood Bowl Chaos Edition.url
2014-10-07 11:00 - 2014-10-07 11:10 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part4.rar
2014-10-07 10:37 - 2014-10-07 10:47 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part3.rar
2014-10-07 10:25 - 2014-10-07 11:26 - 186626412 _____ () C:\Users\S.Aerne\Downloads\01terror.part5.rar
2014-10-07 10:25 - 2014-10-07 11:22 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part1.rar
2014-10-07 10:25 - 2014-10-07 10:35 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part2.rar
2014-10-03 13:17 - 2014-10-10 08:41 - 00000000 ____D () C:\Users\S.Aerne\Documents\majesty2
2014-10-03 13:17 - 2014-10-03 13:17 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive
2014-10-03 12:40 - 2014-10-03 12:40 - 00000221 _____ () C:\Users\S.Aerne\Desktop\Majesty 2 Collection.url
2014-10-01 12:18 - 2014-10-01 12:18 - 00000218 _____ () C:\Users\S.Aerne\Desktop\Half-Life.url
2014-10-01 09:29 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:29 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 15:20 - 2014-09-30 15:20 - 00001618 _____ () C:\Users\Public\Desktop\Braveland.lnk
2014-09-26 12:36 - 2014-09-26 12:36 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Prime World.url
2014-09-24 10:21 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:21 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 22:41 - 2010-08-24 18:03 - 01496325 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 22:34 - 2014-02-23 12:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-24 22:34 - 2010-08-25 01:42 - 00450218 _____ () C:\Windows\PFRO.log
2014-10-24 22:34 - 2010-08-24 21:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-24 22:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-24 22:34 - 2009-07-14 06:51 - 00216472 _____ () C:\Windows\setupact.log
2014-10-24 22:33 - 2014-09-14 09:39 - 00000000 ____D () C:\AdwCleaner
2014-10-24 22:09 - 2012-07-18 08:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-24 22:08 - 2011-03-07 12:47 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Musik
2014-10-24 22:08 - 2011-02-18 14:50 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Games
2014-10-24 09:39 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-24 09:39 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-24 09:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-10-23 13:36 - 2014-09-13 09:24 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-10-23 13:15 - 2010-08-24 18:16 - 00000000 ____D () C:\Users\S.Aerne
2014-10-21 20:27 - 2010-12-29 12:14 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Hörbücher
2014-10-21 15:10 - 2009-07-14 19:58 - 00711602 _____ () C:\Windows\system32\perfh007.dat
2014-10-21 15:10 - 2009-07-14 19:58 - 00155078 _____ () C:\Windows\system32\perfc007.dat
2014-10-21 15:10 - 2009-07-14 07:13 - 01649556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-21 14:46 - 2010-12-27 14:22 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-21 14:45 - 2010-12-27 14:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-21 14:45 - 2010-12-27 14:22 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-21 14:25 - 2014-09-14 10:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-21 13:54 - 2013-03-23 20:33 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\My Games
2014-10-21 13:54 - 2010-08-25 17:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-21 13:21 - 2014-09-12 07:25 - 00001079 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-20 17:08 - 2014-09-12 15:02 - 00000000 ____D () C:\Program Files (x86)\HEX
2014-10-20 16:52 - 2010-11-08 22:11 - 00001155 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-10-20 16:52 - 2010-11-08 22:11 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-20 16:40 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 16:27 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-18 08:44 - 2013-10-25 11:31 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\Battle.net
2014-10-17 16:13 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-10-16 16:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-16 11:03 - 2009-07-14 06:45 - 00299528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 11:01 - 2014-05-06 15:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 13:39 - 2013-08-15 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:37 - 2010-09-04 12:08 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 11:59 - 2010-08-24 18:42 - 00000000 ____D () C:\Users\S.Aerne\Tracing
2014-10-15 11:56 - 2014-09-13 09:25 - 00000000 ____D () C:\Windows\SysWOW64\FormatMBRRuntime
2014-10-13 09:41 - 2013-10-25 11:33 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-11 17:22 - 2010-08-25 00:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-11 17:05 - 2013-10-25 11:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-11 15:19 - 2014-09-12 15:02 - 00001070 _____ () C:\Users\Public\Desktop\HEX.lnk
2014-10-11 15:19 - 2014-09-12 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEX
2014-10-11 09:12 - 2014-07-10 15:02 - 00000000 ____D () C:\Users\S.Aerne\Documents\Stronghold Crusader
2014-10-10 18:32 - 2010-09-27 11:58 - 00621293 _____ () C:\Windows\DirectX.log
2014-10-02 15:53 - 2010-08-24 18:36 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-30 15:20 - 2014-02-07 10:40 - 00000000 ____D () C:\GOG Games
2014-09-30 15:20 - 2014-02-07 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-09-30 15:20 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-30 13:42 - 2014-02-07 10:34 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\GOG.com
2014-09-26 12:48 - 2012-05-18 19:27 - 00000000 ____D () C:\Users\S.Aerne\Documents\My Games
2014-09-24 11:09 - 2012-07-18 08:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 11:09 - 2012-07-18 08:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 11:09 - 2011-12-02 03:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\S.Aerne\AppData\Local\Temp\msvcr80.dll
C:\Users\S.Aerne\AppData\Local\Temp\Quarantine.exe
C:\Users\S.Aerne\AppData\Local\Temp\SimPack.exe
C:\Users\S.Aerne\AppData\Local\Temp\sqlite3.dll
C:\Users\S.Aerne\AppData\Local\Temp\zlib1.dll
C:\Users\S.Aerne\AppData\Local\Temp\_isAB6B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 15:53

==================== End Of Log ============================
--- --- ---
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014
Ran by S.Aerne at 2014-10-24 22:43:37
Running from C:\Users\S.Aerne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle Isle Platinum (HKLM-x32\...\GOGPACKBATTLEISLEPLATINUM_is1) (Version: 2.1.0.19 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackguards (HKLM-x32\...\Steam App 249650) (Version:  - Daedalic Entertainment)
Blood Bowl: Chaos Edition (HKLM-x32\...\Steam App 216890) (Version:  - Cyanide Studios)
Braveland (HKLM-x32\...\GOGPACKBRAVELAND_is1) (Version: 2.1.0.3 - GOG.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version:  - Level Up Labs, LLC)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Draconian Wars (HKLM-x32\...\Steam App 296590) (Version:  - Kardfy Studios)
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
Etherlords (HKLM-x32\...\Steam App 270770) (Version:  - Nival)
Etherlords II (HKLM-x32\...\Steam App 270790) (Version:  - Nival)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version:  - Stardock Entertainment)
FLOCK! (HKLM-x32\...\Steam App 21640) (Version:  - Proper Games)
Foxit Reader 5.0 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.0.2.718 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Gorky 17 (HKLM-x32\...\Steam App 253920) (Version:  - )
Grotesque Tactics: Evil Heroes (HKLM-x32\...\Steam App 46450) (Version:  - Headup Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version:  - HEX Entertainment)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Jagged Alliance 2 Gold: Unfinished Business (HKLM-x32\...\Steam App 12380) (Version:  - Strategy First)
Jagged Alliance 2: Gold Pack (HKLM-x32\...\Steam App 12370) (Version:  - Strategy First)
Java Auto Updater (x32 Version: 2.0.4.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Majesty 2 Collection (HKLM-x32\...\Steam App 73020) (Version:  - 1C:InoCo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
MMDoC-PDCLive Launcher (HKCU\...\3114a86aa00b92d7) (Version: 1.0.1.1 - Ubisoft)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MP Manager (HKLM-x32\...\{D62460AF-5A0E-44F7-A647-C79076C5CA65}) (Version: 1.0.4715 - MPMAN)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Pox Nora 1.8 (HKLM-x32\...\3055-2232-0137-3195) (Version: 1.8 - Desert Owl Games)
Prime World (HKLM-x32\...\Steam App 235340) (Version:  - Nival)
Prime World: Defenders (HKLM-x32\...\Steam App 235360) (Version:  - Nival)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version:  - 3D Realms)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10511 - TeamViewer GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Wakfu (HKLM-x32\...\Steam App 215080) (Version:  - Ankama)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Paradox Interactive)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinSCP 5.1.4 (HKLM-x32\...\winscp3_is1) (Version: 5.1.4 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

20-10-2014 05:53:03 Geplanter Prüfpunkt
21-10-2014 08:50:30 AA11
21-10-2014 08:50:43 Windows Update
21-10-2014 10:59:15 Removed Bonjour
21-10-2014 10:59:55 Removed Apple Mobile Device Support
21-10-2014 11:00:40 Removed Apple Application Support
21-10-2014 11:01:16 Removed Apple Software Update
21-10-2014 12:27:09 Revo Uninstaller's restore point - Shopping Helper Smartbar
21-10-2014 12:43:33 Removed iTunes
21-10-2014 12:45:15 Removed QuickTime

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-10-16 19:49 - 00450713 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        Gadgets And More
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1497AE49-32B5-4CB5-A34B-5E683461C01E} - System32\Tasks\{2D11BC38-BC04-40C6-89C1-82353F9ABE4B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {1BCDBB30-79DA-45F0-AC6A-7EFA2D763068} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {84850552-32DC-4798-9EC5-B9406A0C9465} - System32\Tasks\Uninstaller_SkipUac_S.Aerne => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-21] (IObit)
Task: {AEAE8254-C339-44CE-BD29-B2E72526D93C} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {AF1BE5C7-2138-4C5F-869C-7C3ED971F9F7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {BBCE63A8-9FDD-48C8-8CF0-BFFB6A9A450A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {FBDB51E8-1AC7-4A3B-867F-D2B43E4FF7A5} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-12-19 14:04 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-15 10:21 - 2014-10-13 11:01 - 00068096 _____ () C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe
2014-10-22 12:24 - 2014-10-11 14:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-11 10:09 - 2014-09-11 10:09 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-762131175-2521822999-1656188121-500 - Administrator - Disabled)
ASPNET (S-1-5-21-762131175-2521822999-1656188121-1004 - Administrator - Enabled)
Gast (S-1-5-21-762131175-2521822999-1656188121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-762131175-2521822999-1656188121-1002 - Limited - Enabled)
S.Aerne (S-1-5-21-762131175-2521822999-1656188121-1000 - Administrator - Enabled) => C:\Users\S.Aerne

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 10:42:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (10/24/2014 10:42:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (2).exe


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 4095.18 MB
Available physical RAM: 1823.5 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5880.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:315.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7A745740)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---


Security Check kann ich leider nicht ausführen, ich erhalte die Meldung: UNSUPPORTED OPERATING SYSTEM! ABORTED!

Und ja das Problem mit eDeals besteht noch genauso wie vorher

Komprex 24.10.2014 21:49
Security Check kann ich leider nicht ausführen, ich erhalte die Meldung: UNSUPPORTED OPERATING SYSTEM! ABORTED!

Und ja das Problem mit eDeals besteht leider noch genauso wie vorher.


C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\HpUI.exe.vir Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader32.exe.vir Win32/Thinknice.E evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\Loader64.exe.vir Win64/Thinknice.E evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\uninstall.exe.vir Win32/Thinknice.E evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\WindowsSupportDll64.dll.vir Variante von Win32/Thinknice.F evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\AdwCleaner\Quarantine\C\Users\S.Aerne\AppData\Local\Temp\VOPackage.exe.vir Win32/VOPackage.AD evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Documents\Downloads\Integrated_BrotherSoft_TB.exe Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Documents\Downloads\Integrated_CT2776682.exe Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\wzmp_8.exe Variante von MSIL/AdvancedSystemProtector.F evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\Games\Brothersoft_downloader_For_Dungeon_Keeper.exe Variante von Win32/BSDownloader evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\Games\com.herocraft.game.revivaldeluxe.demo.apk Variante von Android/TrojanSMS.Agent.AJM Trojaner gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\Games\installer_elven__legacy_1_0_Deutsch.exe Win32/Toggle evtl. unerwünschte Anwendung gelöscht - in Quarantäne kopiert
C:\Users\S.Aerne\Downloads\Musik\Eluveitie_2010_Everything_Remains_As_It_Never_Was_[Limited_Edition].exe Win32/AdWare.1ClickDownload.AT Anwendung Gesäubert durch Löschen - in Quarantäne kopiert

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-10-2014
Ran by S.Aerne (administrator) on SAERNE-PC on 24-10-2014 22:42:58
Running from C:\Users\S.Aerne\Downloads
Loaded Profile: S.Aerne (Available profiles: S.Aerne)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\MountPoints2: {dc1faa98-1187-11e2-a7c6-485b39b2a165} - I:\Start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:23868
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x41B09D54AA43CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070
FF Homepage: https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\S.Aerne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\hca1uvkk.default-1413971435070\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-16]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 GammaMethodRegister; C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe [68096 2014-10-13] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-21] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 0175861394189491mcinstcleanup; C:\Users\S9B32~1.AER\AppData\Local\Temp\017586~1.EXE -cleanup -nolog [X]
S2 ClipboardFAT32Program.exe; C:\Users\S.Aerne\AppData\Local\ClipboardFAT32Program\ClipboardFAT32Program.exe [X]
S2 CodecFolderMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecFolderMotion\CodecFolderMotion.exe [X]
S2 CodecImportMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecImportMotion\CodecImportMotion.exe [X]
S2 ControlDebugOCR.exe; C:\Users\S.Aerne\AppData\Local\ControlDebugOCR\ControlDebugOCR.exe [X]
S2 FileKernelScreenshot.exe; C:\Users\S.Aerne\AppData\Local\FileKernelScreenshot\FileKernelScreenshot.exe [X]
S2 FormatMemoryMotion.exe; C:\Users\S.Aerne\AppData\Local\FormatMemoryMotion\FormatMemoryMotion.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-10-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-10-21] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2011-05-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 22:39 - 2014-10-24 22:39 - 00000627 _____ () C:\Users\S.Aerne\Desktop\JRT.txt
2014-10-24 22:26 - 2014-10-24 22:26 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck(2).exe
2014-10-24 19:24 - 2014-10-24 19:24 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck(1).exe
2014-10-24 19:14 - 2014-10-24 19:14 - 02347384 _____ (ESET) C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (2).exe
2014-10-24 09:32 - 2014-10-24 09:32 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT(1).exe
2014-10-24 09:19 - 2014-10-24 09:26 - 00001469 _____ () C:\Users\S.Aerne\Desktop\mbam.txt
2014-10-23 21:51 - 2014-10-24 22:22 - 00002092 _____ () C:\Users\S.Aerne\Desktop\eset.txt
2014-10-23 17:57 - 2014-10-23 17:57 - 02347384 _____ (ESET) C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (1).exe
2014-10-23 15:23 - 2014-10-24 09:44 - 00025584 _____ () C:\Users\S.Aerne\Downloads\Addition.txt
2014-10-23 15:22 - 2014-10-24 22:43 - 00015021 _____ () C:\Users\S.Aerne\Downloads\FRST.txt
2014-10-23 15:22 - 2014-10-24 22:42 - 00000000 ____D () C:\FRST
2014-10-23 15:21 - 2014-10-23 15:22 - 02112000 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST64.exe
2014-10-23 14:47 - 2014-10-23 14:47 - 01705698 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT633.exe
2014-10-23 14:29 - 2014-10-23 14:29 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck.exe
2014-10-23 13:32 - 2014-10-23 13:32 - 01103360 _____ (Farbar) C:\Users\S.Aerne\Downloads\FRST.exe
2014-10-23 13:31 - 2014-10-23 13:31 - 00000790 _____ () C:\Users\S.Aerne\Desktop\Defogger.lnk
2014-10-23 13:23 - 2014-10-23 13:23 - 00380416 _____ () C:\Users\S.Aerne\Downloads\Gmer-19357.exe
2014-10-23 13:15 - 2014-10-23 13:31 - 00000528 _____ () C:\Users\S.Aerne\Downloads\defogger_disable.log
2014-10-23 13:15 - 2014-10-23 13:15 - 00000188 _____ () C:\Users\S.Aerne\defogger_reenable
2014-10-23 13:14 - 2014-10-23 13:14 - 00050477 _____ () C:\Users\S.Aerne\Downloads\Defogger.exe
2014-10-22 12:25 - 2014-10-22 12:25 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001(1).exe
2014-10-22 12:24 - 2014-10-22 12:24 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-22 12:24 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-22 12:23 - 2014-10-22 12:23 - 36254312 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup 33.0.exe
2014-10-22 12:20 - 2014-10-22 12:20 - 00244408 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup Stub 33.0.exe
2014-10-21 15:00 - 2014-10-21 15:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part6.rar
2014-10-21 14:52 - 2014-10-21 15:14 - 141500350 _____ () C:\Users\S.Aerne\Downloads\01artus01.part7.rar
2014-10-21 14:25 - 2014-10-21 14:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\S.Aerne\Downloads\revosetup95.exe
2014-10-21 14:25 - 2014-10-21 14:25 - 00001264 _____ () C:\Users\S.Aerne\Desktop\Revo Uninstaller.lnk
2014-10-21 13:51 - 2014-10-21 13:51 - 00014848 ___SH () C:\Users\S.Aerne\Thumbs.db
2014-10-21 13:43 - 2014-10-21 13:43 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\ProductData
2014-10-21 13:42 - 2014-10-24 22:35 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-21 13:42 - 2014-10-21 13:43 - 00002890 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_S.Aerne
2014-10-21 13:42 - 2014-10-21 13:43 - 00000000 ____D () C:\ProgramData\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00001252 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00001228 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\IObit
2014-10-21 13:42 - 2014-10-21 13:42 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-21 13:41 - 2014-10-21 13:41 - 01125200 _____ () C:\Users\S.Aerne\Downloads\IObit Uninstaller - CHIP-Installer.exe
2014-10-21 13:19 - 2014-10-21 13:19 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001.exe
2014-10-21 12:41 - 2014-10-21 12:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part5.rar
2014-10-21 12:27 - 2014-10-21 12:37 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part4.rar
2014-10-21 12:07 - 2014-10-21 12:59 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part1.rar
2014-10-21 12:01 - 2014-10-21 12:21 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part3.rar
2014-10-21 11:59 - 2014-10-21 12:09 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part2.rar
2014-10-21 10:48 - 2014-10-21 10:48 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\S.Aerne\Downloads\mbam_premium.exe
2014-10-21 10:48 - 2014-10-21 10:48 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-20 16:52 - 2014-10-20 16:52 - 05401624 _____ (Canneverbe Limited ) C:\Users\S.Aerne\Downloads\cdbxp_setup_4.5.4.5118.exe
2014-10-20 16:52 - 2014-10-20 16:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-20 16:24 - 2014-10-20 16:24 - 00000208 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Pack.url
2014-10-17 15:47 - 2014-10-17 15:47 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Company of Heroes 2.url
2014-10-17 15:44 - 2014-10-17 15:44 - 00000223 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Unfinished Business.url
2014-10-16 23:53 - 2014-10-16 23:53 - 00245760 _____ () C:\Users\S.Aerne\Downloads\Q-Dance_Hardstyle_Top_40_June_2014.rar.part
2014-10-16 19:51 - 2014-10-22 12:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-16 19:49 - 2009-06-10 23:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20141016-194925.backup
2014-10-16 18:38 - 2014-10-16 18:38 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\QuickScan
2014-10-16 18:35 - 2014-10-16 18:35 - 00567639 _____ () C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu.exe
2014-10-16 18:34 - 2014-10-16 18:34 - 01170104 _____ (Zugara Investments Limited ) C:\Users\S.Aerne\Downloads\esetsmartinstallerdeuexe.exe
2014-10-16 18:30 - 2014-10-21 10:53 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-10-16 18:30 - 2014-10-21 10:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-16 18:30 - 2014-10-16 18:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-16 18:29 - 2014-10-16 18:30 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4(1).exe
2014-10-16 18:29 - 2014-10-16 18:29 - 04321294 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4.exe
2014-10-16 13:23 - 2014-10-16 13:23 - 00002187 _____ () C:\Users\S.Aerne\Desktop\Pox Nora.lnk
2014-10-16 13:23 - 2014-10-16 13:23 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pox Nora
2014-10-16 13:22 - 2014-10-16 13:22 - 00000000 ____D () C:\Program Files (x86)\Desert Owl Games
2014-10-16 13:21 - 2014-10-16 13:22 - 34412032 _____ (Desert Owl Games) C:\Users\S.Aerne\Downloads\PoxNora.exe
2014-10-16 11:55 - 2014-10-16 11:55 - 04280468 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot_27341.exe
2014-10-16 11:53 - 2014-10-16 11:53 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\LavasoftStatistics
2014-10-16 11:47 - 2014-10-16 11:47 - 02806920 _____ () C:\Users\S.Aerne\Downloads\Adaware_Installer_11.3.exe
2014-10-16 11:27 - 2014-10-21 20:25 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Desktop\JRT_NEW.exe
2014-10-16 11:27 - 2014-10-16 11:27 - 01705141 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT-631.exe
2014-10-15 13:11 - 2014-10-15 13:11 - 00000000 _____ () C:\autoexec.bat
2014-10-15 13:10 - 2014-10-16 11:18 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-15 13:09 - 2014-10-15 13:09 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\S.Aerne\Downloads\SpyHunter-Installer.exe
2014-10-15 11:59 - 2014-10-15 11:59 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-10-15 11:56 - 2014-10-15 11:56 - 00003400 _____ () C:\Windows\system32\.crusader
2014-10-15 11:46 - 2014-10-15 11:58 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-15 11:46 - 2014-10-15 11:46 - 11194928 _____ (SurfRight B.V.) C:\Users\S.Aerne\Downloads\HitmanPro_x64.exe
2014-10-15 11:14 - 2014-10-15 12:06 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Nico Mak Computing
2014-10-15 11:10 - 2014-10-24 22:37 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-21 10:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 11:09 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-15 11:09 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 11:07 - 2014-10-15 11:07 - 01125200 _____ () C:\Users\S.Aerne\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-10-15 10:50 - 2014-10-15 10:50 - 01169160 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\csbsetup.exe
2014-10-15 10:49 - 2014-10-15 10:49 - 02894945 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\asdsetup.exe
2014-10-15 10:33 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 10:33 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 10:33 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 10:32 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 10:32 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 10:32 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 10:32 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 10:32 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 10:32 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 10:32 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 10:32 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 10:32 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 10:32 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 10:32 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 10:32 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 10:32 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 10:32 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 10:32 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 10:32 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 10:32 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 10:32 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 10:32 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 10:32 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 10:31 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 10:31 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 10:31 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 10:31 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 10:31 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 10:31 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 10:31 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 10:31 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 10:31 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 10:31 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 10:31 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 10:31 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 10:31 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 10:31 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 10:31 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 10:31 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 10:31 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 10:31 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 10:31 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 10:31 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 10:31 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 10:31 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 10:31 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 10:31 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 10:31 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 10:31 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 10:31 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 10:31 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 10:31 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 10:31 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 10:31 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 10:31 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 10:31 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 10:31 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 10:31 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 10:31 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 10:31 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 10:31 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 10:30 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 10:30 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 10:30 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 10:30 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 10:30 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 10:30 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 10:30 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 10:30 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 10:30 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 10:30 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 10:21 - 2014-10-15 10:21 - 00000000 ____D () C:\Windows\SysWOW64\GammaMethodRegister
2014-10-11 17:22 - 2014-10-11 17:24 - 00000000 ____D () C:\Users\S.Aerne\Documents\Heroes of the Storm
2014-10-11 17:18 - 2014-10-11 17:18 - 00001189 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2014-10-11 17:18 - 2014-10-11 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-10-11 17:06 - 2014-10-17 08:59 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-10-11 17:04 - 2014-10-11 17:04 - 07080744 _____ (Blizzard Entertainment) C:\Users\S.Aerne\Downloads\Heroes-of-the-Storm-Setup-enUS.exe
2014-10-11 15:18 - 2014-10-11 15:19 - 09020704 _____ (HEX Entertainment ) C:\Users\S.Aerne\Downloads\HEXSetup(1).exe
2014-10-10 18:48 - 2014-10-10 19:30 - 00000000 ____D () C:\Users\S.Aerne\Documents\BloodBowlChaos
2014-10-10 08:40 - 2014-10-10 08:40 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Blood Bowl Chaos Edition.url
2014-10-07 11:00 - 2014-10-07 11:10 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part4.rar
2014-10-07 10:37 - 2014-10-07 10:47 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part3.rar
2014-10-07 10:25 - 2014-10-07 11:26 - 186626412 _____ () C:\Users\S.Aerne\Downloads\01terror.part5.rar
2014-10-07 10:25 - 2014-10-07 11:22 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part1.rar
2014-10-07 10:25 - 2014-10-07 10:35 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part2.rar
2014-10-03 13:17 - 2014-10-10 08:41 - 00000000 ____D () C:\Users\S.Aerne\Documents\majesty2
2014-10-03 13:17 - 2014-10-03 13:17 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive
2014-10-03 12:40 - 2014-10-03 12:40 - 00000221 _____ () C:\Users\S.Aerne\Desktop\Majesty 2 Collection.url
2014-10-01 12:18 - 2014-10-01 12:18 - 00000218 _____ () C:\Users\S.Aerne\Desktop\Half-Life.url
2014-10-01 09:29 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 09:29 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 15:20 - 2014-09-30 15:20 - 00001618 _____ () C:\Users\Public\Desktop\Braveland.lnk
2014-09-26 12:36 - 2014-09-26 12:36 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Prime World.url
2014-09-24 10:21 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 10:21 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-24 22:41 - 2010-08-24 18:03 - 01496325 _____ () C:\Windows\WindowsUpdate.log
2014-10-24 22:34 - 2014-02-23 12:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-24 22:34 - 2010-08-25 01:42 - 00450218 _____ () C:\Windows\PFRO.log
2014-10-24 22:34 - 2010-08-24 21:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-24 22:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-24 22:34 - 2009-07-14 06:51 - 00216472 _____ () C:\Windows\setupact.log
2014-10-24 22:33 - 2014-09-14 09:39 - 00000000 ____D () C:\AdwCleaner
2014-10-24 22:09 - 2012-07-18 08:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-24 22:08 - 2011-03-07 12:47 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Musik
2014-10-24 22:08 - 2011-02-18 14:50 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Games
2014-10-24 09:39 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-24 09:39 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-24 09:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Branding
2014-10-23 13:36 - 2014-09-13 09:24 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-10-23 13:15 - 2010-08-24 18:16 - 00000000 ____D () C:\Users\S.Aerne
2014-10-21 20:27 - 2010-12-29 12:14 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Hörbücher
2014-10-21 15:10 - 2009-07-14 19:58 - 00711602 _____ () C:\Windows\system32\perfh007.dat
2014-10-21 15:10 - 2009-07-14 19:58 - 00155078 _____ () C:\Windows\system32\perfc007.dat
2014-10-21 15:10 - 2009-07-14 07:13 - 01649556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-21 14:46 - 2010-12-27 14:22 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-21 14:45 - 2010-12-27 14:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-21 14:45 - 2010-12-27 14:22 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-21 14:25 - 2014-09-14 10:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-21 13:54 - 2013-03-23 20:33 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\My Games
2014-10-21 13:54 - 2010-08-25 17:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-21 13:21 - 2014-09-12 07:25 - 00001079 _____ () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-10-20 17:08 - 2014-09-12 15:02 - 00000000 ____D () C:\Program Files (x86)\HEX
2014-10-20 16:52 - 2010-11-08 22:11 - 00001155 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-10-20 16:52 - 2010-11-08 22:11 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-20 16:40 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 16:27 - 2009-07-14 06:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-18 08:44 - 2013-10-25 11:31 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\Battle.net
2014-10-17 16:13 - 2014-03-18 15:00 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-10-16 16:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 11:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-16 11:03 - 2009-07-14 06:45 - 00299528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 11:01 - 2014-05-06 15:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 11:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 13:39 - 2013-08-15 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:37 - 2010-09-04 12:08 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 11:59 - 2010-08-24 18:42 - 00000000 ____D () C:\Users\S.Aerne\Tracing
2014-10-15 11:56 - 2014-09-13 09:25 - 00000000 ____D () C:\Windows\SysWOW64\FormatMBRRuntime
2014-10-13 09:41 - 2013-10-25 11:33 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-11 17:22 - 2010-08-25 00:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-11 17:05 - 2013-10-25 11:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-11 15:19 - 2014-09-12 15:02 - 00001070 _____ () C:\Users\Public\Desktop\HEX.lnk
2014-10-11 15:19 - 2014-09-12 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEX
2014-10-11 09:12 - 2014-07-10 15:02 - 00000000 ____D () C:\Users\S.Aerne\Documents\Stronghold Crusader
2014-10-10 18:32 - 2010-09-27 11:58 - 00621293 _____ () C:\Windows\DirectX.log
2014-10-02 15:53 - 2010-08-24 18:36 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-30 15:20 - 2014-02-07 10:40 - 00000000 ____D () C:\GOG Games
2014-09-30 15:20 - 2014-02-07 10:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-09-30 15:20 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-30 13:42 - 2014-02-07 10:34 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\GOG.com
2014-09-26 12:48 - 2012-05-18 19:27 - 00000000 ____D () C:\Users\S.Aerne\Documents\My Games
2014-09-24 11:09 - 2012-07-18 08:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 11:09 - 2012-07-18 08:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 11:09 - 2011-12-02 03:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\S.Aerne\AppData\Local\Temp\msvcr80.dll
C:\Users\S.Aerne\AppData\Local\Temp\Quarantine.exe
C:\Users\S.Aerne\AppData\Local\Temp\SimPack.exe
C:\Users\S.Aerne\AppData\Local\Temp\sqlite3.dll
C:\Users\S.Aerne\AppData\Local\Temp\zlib1.dll
C:\Users\S.Aerne\AppData\Local\Temp\_isAB6B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 15:53

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-10-2014
Ran by S.Aerne at 2014-10-24 22:43:37
Running from C:\Users\S.Aerne\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle Isle Platinum (HKLM-x32\...\GOGPACKBATTLEISLEPLATINUM_is1) (Version: 2.1.0.19 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackguards (HKLM-x32\...\Steam App 249650) (Version:  - Daedalic Entertainment)
Blood Bowl: Chaos Edition (HKLM-x32\...\Steam App 216890) (Version:  - Cyanide Studios)
Braveland (HKLM-x32\...\GOGPACKBRAVELAND_is1) (Version: 2.1.0.3 - GOG.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version:  - Level Up Labs, LLC)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Draconian Wars (HKLM-x32\...\Steam App 296590) (Version:  - Kardfy Studios)
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
Etherlords (HKLM-x32\...\Steam App 270770) (Version:  - Nival)
Etherlords II (HKLM-x32\...\Steam App 270790) (Version:  - Nival)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version:  - Stardock Entertainment)
FLOCK! (HKLM-x32\...\Steam App 21640) (Version:  - Proper Games)
Foxit Reader 5.0 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.0.2.718 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Gorky 17 (HKLM-x32\...\Steam App 253920) (Version:  - )
Grotesque Tactics: Evil Heroes (HKLM-x32\...\Steam App 46450) (Version:  - Headup Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version:  - HEX Entertainment)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit)
Jagged Alliance 2 Gold: Unfinished Business (HKLM-x32\...\Steam App 12380) (Version:  - Strategy First)
Jagged Alliance 2: Gold Pack (HKLM-x32\...\Steam App 12370) (Version:  - Strategy First)
Java Auto Updater (x32 Version: 2.0.4.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Majesty 2 Collection (HKLM-x32\...\Steam App 73020) (Version:  - 1C:InoCo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
MMDoC-PDCLive Launcher (HKCU\...\3114a86aa00b92d7) (Version: 1.0.1.1 - Ubisoft)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MP Manager (HKLM-x32\...\{D62460AF-5A0E-44F7-A647-C79076C5CA65}) (Version: 1.0.4715 - MPMAN)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Pox Nora 1.8 (HKLM-x32\...\3055-2232-0137-3195) (Version: 1.8 - Desert Owl Games)
Prime World (HKLM-x32\...\Steam App 235340) (Version:  - Nival)
Prime World: Defenders (HKLM-x32\...\Steam App 235360) (Version:  - Nival)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version:  - 3D Realms)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10511 - TeamViewer GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Wakfu (HKLM-x32\...\Steam App 215080) (Version:  - Ankama)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Paradox Interactive)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinSCP 5.1.4 (HKLM-x32\...\winscp3_is1) (Version: 5.1.4 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

20-10-2014 05:53:03 Geplanter Prüfpunkt
21-10-2014 08:50:30 AA11
21-10-2014 08:50:43 Windows Update
21-10-2014 10:59:15 Removed Bonjour
21-10-2014 10:59:55 Removed Apple Mobile Device Support
21-10-2014 11:00:40 Removed Apple Application Support
21-10-2014 11:01:16 Removed Apple Software Update
21-10-2014 12:27:09 Revo Uninstaller's restore point - Shopping Helper Smartbar
21-10-2014 12:43:33 Removed iTunes
21-10-2014 12:45:15 Removed QuickTime

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-10-16 19:49 - 00450713 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        Gadgets And More
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1497AE49-32B5-4CB5-A34B-5E683461C01E} - System32\Tasks\{2D11BC38-BC04-40C6-89C1-82353F9ABE4B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {1BCDBB30-79DA-45F0-AC6A-7EFA2D763068} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {84850552-32DC-4798-9EC5-B9406A0C9465} - System32\Tasks\Uninstaller_SkipUac_S.Aerne => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-21] (IObit)
Task: {AEAE8254-C339-44CE-BD29-B2E72526D93C} - \PC Performer Logon Scan No Task File <==== ATTENTION
Task: {AF1BE5C7-2138-4C5F-869C-7C3ED971F9F7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {BBCE63A8-9FDD-48C8-8CF0-BFFB6A9A450A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {FBDB51E8-1AC7-4A3B-867F-D2B43E4FF7A5} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-12-19 14:04 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-15 10:21 - 2014-10-13 11:01 - 00068096 _____ () C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe
2014-10-22 12:24 - 2014-10-11 14:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-11 10:09 - 2014-09-11 10:09 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-762131175-2521822999-1656188121-500 - Administrator - Disabled)
ASPNET (S-1-5-21-762131175-2521822999-1656188121-1004 - Administrator - Enabled)
Gast (S-1-5-21-762131175-2521822999-1656188121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-762131175-2521822999-1656188121-1002 - Limited - Enabled)
S.Aerne (S-1-5-21-762131175-2521822999-1656188121-1000 - Administrator - Enabled) => C:\Users\S.Aerne

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2014 10:42:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (10/24/2014 10:42:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (2).exe


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 4095.18 MB
Available physical RAM: 1823.5 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5880.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:315.3 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7A745740)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

schrauber 25.10.2014 18:57
In welchen Browsern?

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:23868
S2 CodecFolderMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecFolderMotion\CodecFolderMotion.exe [X]
S2 CodecImportMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecImportMotion\CodecImportMotion.exe [X]
S2 ControlDebugOCR.exe; C:\Users\S.Aerne\AppData\Local\ControlDebugOCR\ControlDebugOCR.exe [X]
S2 FileKernelScreenshot.exe; C:\Users\S.Aerne\AppData\Local\FileKernelScreenshot\FileKernelScreenshot.exe [X]
S2 FormatMemoryMotion.exe; C:\Users\S.Aerne\AppData\Local\FormatMemoryMotion\FormatMemoryMotion.exe [X]
Task: {1BCDBB30-79DA-45F0-AC6A-7EFA2D763068} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {AEAE8254-C339-44CE-BD29-B2E72526D93C} - \PC Performer Logon Scan No Task File <==== ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Komprex 26.10.2014 06:00
Edeals zeigt sich bei Firefox und Internet Explorer. Chrome benutze ich nicht.


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-10-2014
Ran by S.Aerne at 2014-10-26 05:54:32 Run:1
Running from C:\Users\S.Aerne\Desktop
Loaded Profile: S.Aerne (Available profiles: S.Aerne)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:23868
S2 CodecFolderMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecFolderMotion\CodecFolderMotion.exe [X]
S2 CodecImportMotion.exe; C:\Users\S.Aerne\AppData\Local\CodecImportMotion\CodecImportMotion.exe [X]
S2 ControlDebugOCR.exe; C:\Users\S.Aerne\AppData\Local\ControlDebugOCR\ControlDebugOCR.exe [X]
S2 FileKernelScreenshot.exe; C:\Users\S.Aerne\AppData\Local\FileKernelScreenshot\FileKernelScreenshot.exe [X]
S2 FormatMemoryMotion.exe; C:\Users\S.Aerne\AppData\Local\FormatMemoryMotion\FormatMemoryMotion.exe [X]
Task: {1BCDBB30-79DA-45F0-AC6A-7EFA2D763068} - \PC Performer Scheduled Scan No Task File <==== ATTENTION
Task: {AEAE8254-C339-44CE-BD29-B2E72526D93C} - \PC Performer Logon Scan No Task File <==== ATTENTION
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
CodecFolderMotion.exe => Service deleted successfully.
CodecImportMotion.exe => Service deleted successfully.
ControlDebugOCR.exe => Service deleted successfully.
FileKernelScreenshot.exe => Service deleted successfully.
FormatMemoryMotion.exe => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BCDBB30-79DA-45F0-AC6A-7EFA2D763068}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BCDBB30-79DA-45F0-AC6A-7EFA2D763068}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer Scheduled Scan" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AEAE8254-C339-44CE-BD29-B2E72526D93C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEAE8254-C339-44CE-BD29-B2E72526D93C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Performer Logon Scan" => Key deleted successfully.


The system needed a reboot.

==== End of Fixlog ====

schrauber 26.10.2014 16:07
Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen




Setze folgendermassen den Internet Explorer zurück:
  • Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
  • Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
  • Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.
(Hier findest du die bebilderte Anleitung.)



Frisches FRST log bitte.

Komprex 26.10.2014 17:18
Habe Firefox komplett deinstalliert inkl allen persönlichen Einstellungen usw und danach Internet Explorer komplett zurückgesetzt.
Das Problem besteht weiterhin.

Hier die Logs:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2014
Ran by S.Aerne (administrator) on SAERNE-PC on 26-10-2014 17:13:55
Running from C:\Users\S.Aerne\Desktop
Loaded Profile: S.Aerne (Available profiles: S.Aerne)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\InterpreterProcessRemote.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\ArchiveODBCWiget.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\MountPoints2: {dc1faa98-1187-11e2-a7c6-485b39b2a165} - I:\Start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:20091
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-ch/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAECDAB5631F1CF01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\yyngqqnk.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\S.Aerne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 GammaMethodRegister; C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe [68096 2014-10-13] () [File not signed]
R2 InterpreterProcessRemote.exe; C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\InterpreterProcessRemote.exe [158720 2014-10-13] () [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-21] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 0175861394189491mcinstcleanup; C:\Users\S9B32~1.AER\AppData\Local\Temp\017586~1.EXE -cleanup -nolog [X]
S2 ClipboardFAT32Program.exe; C:\Users\S.Aerne\AppData\Local\ClipboardFAT32Program\ClipboardFAT32Program.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-10-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-10-21] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2011-05-29] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 17:13 - 2014-10-26 17:14 - 00012873 _____ () C:\Users\S.Aerne\Desktop\FRST.txt
2014-10-26 17:13 - 2014-10-26 17:13 - 00000000 ____D () C:\Users\S.Aerne\Desktop\FRST-OlderVersion
2014-10-26 17:05 - 2014-10-26 17:05 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001(2).exe
2014-10-26 16:37 - 2014-10-26 16:37 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-26 16:37 - 2014-10-26 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-26 16:37 - 2014-10-26 16:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-26 16:37 - 2014-10-26 16:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-26 16:36 - 2014-10-26 16:36 - 36254312 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup 33.0 (1).exe
2014-10-26 16:31 - 2014-10-26 16:31 - 00244408 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup Stub 33.0 (1).exe
2014-10-26 16:09 - 2014-10-26 16:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\S.Aerne\Downloads\revosetup95(1).exe
2014-10-26 16:09 - 2014-10-26 16:09 - 00001264 _____ () C:\Users\S.Aerne\Desktop\Revo Uninstaller.lnk
2014-10-26 05:52 - 2014-10-26 17:13 - 02113024 _____ (Farbar) C:\Users\S.Aerne\Desktop\FRST64.exe
2014-10-26 05:48 - 2014-10-26 05:48 - 00000000 ____D () C:\Users\S.Aerne\Downloads\FRST-OlderVersion
2014-10-24 21:39 - 2014-10-24 21:39 - 00000627 _____ () C:\Users\S.Aerne\Desktop\JRT.txt
2014-10-24 21:26 - 2014-10-24 21:26 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck(2).exe
2014-10-24 18:24 - 2014-10-24 18:24 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck(1).exe
2014-10-24 18:14 - 2014-10-24 18:14 - 02347384 _____ (ESET) C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (2).exe
2014-10-24 08:32 - 2014-10-24 08:32 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT(1).exe
2014-10-24 08:19 - 2014-10-24 08:26 - 00001469 _____ () C:\Users\S.Aerne\Desktop\mbam.txt
2014-10-23 20:51 - 2014-10-24 21:22 - 00002092 _____ () C:\Users\S.Aerne\Desktop\eset.txt
2014-10-23 16:57 - 2014-10-23 16:57 - 02347384 _____ (ESET) C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (1).exe
2014-10-23 14:23 - 2014-10-24 21:43 - 00024591 _____ () C:\Users\S.Aerne\Downloads\Addition.txt
2014-10-23 14:22 - 2014-10-26 17:13 - 00000000 ____D () C:\FRST
2014-10-23 14:22 - 2014-10-24 21:43 - 00053141 _____ () C:\Users\S.Aerne\Downloads\FRST.txt
2014-10-23 13:47 - 2014-10-23 13:47 - 01705698 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT633.exe
2014-10-23 13:29 - 2014-10-23 13:29 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck.exe
2014-10-23 12:31 - 2014-10-23 12:31 - 00000790 _____ () C:\Users\S.Aerne\Desktop\Defogger.lnk
2014-10-23 12:23 - 2014-10-23 12:23 - 00380416 _____ () C:\Users\S.Aerne\Downloads\Gmer-19357.exe
2014-10-23 12:15 - 2014-10-23 12:31 - 00000528 _____ () C:\Users\S.Aerne\Downloads\defogger_disable.log
2014-10-23 12:15 - 2014-10-23 12:15 - 00000188 _____ () C:\Users\S.Aerne\defogger_reenable
2014-10-23 12:14 - 2014-10-23 12:14 - 00050477 _____ () C:\Users\S.Aerne\Downloads\Defogger.exe
2014-10-22 11:25 - 2014-10-22 11:25 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001(1).exe
2014-10-22 11:23 - 2014-10-22 11:23 - 36254312 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup 33.0.exe
2014-10-22 11:20 - 2014-10-22 11:20 - 00244408 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup Stub 33.0.exe
2014-10-21 14:00 - 2014-10-21 14:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part6.rar
2014-10-21 13:52 - 2014-10-21 14:14 - 141500350 _____ () C:\Users\S.Aerne\Downloads\01artus01.part7.rar
2014-10-21 13:25 - 2014-10-21 13:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\S.Aerne\Downloads\revosetup95.exe
2014-10-21 12:51 - 2014-10-21 12:51 - 00014848 ___SH () C:\Users\S.Aerne\Thumbs.db
2014-10-21 12:43 - 2014-10-21 12:43 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\ProductData
2014-10-21 12:42 - 2014-10-26 05:40 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-21 12:42 - 2014-10-21 12:43 - 00000000 ____D () C:\ProgramData\IObit
2014-10-21 12:42 - 2014-10-21 12:42 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\IObit
2014-10-21 12:42 - 2014-10-21 12:42 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-21 12:41 - 2014-10-21 12:41 - 01125200 _____ () C:\Users\S.Aerne\Downloads\IObit Uninstaller - CHIP-Installer.exe
2014-10-21 12:19 - 2014-10-21 12:19 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001.exe
2014-10-21 11:41 - 2014-10-21 11:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part5.rar
2014-10-21 11:27 - 2014-10-21 11:37 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part4.rar
2014-10-21 11:07 - 2014-10-21 11:59 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part1.rar
2014-10-21 11:01 - 2014-10-21 11:21 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part3.rar
2014-10-21 10:59 - 2014-10-21 11:09 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part2.rar
2014-10-21 09:48 - 2014-10-21 09:48 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\S.Aerne\Downloads\mbam_premium.exe
2014-10-21 09:48 - 2014-10-21 09:48 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-20 15:52 - 2014-10-20 15:52 - 05401624 _____ (Canneverbe Limited ) C:\Users\S.Aerne\Downloads\cdbxp_setup_4.5.4.5118.exe
2014-10-20 15:52 - 2014-10-20 15:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-20 15:24 - 2014-10-20 15:24 - 00000208 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Pack.url
2014-10-17 14:47 - 2014-10-17 14:47 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Company of Heroes 2.url
2014-10-17 14:44 - 2014-10-17 14:44 - 00000223 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Unfinished Business.url
2014-10-16 22:53 - 2014-10-16 22:53 - 00245760 _____ () C:\Users\S.Aerne\Downloads\Q-Dance_Hardstyle_Top_40_June_2014.rar.part
2014-10-16 18:49 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20141016-194925.backup
2014-10-16 17:38 - 2014-10-16 17:38 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\QuickScan
2014-10-16 17:35 - 2014-10-16 17:35 - 00567639 _____ () C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu.exe
2014-10-16 17:34 - 2014-10-16 17:34 - 01170104 _____ (Zugara Investments Limited ) C:\Users\S.Aerne\Downloads\esetsmartinstallerdeuexe.exe
2014-10-16 17:30 - 2014-10-21 09:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-16 17:30 - 2014-10-16 17:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-16 17:29 - 2014-10-16 17:30 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4(1).exe
2014-10-16 17:29 - 2014-10-16 17:29 - 04321294 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4.exe
2014-10-16 12:23 - 2014-10-16 12:23 - 00002187 _____ () C:\Users\S.Aerne\Desktop\Pox Nora.lnk
2014-10-16 12:23 - 2014-10-16 12:23 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pox Nora
2014-10-16 12:22 - 2014-10-16 12:22 - 00000000 ____D () C:\Program Files (x86)\Desert Owl Games
2014-10-16 12:21 - 2014-10-16 12:22 - 34412032 _____ (Desert Owl Games) C:\Users\S.Aerne\Downloads\PoxNora.exe
2014-10-16 10:55 - 2014-10-16 10:55 - 04280468 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot_27341.exe
2014-10-16 10:53 - 2014-10-16 10:53 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\LavasoftStatistics
2014-10-16 10:47 - 2014-10-16 10:47 - 02806920 _____ () C:\Users\S.Aerne\Downloads\Adaware_Installer_11.3.exe
2014-10-16 10:27 - 2014-10-21 19:25 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Desktop\JRT_NEW.exe
2014-10-16 10:27 - 2014-10-16 10:27 - 01705141 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT-631.exe
2014-10-15 12:11 - 2014-10-15 12:11 - 00000000 _____ () C:\autoexec.bat
2014-10-15 12:10 - 2014-10-16 10:18 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-15 12:09 - 2014-10-15 12:09 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\S.Aerne\Downloads\SpyHunter-Installer.exe
2014-10-15 10:59 - 2014-10-15 10:59 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-10-15 10:56 - 2014-10-15 10:56 - 00003400 _____ () C:\Windows\system32\.crusader
2014-10-15 10:46 - 2014-10-15 10:58 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-15 10:46 - 2014-10-15 10:46 - 11194928 _____ (SurfRight B.V.) C:\Users\S.Aerne\Downloads\HitmanPro_x64.exe
2014-10-15 10:14 - 2014-10-15 11:06 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Nico Mak Computing
2014-10-15 10:10 - 2014-10-26 17:12 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 10:09 - 2014-10-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 10:09 - 2014-10-21 09:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 10:09 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-15 10:09 - 2014-10-01 10:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-15 10:09 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 10:07 - 2014-10-15 10:07 - 01125200 _____ () C:\Users\S.Aerne\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-10-15 09:50 - 2014-10-15 09:50 - 01169160 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\csbsetup.exe
2014-10-15 09:49 - 2014-10-15 09:49 - 02894945 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\asdsetup.exe
2014-10-15 09:33 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 09:33 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 09:32 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 09:32 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 09:32 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 09:32 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 09:32 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 09:32 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 09:32 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 09:32 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 09:32 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 09:32 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 09:32 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 09:32 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 09:32 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 09:32 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 09:32 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 09:32 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 09:32 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 09:32 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 09:32 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 09:32 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 09:32 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 09:32 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 09:32 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 09:32 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 09:32 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 09:32 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 09:32 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 09:32 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 09:32 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 09:32 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 09:32 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 09:32 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 09:32 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 09:32 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 09:32 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 09:31 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 09:31 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 09:31 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 09:31 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 09:31 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 09:31 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 09:31 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 09:31 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 09:31 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 09:31 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 09:31 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 09:31 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 09:31 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 09:31 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 09:31 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 09:31 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 09:31 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 09:31 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 09:31 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 09:31 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 09:31 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 09:31 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 09:31 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 09:31 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 09:31 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 09:31 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 09:31 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 09:31 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 09:31 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 09:31 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 09:31 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 09:31 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 09:31 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 09:31 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 09:31 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 09:31 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 09:31 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 09:31 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 09:31 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 09:31 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 09:31 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 09:31 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 09:31 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 09:31 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 09:31 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 09:31 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 09:31 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 09:31 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 09:31 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 09:31 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 09:31 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 09:31 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 09:31 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 09:31 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 09:31 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 09:31 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 09:31 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 09:31 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 09:31 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 09:31 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 09:30 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 09:30 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 09:30 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 09:30 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 09:30 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 09:30 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 09:30 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 09:30 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 09:30 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 09:30 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 09:30 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 09:30 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 09:30 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 09:30 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 09:30 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 09:21 - 2014-10-15 10:01 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote
2014-10-15 09:21 - 2014-10-15 09:21 - 00000000 ____D () C:\Windows\SysWOW64\GammaMethodRegister
2014-10-11 16:22 - 2014-10-11 16:24 - 00000000 ____D () C:\Users\S.Aerne\Documents\Heroes of the Storm
2014-10-11 16:18 - 2014-10-11 16:18 - 00001189 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2014-10-11 16:18 - 2014-10-11 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-10-11 16:06 - 2014-10-17 07:59 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-10-11 16:04 - 2014-10-11 16:04 - 07080744 _____ (Blizzard Entertainment) C:\Users\S.Aerne\Downloads\Heroes-of-the-Storm-Setup-enUS.exe
2014-10-11 14:18 - 2014-10-11 14:19 - 09020704 _____ (HEX Entertainment ) C:\Users\S.Aerne\Downloads\HEXSetup(1).exe
2014-10-10 17:48 - 2014-10-10 18:30 - 00000000 ____D () C:\Users\S.Aerne\Documents\BloodBowlChaos
2014-10-10 07:40 - 2014-10-10 07:40 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Blood Bowl Chaos Edition.url
2014-10-07 10:00 - 2014-10-07 10:10 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part4.rar
2014-10-07 09:37 - 2014-10-07 09:47 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part3.rar
2014-10-07 09:25 - 2014-10-07 10:26 - 186626412 _____ () C:\Users\S.Aerne\Downloads\01terror.part5.rar
2014-10-07 09:25 - 2014-10-07 10:22 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part1.rar
2014-10-07 09:25 - 2014-10-07 09:35 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part2.rar
2014-10-03 12:17 - 2014-10-10 07:41 - 00000000 ____D () C:\Users\S.Aerne\Documents\majesty2
2014-10-03 12:17 - 2014-10-03 12:17 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive
2014-10-03 11:40 - 2014-10-03 11:40 - 00000221 _____ () C:\Users\S.Aerne\Desktop\Majesty 2 Collection.url
2014-10-01 11:18 - 2014-10-01 11:18 - 00000218 _____ () C:\Users\S.Aerne\Desktop\Half-Life.url
2014-10-01 08:29 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 08:29 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 14:20 - 2014-09-30 14:20 - 00001618 _____ () C:\Users\Public\Desktop\Braveland.lnk
2014-09-26 11:36 - 2014-09-26 11:36 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Prime World.url

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-26 17:11 - 2014-02-23 11:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-26 17:11 - 2010-08-25 00:42 - 00451348 _____ () C:\Windows\PFRO.log
2014-10-26 17:11 - 2010-08-24 20:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-26 17:11 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-26 17:11 - 2009-07-14 05:51 - 00218611 _____ () C:\Windows\setupact.log
2014-10-26 17:10 - 2014-09-14 08:39 - 00000000 ____D () C:\AdwCleaner
2014-10-26 17:10 - 2010-08-24 17:03 - 01559468 _____ () C:\Windows\WindowsUpdate.log
2014-10-26 17:09 - 2012-07-18 07:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 16:47 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-26 16:47 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 16:46 - 2009-07-14 18:58 - 00711602 _____ () C:\Windows\system32\perfh007.dat
2014-10-26 16:46 - 2009-07-14 18:58 - 00155078 _____ () C:\Windows\system32\perfc007.dat
2014-10-26 16:46 - 2009-07-14 06:13 - 01649556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-26 16:09 - 2014-09-14 09:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-26 05:55 - 2014-09-13 08:24 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-10-26 05:54 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-24 21:08 - 2011-03-07 11:47 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Musik
2014-10-24 21:08 - 2011-02-18 13:50 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Games
2014-10-24 08:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2014-10-23 12:15 - 2010-08-24 17:16 - 00000000 ____D () C:\Users\S.Aerne
2014-10-21 19:27 - 2010-12-29 11:14 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Hörbücher
2014-10-21 13:46 - 2010-12-27 13:22 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-21 13:45 - 2010-12-27 13:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-21 13:45 - 2010-12-27 13:22 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-21 12:54 - 2013-03-23 19:33 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\My Games
2014-10-21 12:54 - 2010-08-25 16:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-20 16:08 - 2014-09-12 14:02 - 00000000 ____D () C:\Program Files (x86)\HEX
2014-10-20 15:52 - 2010-11-08 21:11 - 00001155 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-10-20 15:52 - 2010-11-08 21:11 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-20 15:40 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 15:27 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-18 07:44 - 2013-10-25 10:31 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\Battle.net
2014-10-17 15:13 - 2014-03-18 14:00 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-10-16 15:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 10:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-16 10:03 - 2009-07-14 05:45 - 00299528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 10:01 - 2014-05-06 14:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 12:39 - 2013-08-15 22:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 12:37 - 2010-09-04 11:08 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 10:59 - 2010-08-24 17:42 - 00000000 ____D () C:\Users\S.Aerne\Tracing
2014-10-15 10:56 - 2014-09-13 08:25 - 00000000 ____D () C:\Windows\SysWOW64\FormatMBRRuntime
2014-10-13 08:41 - 2013-10-25 10:33 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-11 16:22 - 2010-08-24 23:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-11 16:05 - 2013-10-25 10:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-11 14:19 - 2014-09-12 14:02 - 00001070 _____ () C:\Users\Public\Desktop\HEX.lnk
2014-10-11 14:19 - 2014-09-12 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEX
2014-10-11 08:12 - 2014-07-10 14:02 - 00000000 ____D () C:\Users\S.Aerne\Documents\Stronghold Crusader
2014-10-10 17:32 - 2010-09-27 10:58 - 00621293 _____ () C:\Windows\DirectX.log
2014-10-02 14:53 - 2010-08-24 17:36 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-30 14:20 - 2014-02-07 09:40 - 00000000 ____D () C:\GOG Games
2014-09-30 14:20 - 2014-02-07 09:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-09-30 14:20 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-30 12:42 - 2014-02-07 09:34 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\GOG.com
2014-09-26 11:48 - 2012-05-18 18:27 - 00000000 ____D () C:\Users\S.Aerne\Documents\My Games

Some content of TEMP:
====================
C:\Users\S.Aerne\AppData\Local\Temp\msvcr80.dll
C:\Users\S.Aerne\AppData\Local\Temp\Quarantine.exe
C:\Users\S.Aerne\AppData\Local\Temp\SimPack.exe
C:\Users\S.Aerne\AppData\Local\Temp\sqlite3.dll
C:\Users\S.Aerne\AppData\Local\Temp\zlib1.dll
C:\Users\S.Aerne\AppData\Local\Temp\_isAB6B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-16 14:53

==================== End Of Log ============================
--- --- ---
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2014
Ran by S.Aerne at 2014-10-26 17:14:50
Running from C:\Users\S.Aerne\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle Isle Platinum (HKLM-x32\...\GOGPACKBATTLEISLEPLATINUM_is1) (Version: 2.1.0.19 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blackguards (HKLM-x32\...\Steam App 249650) (Version:  - Daedalic Entertainment)
Blood Bowl: Chaos Edition (HKLM-x32\...\Steam App 216890) (Version:  - Cyanide Studios)
Braveland (HKLM-x32\...\GOGPACKBRAVELAND_is1) (Version: 2.1.0.3 - GOG.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version:  - Level Up Labs, LLC)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Draconian Wars (HKLM-x32\...\Steam App 296590) (Version:  - Kardfy Studios)
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version:  - Ubisoft)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
Etherlords (HKLM-x32\...\Steam App 270770) (Version:  - Nival)
Etherlords II (HKLM-x32\...\Steam App 270790) (Version:  - Nival)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version:  - Stardock Entertainment)
FLOCK! (HKLM-x32\...\Steam App 21640) (Version:  - Proper Games)
Foxit Reader 5.0 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.0.2.718 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version:  - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Gorky 17 (HKLM-x32\...\Steam App 253920) (Version:  - )
Grotesque Tactics: Evil Heroes (HKLM-x32\...\Steam App 46450) (Version:  - Headup Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version:  - HEX Entertainment)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
Jagged Alliance 2 Gold: Unfinished Business (HKLM-x32\...\Steam App 12380) (Version:  - Strategy First)
Jagged Alliance 2: Gold Pack (HKLM-x32\...\Steam App 12370) (Version:  - Strategy First)
Java Auto Updater (x32 Version: 2.0.4.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Majesty 2 Collection (HKLM-x32\...\Steam App 73020) (Version:  - 1C:InoCo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
MMDoC-PDCLive Launcher (HKCU\...\3114a86aa00b92d7) (Version: 1.0.1.1 - Ubisoft)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MP Manager (HKLM-x32\...\{D62460AF-5A0E-44F7-A647-C79076C5CA65}) (Version: 1.0.4715 - MPMAN)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Pox Nora 1.8 (HKLM-x32\...\3055-2232-0137-3195) (Version: 1.8 - Desert Owl Games)
Prime World (HKLM-x32\...\Steam App 235340) (Version:  - Nival)
Prime World: Defenders (HKLM-x32\...\Steam App 235360) (Version:  - Nival)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version:  - 3D Realms)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10511 - TeamViewer GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Wakfu (HKLM-x32\...\Steam App 215080) (Version:  - Ankama)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Paradox Interactive)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinSCP 5.1.4 (HKLM-x32\...\winscp3_is1) (Version: 5.1.4 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

21-10-2014 08:50:30 AA11
21-10-2014 08:50:43 Windows Update
21-10-2014 10:59:15 Removed Bonjour
21-10-2014 10:59:55 Removed Apple Mobile Device Support
21-10-2014 11:00:40 Removed Apple Application Support
21-10-2014 11:01:16 Removed Apple Software Update
21-10-2014 12:27:09 Revo Uninstaller's restore point - Shopping Helper Smartbar
21-10-2014 12:43:33 Removed iTunes
21-10-2014 12:45:15 Removed QuickTime
26-10-2014 15:11:27 Revo Uninstaller's restore point - Mozilla Maintenance Service
26-10-2014 15:16:47 Revo Uninstaller's restore point - Mozilla Firefox 33.0 (x86 de)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-10-16 18:49 - 00450713 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1497AE49-32B5-4CB5-A34B-5E683461C01E} - System32\Tasks\{2D11BC38-BC04-40C6-89C1-82353F9ABE4B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {AF1BE5C7-2138-4C5F-869C-7C3ED971F9F7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {BBCE63A8-9FDD-48C8-8CF0-BFFB6A9A450A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {FBDB51E8-1AC7-4A3B-867F-D2B43E4FF7A5} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-12-19 13:04 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-02-23 11:53 - 2014-10-02 00:16 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 10:44 - 2014-10-21 20:22 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-02-23 11:53 - 2014-10-21 20:22 - 00682176 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-02-23 11:53 - 2014-09-05 00:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-26 16:37 - 2014-10-11 13:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-11 09:09 - 2014-09-11 09:09 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
2014-10-15 09:21 - 2014-10-13 10:01 - 00068096 _____ () C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-762131175-2521822999-1656188121-500 - Administrator - Disabled)
ASPNET (S-1-5-21-762131175-2521822999-1656188121-1004 - Administrator - Enabled)
Gast (S-1-5-21-762131175-2521822999-1656188121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-762131175-2521822999-1656188121-1002 - Limited - Enabled)
S.Aerne (S-1-5-21-762131175-2521822999-1656188121-1000 - Administrator - Enabled) => C:\Users\S.Aerne

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/26/2014 04:21:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/26/2014 04:21:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/26/2014 04:21:20 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (10/26/2014 04:20:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (10/26/2014 05:54:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xb74
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/25/2014 05:30:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ja2.exe, Version: 1.1.2.0, Zeitstempel: 0x3df9f604
Name des fehlerhaften Moduls: mss32.dll, Version: 3.0.0.0, Zeitstempel: 0x3bccbaf7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001c52
ID des fehlerhaften Prozesses: 0xcc4
Startzeit der fehlerhaften Anwendung: 0xja2.exe0
Pfad der fehlerhaften Anwendung: ja2.exe1
Pfad des fehlerhaften Moduls: ja2.exe2
Berichtskennung: ja2.exe3

Error: (10/24/2014 10:43:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/24/2014 10:39:35 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (10/24/2014 09:42:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (10/26/2014 05:12:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Error: (10/26/2014 05:11:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/26/2014 04:40:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Error: (10/26/2014 04:38:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/26/2014 04:30:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Error: (10/26/2014 04:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/26/2014 04:25:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Error: (10/26/2014 04:23:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/26/2014 04:22:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Enumeratordienst für tragbare Geräte" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1115

Error: (10/26/2014 04:22:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Zugriff auf Eingabegeräte" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1115


Microsoft Office Sessions:
=========================
Error: (10/26/2014 04:21:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/26/2014 04:21:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/26/2014 04:21:20 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (10/26/2014 04:20:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (10/26/2014 05:54:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425b7401cff0d790ba6684C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2db12392-5ccc-11e4-96ee-485b39b2a165

Error: (10/25/2014 05:30:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ja2.exe1.1.2.03df9f604mss32.dll3.0.0.03bccbaf7c000000500001c52cc401cff01fdf961aa4C:\Program Files (x86)\Steam\steamapps\common\Jagged Alliance 2 Gold\ja2.exeC:\Program Files (x86)\Steam\steamapps\common\Jagged Alliance 2 Gold\mss32.dll3d8ce488-5c64-11e4-8700-485b39b2a165

Error: (10/24/2014 10:43:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Users\s.aerne\downloads\esetsmartinstaller_deu (2).exe

Error: (10/24/2014 10:39:35 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (10/24/2014 09:42:42 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (2).exe


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 4095.18 MB
Available physical RAM: 2360.43 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 6211.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:320.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7A745740)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

schrauber 27.10.2014 09:52
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:20091
S2 GammaMethodRegister; C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe [68096 2014-10-13] () [File not signed]
C:\Windows\SysWOW64\GammaMethodRegister
R2 InterpreterProcessRemote.exe; C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\InterpreterProcessRemote.exe [158720 2014-10-13] () [File not signed]
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Komprex 27.10.2014 13:04
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-10-2014
Ran by S.Aerne at 2014-10-27 13:00:35 Run:2
Running from C:\Users\S.Aerne\Desktop
Loaded Profile: S.Aerne (Available profiles: S.Aerne)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:20091
S2 GammaMethodRegister; C:\Windows\SysWOW64\GammaMethodRegister\GammaMethodRegister.exe [68096 2014-10-13] () [File not signed]
C:\Windows\SysWOW64\GammaMethodRegister
R2 InterpreterProcessRemote.exe; C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\InterpreterProcessRemote.exe [158720 2014-10-13] () [File not signed]
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
GammaMethodRegister => Unable to stop service
GammaMethodRegister => Service deleted successfully.
C:\Windows\SysWOW64\GammaMethodRegister => Moved successfully.
InterpreterProcessRemote.exe => Unable to stop service
InterpreterProcessRemote.exe => Service deleted successfully.

"C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote" directory move:

C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\ArchiveODBCWiget.exe => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\InterpreterProcessRemote.exe => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\msvcp100.dll => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\msvcr100.dll => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\qjson0.dll => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\QtCore4.dll => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\QtNetwork4.dll => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\SrDt.exe => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-6892)-4521189\adwcleaner_4.001.exe-(PID-6352).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-6892)-4521189\ArchiveODBCWiget.exe-(PID-6892).dmp => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-632)-1926315\adwcleaner_4.001(1).exe-(PID-292).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-632)-1926315\ArchiveODBCWiget.exe-(PID-632).dmp => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-4720)-497097\adwcleaner_4.000.exe-(PID-4176).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-4720)-497097\ArchiveODBCWiget.exe-(PID-4720).dmp => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-4712)-46965286\adwcleaner_4.001(1).exe-(PID-6416).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-4712)-46965286\ArchiveODBCWiget.exe-(PID-4712).dmp => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3912)-5846277\adwcleaner_4.001(1).exe-(PID-1164).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3912)-5846277\ArchiveODBCWiget.exe-(PID-3912).dmp => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3712)-1823433\adwcleaner_4.000.exe-(PID-5384).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3712)-1823433\ArchiveODBCWiget.exe-(PID-3712).dmp => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3608)-7857255\adwcleaner_4.001.exe-(PID-2376).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3608)-7857255\ArchiveODBCWiget.exe-(PID-3608).dmp => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3380)-545379\adwcleaner_4.001(1).exe-(PID-4888).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3380)-545379\ArchiveODBCWiget.exe-(PID-3380).dmp => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3360)-606656\adwcleaner_4.001(1).exe-(PID-4580).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-3360)-606656\ArchiveODBCWiget.exe-(PID-3360).dmp => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-1484)-1816631\adwcleaner_4.001.exe-(PID-1528).dmp_PROCESS_SUBMITTED => Moved successfully.
C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote\desktop\ArchiveODBCWiget.exe-(PID-1484)-1816631\ArchiveODBCWiget.exe-(PID-1484).dmp => Moved successfully.
Could not move "C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote" directory. => Scheduled to move on reboot.


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-10-27 13:01:53)<=

C:\Users\S.Aerne\AppData\Local\InterpreterProcessRemote => Is moved successfully.

==== End of Fixlog ====

schrauber 27.10.2014 21:19
Jetzt bitte nochmal ein frisches FRST log.

Komprex 28.10.2014 11:46

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-10-2014
Ran by S.Aerne (administrator) on SAERNE-PC on 28-10-2014 11:38:34
Running from C:\Users\S.Aerne\Desktop
Loaded Profile: S.Aerne (Available profiles: S.Aerne)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-05-23] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [itype] => c:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253672 2011-01-07] (Sun Microsystems, Inc.)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-762131175-2521822999-1656188121-1000\...\MountPoints2: {dc1faa98-1187-11e2-a7c6-485b39b2a165} - I:\Start.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-ch/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAECDAB5631F1CF01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: No Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\S.Aerne\AppData\Roaming\Mozilla\Firefox\Profiles\yyngqqnk.default
FF Homepage: https://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\progra~2\mcafee\msc\npmcsn~1.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\S.Aerne\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2283296 2014-10-21] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
S2 0175861394189491mcinstcleanup; C:\Users\S9B32~1.AER\AppData\Local\Temp\017586~1.EXE -cleanup -nolog [X]
S2 ClipboardFAT32Program.exe; C:\Users\S.Aerne\AppData\Local\ClipboardFAT32Program\ClipboardFAT32Program.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-10-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-10-21] (Duplex Secure Ltd.)
S3 StarOpen; No ImagePath
R1 vmm; C:\Windows\system32\Treiber\vmm.sys [294248 2011-05-29] (Microsoft Corporation)
U0 ywot; C:\Windows\System32\drivers\ueeerx.sys [79064 2014-10-28] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 11:36 - 2014-10-28 11:36 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\ueeerx.sys
2014-10-27 12:56 - 2014-10-27 12:56 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\CheckCode
2014-10-26 17:14 - 2014-10-26 17:15 - 00031371 _____ () C:\Users\S.Aerne\Desktop\Addition.txt
2014-10-26 17:13 - 2014-10-28 11:38 - 00012641 _____ () C:\Users\S.Aerne\Desktop\FRST.txt
2014-10-26 17:13 - 2014-10-26 17:13 - 00000000 ____D () C:\Users\S.Aerne\Desktop\FRST-OlderVersion
2014-10-26 17:05 - 2014-10-26 17:05 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001(2).exe
2014-10-26 16:37 - 2014-10-26 16:37 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-26 16:37 - 2014-10-26 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-26 16:37 - 2014-10-26 16:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-26 16:37 - 2014-10-26 16:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-26 16:36 - 2014-10-26 16:36 - 36254312 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup 33.0 (1).exe
2014-10-26 16:31 - 2014-10-26 16:31 - 00244408 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup Stub 33.0 (1).exe
2014-10-26 16:09 - 2014-10-26 16:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\S.Aerne\Downloads\revosetup95(1).exe
2014-10-26 16:09 - 2014-10-26 16:09 - 00001264 _____ () C:\Users\S.Aerne\Desktop\Revo Uninstaller.lnk
2014-10-26 05:52 - 2014-10-26 17:13 - 02113024 _____ (Farbar) C:\Users\S.Aerne\Desktop\FRST64.exe
2014-10-26 05:48 - 2014-10-26 05:48 - 00000000 ____D () C:\Users\S.Aerne\Downloads\FRST-OlderVersion
2014-10-24 21:39 - 2014-10-24 21:39 - 00000627 _____ () C:\Users\S.Aerne\Desktop\JRT.txt
2014-10-24 21:26 - 2014-10-24 21:26 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck(2).exe
2014-10-24 18:24 - 2014-10-24 18:24 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck(1).exe
2014-10-24 18:14 - 2014-10-24 18:14 - 02347384 _____ (ESET) C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (2).exe
2014-10-24 08:32 - 2014-10-24 08:32 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT(1).exe
2014-10-24 08:19 - 2014-10-24 08:26 - 00001469 _____ () C:\Users\S.Aerne\Desktop\mbam.txt
2014-10-23 20:51 - 2014-10-24 21:22 - 00002092 _____ () C:\Users\S.Aerne\Desktop\eset.txt
2014-10-23 16:57 - 2014-10-23 16:57 - 02347384 _____ (ESET) C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu (1).exe
2014-10-23 14:23 - 2014-10-24 21:43 - 00024591 _____ () C:\Users\S.Aerne\Downloads\Addition.txt
2014-10-23 14:22 - 2014-10-28 11:38 - 00000000 ____D () C:\FRST
2014-10-23 14:22 - 2014-10-24 21:43 - 00053141 _____ () C:\Users\S.Aerne\Downloads\FRST.txt
2014-10-23 13:47 - 2014-10-23 13:47 - 01705698 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT633.exe
2014-10-23 13:29 - 2014-10-23 13:29 - 00854448 _____ () C:\Users\S.Aerne\Downloads\SecurityCheck.exe
2014-10-23 12:31 - 2014-10-23 12:31 - 00000790 _____ () C:\Users\S.Aerne\Desktop\Defogger.lnk
2014-10-23 12:23 - 2014-10-23 12:23 - 00380416 _____ () C:\Users\S.Aerne\Downloads\Gmer-19357.exe
2014-10-23 12:15 - 2014-10-23 12:31 - 00000528 _____ () C:\Users\S.Aerne\Downloads\defogger_disable.log
2014-10-23 12:15 - 2014-10-23 12:15 - 00000188 _____ () C:\Users\S.Aerne\defogger_reenable
2014-10-23 12:14 - 2014-10-23 12:14 - 00050477 _____ () C:\Users\S.Aerne\Downloads\Defogger.exe
2014-10-22 11:25 - 2014-10-22 11:25 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001(1).exe
2014-10-22 11:23 - 2014-10-22 11:23 - 36254312 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup 33.0.exe
2014-10-22 11:20 - 2014-10-22 11:20 - 00244408 _____ () C:\Users\S.Aerne\Downloads\Firefox Setup Stub 33.0.exe
2014-10-21 14:00 - 2014-10-21 14:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part6.rar
2014-10-21 13:52 - 2014-10-21 14:14 - 141500350 _____ () C:\Users\S.Aerne\Downloads\01artus01.part7.rar
2014-10-21 13:25 - 2014-10-21 13:25 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\S.Aerne\Downloads\revosetup95.exe
2014-10-21 12:51 - 2014-10-21 12:51 - 00014848 ___SH () C:\Users\S.Aerne\Thumbs.db
2014-10-21 12:43 - 2014-10-21 12:43 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\ProductData
2014-10-21 12:42 - 2014-10-27 12:53 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-21 12:42 - 2014-10-21 12:43 - 00000000 ____D () C:\ProgramData\IObit
2014-10-21 12:42 - 2014-10-21 12:42 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\IObit
2014-10-21 12:42 - 2014-10-21 12:42 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-21 12:41 - 2014-10-21 12:41 - 01125200 _____ () C:\Users\S.Aerne\Downloads\IObit Uninstaller - CHIP-Installer.exe
2014-10-21 12:19 - 2014-10-21 12:19 - 01962496 _____ () C:\Users\S.Aerne\Downloads\adwcleaner_4.001.exe
2014-10-21 11:41 - 2014-10-21 11:51 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part5.rar
2014-10-21 11:27 - 2014-10-21 11:37 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part4.rar
2014-10-21 11:07 - 2014-10-21 11:59 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part1.rar
2014-10-21 11:01 - 2014-10-21 11:21 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part3.rar
2014-10-21 10:59 - 2014-10-21 11:09 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01artus01.part2.rar
2014-10-21 09:48 - 2014-10-21 09:48 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\S.Aerne\Downloads\mbam_premium.exe
2014-10-21 09:48 - 2014-10-21 09:48 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-20 15:52 - 2014-10-20 15:52 - 05401624 _____ (Canneverbe Limited ) C:\Users\S.Aerne\Downloads\cdbxp_setup_4.5.4.5118.exe
2014-10-20 15:52 - 2014-10-20 15:52 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-10-20 15:24 - 2014-10-20 15:24 - 00000208 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Pack.url
2014-10-17 14:47 - 2014-10-17 14:47 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Company of Heroes 2.url
2014-10-17 14:44 - 2014-10-17 14:44 - 00000223 _____ () C:\Users\S.Aerne\Desktop\Jagged Alliance 2 Gold Unfinished Business.url
2014-10-16 22:53 - 2014-10-16 22:53 - 00245760 _____ () C:\Users\S.Aerne\Downloads\Q-Dance_Hardstyle_Top_40_June_2014.rar.part
2014-10-16 18:49 - 2009-06-10 22:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20141016-194925.backup
2014-10-16 17:38 - 2014-10-16 17:38 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\QuickScan
2014-10-16 17:35 - 2014-10-16 17:35 - 00567639 _____ () C:\Users\S.Aerne\Downloads\esetsmartinstaller_deu.exe
2014-10-16 17:34 - 2014-10-16 17:34 - 01170104 _____ (Zugara Investments Limited ) C:\Users\S.Aerne\Downloads\esetsmartinstallerdeuexe.exe
2014-10-16 17:30 - 2014-10-21 09:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-16 17:30 - 2014-10-16 17:30 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-10-16 17:29 - 2014-10-16 17:30 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4(1).exe
2014-10-16 17:29 - 2014-10-16 17:29 - 04321294 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot-2.4.exe
2014-10-16 12:23 - 2014-10-16 12:23 - 00002187 _____ () C:\Users\S.Aerne\Desktop\Pox Nora.lnk
2014-10-16 12:23 - 2014-10-16 12:23 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pox Nora
2014-10-16 12:22 - 2014-10-16 12:22 - 00000000 ____D () C:\Program Files (x86)\Desert Owl Games
2014-10-16 12:21 - 2014-10-16 12:22 - 34412032 _____ (Desert Owl Games) C:\Users\S.Aerne\Downloads\PoxNora.exe
2014-10-16 10:55 - 2014-10-16 10:55 - 04280468 _____ (Safer-Networking Ltd. ) C:\Users\S.Aerne\Downloads\spybot_27341.exe
2014-10-16 10:53 - 2014-10-16 10:53 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\LavasoftStatistics
2014-10-16 10:47 - 2014-10-16 10:47 - 02806920 _____ () C:\Users\S.Aerne\Downloads\Adaware_Installer_11.3.exe
2014-10-16 10:27 - 2014-10-21 19:25 - 01706144 _____ (Thisisu) C:\Users\S.Aerne\Desktop\JRT_NEW.exe
2014-10-16 10:27 - 2014-10-16 10:27 - 01705141 _____ (Thisisu) C:\Users\S.Aerne\Downloads\JRT-631.exe
2014-10-15 12:11 - 2014-10-15 12:11 - 00000000 _____ () C:\autoexec.bat
2014-10-15 12:10 - 2014-10-16 10:18 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-10-15 12:09 - 2014-10-15 12:09 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\S.Aerne\Downloads\SpyHunter-Installer.exe
2014-10-15 10:59 - 2014-10-15 10:59 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-10-15 10:56 - 2014-10-15 10:56 - 00003400 _____ () C:\Windows\system32\.crusader
2014-10-15 10:46 - 2014-10-15 10:58 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-15 10:46 - 2014-10-15 10:46 - 11194928 _____ (SurfRight B.V.) C:\Users\S.Aerne\Downloads\HitmanPro_x64.exe
2014-10-15 10:14 - 2014-10-15 11:06 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\Nico Mak Computing
2014-10-15 10:10 - 2014-10-28 11:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-15 10:09 - 2014-10-21 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-15 10:09 - 2014-10-21 09:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-15 10:09 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-15 10:09 - 2014-10-01 10:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-15 10:09 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-15 10:07 - 2014-10-15 10:07 - 01125200 _____ () C:\Users\S.Aerne\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-10-15 09:50 - 2014-10-15 09:50 - 01169160 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\csbsetup.exe
2014-10-15 09:49 - 2014-10-15 09:49 - 02894945 _____ (Anvisoft) C:\Users\S.Aerne\Downloads\asdsetup.exe
2014-10-15 09:33 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 09:33 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 09:33 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 09:32 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 09:32 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 09:32 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 09:32 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 09:32 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 09:32 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 09:32 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 09:32 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 09:32 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 09:32 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 09:32 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 09:32 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 09:32 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 09:32 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 09:32 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 09:32 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 09:32 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 09:32 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 09:32 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 09:32 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 09:32 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 09:32 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 09:32 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 09:32 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 09:32 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 09:32 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 09:32 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 09:32 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 09:32 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 09:32 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 09:32 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 09:32 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 09:32 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 09:32 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 09:32 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 09:32 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 09:32 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 09:31 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 09:31 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 09:31 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 09:31 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 09:31 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 09:31 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 09:31 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 09:31 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 09:31 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 09:31 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 09:31 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 09:31 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 09:31 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 09:31 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 09:31 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 09:31 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 09:31 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 09:31 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 09:31 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 09:31 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 09:31 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 09:31 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 09:31 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 09:31 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 09:31 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 09:31 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 09:31 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 09:31 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 09:31 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 09:31 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 09:31 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 09:31 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 09:31 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 09:31 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 09:31 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 09:31 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 09:31 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 09:31 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 09:31 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 09:31 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 09:31 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 09:31 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 09:31 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 09:31 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 09:31 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 09:31 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 09:31 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 09:31 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 09:31 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 09:31 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 09:31 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 09:31 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 09:31 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 09:31 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 09:31 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 09:31 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 09:31 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 09:31 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 09:31 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 09:31 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 09:30 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 09:30 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 09:30 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 09:30 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 09:30 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 09:30 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 09:30 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 09:30 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 09:30 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 09:30 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 09:30 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 09:30 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 09:30 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 09:30 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 09:30 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 09:30 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-11 16:22 - 2014-10-11 16:24 - 00000000 ____D () C:\Users\S.Aerne\Documents\Heroes of the Storm
2014-10-11 16:18 - 2014-10-11 16:18 - 00001189 _____ () C:\Users\Public\Desktop\Heroes of the Storm.lnk
2014-10-11 16:18 - 2014-10-11 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2014-10-11 16:06 - 2014-10-17 07:59 - 00000000 ____D () C:\Program Files (x86)\Heroes of the Storm
2014-10-11 16:04 - 2014-10-11 16:04 - 07080744 _____ (Blizzard Entertainment) C:\Users\S.Aerne\Downloads\Heroes-of-the-Storm-Setup-enUS.exe
2014-10-11 14:18 - 2014-10-11 14:19 - 09020704 _____ (HEX Entertainment ) C:\Users\S.Aerne\Downloads\HEXSetup(1).exe
2014-10-10 17:48 - 2014-10-10 18:30 - 00000000 ____D () C:\Users\S.Aerne\Documents\BloodBowlChaos
2014-10-10 07:40 - 2014-10-10 07:40 - 00000222 _____ () C:\Users\S.Aerne\Desktop\Blood Bowl Chaos Edition.url
2014-10-07 10:00 - 2014-10-07 10:10 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part4.rar
2014-10-07 09:37 - 2014-10-07 09:47 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part3.rar
2014-10-07 09:25 - 2014-10-07 10:26 - 186626412 _____ () C:\Users\S.Aerne\Downloads\01terror.part5.rar
2014-10-07 09:25 - 2014-10-07 10:22 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part1.rar
2014-10-07 09:25 - 2014-10-07 09:35 - 209715200 _____ () C:\Users\S.Aerne\Downloads\01terror.part2.rar
2014-10-03 12:17 - 2014-10-10 07:41 - 00000000 ____D () C:\Users\S.Aerne\Documents\majesty2
2014-10-03 12:17 - 2014-10-03 12:17 - 00000000 ____D () C:\Program Files (x86)\Paradox Interactive
2014-10-03 11:40 - 2014-10-03 11:40 - 00000221 _____ () C:\Users\S.Aerne\Desktop\Majesty 2 Collection.url
2014-10-01 11:18 - 2014-10-01 11:18 - 00000218 _____ () C:\Users\S.Aerne\Desktop\Half-Life.url
2014-10-01 08:29 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 08:29 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 14:20 - 2014-09-30 14:20 - 00001618 _____ () C:\Users\Public\Desktop\Braveland.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 11:36 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-10-28 11:29 - 2010-08-24 17:03 - 01634930 _____ () C:\Windows\WindowsUpdate.log
2014-10-28 11:29 - 2009-07-14 18:58 - 00711602 _____ () C:\Windows\system32\perfh007.dat
2014-10-28 11:29 - 2009-07-14 18:58 - 00155078 _____ () C:\Windows\system32\perfc007.dat
2014-10-28 11:29 - 2009-07-14 06:13 - 01649556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-28 11:29 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-28 11:29 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-28 11:22 - 2014-02-23 11:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-28 11:22 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-28 11:22 - 2009-07-14 05:51 - 00219115 _____ () C:\Windows\setupact.log
2014-10-28 11:21 - 2010-08-24 20:54 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-27 14:09 - 2012-07-18 07:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-26 17:11 - 2010-08-25 00:42 - 00451348 _____ () C:\Windows\PFRO.log
2014-10-26 17:10 - 2014-09-14 08:39 - 00000000 ____D () C:\AdwCleaner
2014-10-26 16:09 - 2014-09-14 09:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-26 05:55 - 2014-09-13 08:24 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-10-26 05:54 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-10-24 21:08 - 2011-03-07 11:47 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Musik
2014-10-24 21:08 - 2011-02-18 13:50 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Games
2014-10-24 08:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2014-10-23 12:15 - 2010-08-24 17:16 - 00000000 ____D () C:\Users\S.Aerne
2014-10-21 19:27 - 2010-12-29 11:14 - 00000000 ____D () C:\Users\S.Aerne\Downloads\Hörbücher
2014-10-21 13:46 - 2010-12-27 13:22 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-21 13:45 - 2010-12-27 13:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-21 13:45 - 2010-12-27 13:22 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-21 12:54 - 2013-03-23 19:33 - 00000000 ____D () C:\Users\S.Aerne\AppData\Roaming\My Games
2014-10-21 12:54 - 2010-08-25 16:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-20 16:08 - 2014-09-12 14:02 - 00000000 ____D () C:\Program Files (x86)\HEX
2014-10-20 15:52 - 2010-11-08 21:11 - 00001155 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-10-20 15:52 - 2010-11-08 21:11 - 00001105 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-10-20 15:40 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-20 15:27 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-18 07:44 - 2013-10-25 10:31 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\Battle.net
2014-10-17 15:13 - 2014-03-18 14:00 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-10-16 15:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 10:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-16 10:03 - 2009-07-14 05:45 - 00299528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 10:01 - 2014-05-06 14:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 10:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 12:39 - 2013-08-15 22:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 12:37 - 2010-09-04 11:08 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 10:59 - 2010-08-24 17:42 - 00000000 ____D () C:\Users\S.Aerne\Tracing
2014-10-15 10:56 - 2014-09-13 08:25 - 00000000 ____D () C:\Windows\SysWOW64\FormatMBRRuntime
2014-10-13 08:41 - 2013-10-25 10:33 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-11 16:22 - 2010-08-24 23:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-11 16:05 - 2013-10-25 10:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-11 14:19 - 2014-09-12 14:02 - 00001070 _____ () C:\Users\Public\Desktop\HEX.lnk
2014-10-11 14:19 - 2014-09-12 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HEX
2014-10-11 08:12 - 2014-07-10 14:02 - 00000000 ____D () C:\Users\S.Aerne\Documents\Stronghold Crusader
2014-10-10 17:32 - 2010-09-27 10:58 - 00621293 _____ () C:\Windows\DirectX.log
2014-10-02 14:53 - 2010-08-24 17:36 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-30 14:20 - 2014-02-07 09:40 - 00000000 ____D () C:\GOG Games
2014-09-30 14:20 - 2014-02-07 09:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-09-30 14:20 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-30 12:42 - 2014-02-07 09:34 - 00000000 ____D () C:\Users\S.Aerne\AppData\Local\GOG.com

Some content of TEMP:
====================
C:\Users\S.Aerne\AppData\Local\Temp\msvcr80.dll
C:\Users\S.Aerne\AppData\Local\Temp\Quarantine.exe
C:\Users\S.Aerne\AppData\Local\Temp\SimPack.exe
C:\Users\S.Aerne\AppData\Local\Temp\sqlite3.dll
C:\Users\S.Aerne\AppData\Local\Temp\zlib1.dll
C:\Users\S.Aerne\AppData\Local\Temp\_isAB6B.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 17:40

==================== End Of Log ============================
--- --- ---



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2014
Ran by S.Aerne at 2014-10-28 11:39:20
Running from C:\Users\S.Aerne\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version: - Triumph Studios)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle Isle Platinum (HKLM-x32\...\GOGPACKBATTLEISLEPLATINUM_is1) (Version: 2.1.0.19 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Blackguards (HKLM-x32\...\Steam App 249650) (Version: - Daedalic Entertainment)
Blood Bowl: Chaos Edition (HKLM-x32\...\Steam App 216890) (Version: - Cyanide Studios)
Braveland (HKLM-x32\...\GOGPACKBRAVELAND_is1) (Version: 2.1.0.3 - GOG.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5118 - CDBurnerXP)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version: - Level Up Labs, LLC)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Draconian Wars (HKLM-x32\...\Steam App 296590) (Version: - Kardfy Studios)
Duel of Champions (HKLM-x32\...\MMDoC-PDCLive) (Version: - Ubisoft)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dungeon Keeper Gold (HKLM-x32\...\GOGPACKDUNGEONKEEPER_is1) (Version: 2.0.0.4 - GOG.com)
Etherlords (HKLM-x32\...\Steam App 270770) (Version: - Nival)
Etherlords II (HKLM-x32\...\Steam App 270790) (Version: - Nival)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version: - Stardock Entertainment)
FLOCK! (HKLM-x32\...\Steam App 21640) (Version: - Proper Games)
Foxit Reader 5.0 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.0.2.718 - Foxit Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version: - )
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version: - )
Gorky 17 (HKLM-x32\...\Steam App 253920) (Version: - )
Grotesque Tactics: Evil Heroes (HKLM-x32\...\Steam App 46450) (Version: - Headup Games)
Half-Life (HKLM-x32\...\Steam App 70) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version: - )
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version: - )
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HEX (HKLM-x32\...\{E31B651A-B48C-423C-8D0D-855756C8B7E8}_is1) (Version: - HEX Entertainment)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version: - Lightmare Studios)
Jagged Alliance 2 Gold: Unfinished Business (HKLM-x32\...\Steam App 12380) (Version: - Strategy First)
Jagged Alliance 2: Gold Pack (HKLM-x32\...\Steam App 12370) (Version: - Strategy First)
Java Auto Updater (x32 Version: 2.0.4.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
MAGIX Speed burnR (HKLM-x32\...\MAGIX Speed burnR D) (Version: 6.0.1.4 - MAGIX AG)
Majesty 2 Collection (HKLM-x32\...\Steam App 73020) (Version: - 1C:InoCo)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Virtual PC 2007 SP1 (HKLM\...\{AD483998-2E9A-4405-83FF-6E503AF49CBB}) (Version: 6.0.192.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{3bcf8c72-b231-4d28-9f39-3405c22d8b5a}) (Version: 11.0.61030.0 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
MMDoC-PDCLive Launcher (HKCU\...\3114a86aa00b92d7) (Version: 1.0.1.1 - Ubisoft)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MP Manager (HKLM-x32\...\{D62460AF-5A0E-44F7-A647-C79076C5CA65}) (Version: 1.0.4715 - MPMAN)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Pox Nora 1.8 (HKLM-x32\...\3055-2232-0137-3195) (Version: 1.8 - Desert Owl Games)
Prime World (HKLM-x32\...\Steam App 235340) (Version: - Nival)
Prime World: Defenders (HKLM-x32\...\Steam App 235360) (Version: - Nival)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version: - Trion Worlds)
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version: - 3D Realms)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version: - Full Control Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version: - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: - TeamSpeak Systems GmbH)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10511 - TeamViewer GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version: - Stoic)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version: - Haemimont Games)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VLC media player 1.1.4 (HKLM-x32\...\VLC media player) (Version: 1.1.4 - VideoLAN)
Wakfu (HKLM-x32\...\Steam App 215080) (Version: - Ankama)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version: - Paradox Interactive)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
WinSCP 5.1.4 (HKLM-x32\...\winscp3_is1) (Version: 5.1.4 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

21-10-2014 08:50:30 AA11
21-10-2014 08:50:43 Windows Update
21-10-2014 10:59:15 Removed Bonjour
21-10-2014 10:59:55 Removed Apple Mobile Device Support
21-10-2014 11:00:40 Removed Apple Application Support
21-10-2014 11:01:16 Removed Apple Software Update
21-10-2014 12:27:09 Revo Uninstaller's restore point - Shopping Helper Smartbar
21-10-2014 12:43:33 Removed iTunes
21-10-2014 12:45:15 Removed QuickTime
26-10-2014 15:11:27 Revo Uninstaller's restore point - Mozilla Maintenance Service
26-10-2014 15:16:47 Revo Uninstaller's restore point - Mozilla Firefox 33.0 (x86 de)
28-10-2014 10:27:08 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-10-16 18:49 - 00450713 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1497AE49-32B5-4CB5-A34B-5E683461C01E} - System32\Tasks\{2D11BC38-BC04-40C6-89C1-82353F9ABE4B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {AF1BE5C7-2138-4C5F-869C-7C3ED971F9F7} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => c:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {BBCE63A8-9FDD-48C8-8CF0-BFFB6A9A450A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {FBDB51E8-1AC7-4A3B-867F-D2B43E4FF7A5} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-12-19 13:04 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-02-23 11:53 - 2014-10-02 00:16 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 10:44 - 2014-10-21 20:22 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 08:22 - 2014-08-21 19:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-02-23 11:53 - 2014-10-21 20:22 - 00682176 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-02-23 11:53 - 2014-09-05 00:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-10-26 16:37 - 2014-10-11 13:53 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-11 09:09 - 2014-09-11 09:09 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-762131175-2521822999-1656188121-500 - Administrator - Disabled)
ASPNET (S-1-5-21-762131175-2521822999-1656188121-1004 - Administrator - Enabled)
Gast (S-1-5-21-762131175-2521822999-1656188121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-762131175-2521822999-1656188121-1002 - Limited - Enabled)
S.Aerne (S-1-5-21-762131175-2521822999-1656188121-1000 - Administrator - Enabled) => C:\Users\S.Aerne

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/27/2014 03:05:14 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (10/27/2014 01:00:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x118c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/26/2014 05:42:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (10/26/2014 05:40:38 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (10/26/2014 04:21:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/26/2014 04:21:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/26/2014 04:21:20 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (10/26/2014 04:20:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (10/26/2014 05:54:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 33.0.0.5397, Zeitstempel: 0x543924b1
Name des fehlerhaften Moduls: mozalloc.dll, Version: 33.0.0.5397, Zeitstempel: 0x5438ffbb
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xb74
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (10/25/2014 05:30:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ja2.exe, Version: 1.1.2.0, Zeitstempel: 0x3df9f604
Name des fehlerhaften Moduls: mss32.dll, Version: 3.0.0.0, Zeitstempel: 0x3bccbaf7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001c52
ID des fehlerhaften Prozesses: 0xcc4
Startzeit der fehlerhaften Anwendung: 0xja2.exe0
Pfad der fehlerhaften Anwendung: ja2.exe1
Pfad des fehlerhaften Moduls: ja2.exe2
Berichtskennung: ja2.exe3


System errors:
=============
Error: (10/28/2014 11:22:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/27/2014 01:01:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/27/2014 00:54:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "InterpreterProcessRemote.exe" wurde nicht richtig gestartet.

Error: (10/27/2014 00:52:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/26/2014 05:12:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "InterpreterProcessRemote.exe" wurde nicht richtig gestartet.

Error: (10/26/2014 05:11:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/26/2014 04:40:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "InterpreterProcessRemote.exe" wurde nicht richtig gestartet.

Error: (10/26/2014 04:38:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (10/26/2014 04:30:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "InterpreterProcessRemote.exe" wurde nicht richtig gestartet.

Error: (10/26/2014 04:28:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ClipboardFAT32Program.exe" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (10/27/2014 03:05:14 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (10/27/2014 01:00:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425118c01cff1dd44bd6a1bC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlldcb4bb8a-5dd0-11e4-a532-485b39b2a165

Error: (10/26/2014 05:42:13 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (10/26/2014 05:40:38 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (10/26/2014 04:21:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (10/26/2014 04:21:22 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (10/26/2014 04:21:20 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (10/26/2014 04:20:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (10/26/2014 05:54:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe33.0.0.5397543924b1mozalloc.dll33.0.0.53975438ffbb8000000300001425b7401cff0d790ba6684C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll2db12392-5ccc-11e4-96ee-485b39b2a165

Error: (10/25/2014 05:30:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ja2.exe1.1.2.03df9f604mss32.dll3.0.0.03bccbaf7c000000500001c52cc401cff01fdf961aa4C:\Program Files (x86)\Steam\steamapps\common\Jagged Alliance 2 Gold\ja2.exeC:\Program Files (x86)\Steam\steamapps\common\Jagged Alliance 2 Gold\mss32.dll3d8ce488-5c64-11e4-8700-485b39b2a165


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 43%
Total physical RAM: 4095.18 MB
Available physical RAM: 2314.48 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5939.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:319.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7A745740)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================



Keine Edeals Links, keine ständig aufploppenden Werbefenster mehr. Malwarebytes meldet mir nur noch PUP.optional.Uptupdater.exe in C:\windows\temp.
jeweils bei jedem suchlauf, wird auch jedes mal in Quarantäne verschoben. abgesehen davon scheint es gut zu sein

schrauber 29.10.2014 08:12
Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.



Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:55 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19