| jamerson | 26.12.2014 15:14 |
achso, okay, kann ich gern machen:
defogger_disable.log: Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:59 on 26/12/2014 (Admin)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST.txt
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2014
Ran by Admin (administrator) on ADMIN-PC on 26-12-2014 12:00:28
Running from C:\Users\Admin\Desktop
Loaded Profile: Admin (Available profiles: Admin)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Azureus Software, Inc) C:\Program Files\Vuze\Azureus.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Schnapper-Software Robert Beer) C:\Program Files (x86)\SchnapperPro\TimeSync.exe
(Schnapper-Software Robert Beer) C:\Program Files (x86)\SchnapperPro\SchnapperPro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Dropbox, Inc.) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(SAP AG) C:\Program Files (x86)\SAP\SapSetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2012-03-26] (VIA Technologies, Inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot)
HKLM\...\Run: [Icakupsie] => "C:\Users\Admin\AppData\Roaming\Urudne\pibaad.exe"
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-21] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)
HKU\S-1-5-21-3347311179-4269016646-269938500-1000\...\Run: [Azureus] => C:\Program Files\Vuze\Azureus.exe [346424 2014-08-12] (Azureus Software, Inc)
HKU\S-1-5-21-3347311179-4269016646-269938500-1000\...\Run: [Spotify Web Helper] => C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-24] (Spotify Ltd)
HKU\S-1-5-21-3347311179-4269016646-269938500-1000\...\Run: [Idsoft] => C:\Users\Admin\AppData\Local\Idsoft\tmpFF90.exe
HKU\S-1-5-21-3347311179-4269016646-269938500-1000\...\Run: [UVMmedia] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Admin\AppData\Local\Idsoft\ep0lvra9.dll
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [256568 2012-12-14] (Citrix Systems, Inc.)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SchnapperPro.lnk
ShortcutTarget: SchnapperPro.lnk -> C:\Program Files (x86)\SchnapperPro\SchnapperPro.exe (Schnapper-Software Robert Beer)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3347311179-4269016646-269938500-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3347311179-4269016646-269938500-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k61t38wy.default-1409423412364
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3347311179-4269016646-269938500-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Admin\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: WMDM CE Device Service Provider - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\6lo553pk.default\Extensions\{066BF1A1-62A1-474B-4D00-591822FEB978} [2014-12-26]
FF Extension: WMDM CE Device Service Provider - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\k61t38wy.default-1409423412364\Extensions\{066BF1A1-62A1-474B-4D00-591822FEB978} [2014-12-26]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-12-25] (SurfRight B.V.)
R2 NWSAPAutoWorkstationUpdateSvc; C:\Program Files (x86)\SAP\SAPsetup\Setup\Updater\NwSapAutoWorkstationUpdateService.exe [165568 2012-06-19] (SAP AG)
R2 SchnapperPro-TimeSync; C:\Program Files (x86)\SchnapperPro\TimeSync.exe [45664 2007-08-30] (Schnapper-Software Robert Beer)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-24] (Avira Operations GmbH & Co. KG)
R3 cleanhlp; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R2 ei2c; C:\Windows\system32\drivers\ei2c.sys [20784 2014-08-30] (Nicomsoft Ltd.)
S3 gbxavs; C:\Windows\System32\Drivers\gbxavs.sys [357968 2011-07-07] () [File not signed]
S3 gbxavs_x64; C:\Windows\System32\Drivers\gbxavs_x64.sys [46096 2008-11-20] (Native Instruments GmbH)
S3 gbxusb_x64; C:\Windows\System32\Drivers\gbxusb_x64.sys [250896 2008-11-20] (Native Instruments GmbH)
R3 ka6avs; C:\Windows\System32\Drivers\ka6avs.sys [359784 2012-12-18] (Native Instruments GmbH)
R3 ka6usb_svc; C:\Windows\System32\Drivers\ka6usb.sys [85864 2012-12-18] (Native Instruments GmbH)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [23968 2013-02-07] (Resplendence Software Projects Sp.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [204800 2012-03-26] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [256000 2012-03-26] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-26 12:00 - 2014-12-26 12:00 - 00016986 _____ () C:\Users\Admin\Desktop\FRST.txt
2014-12-26 11:59 - 2014-12-26 11:59 - 00000472 _____ () C:\Users\Admin\Desktop\defogger_disable.log
2014-12-26 11:59 - 2014-12-26 11:59 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-12-26 11:58 - 2014-12-26 11:59 - 00050477 _____ () C:\Users\Admin\Desktop\Defogger.exe
2014-12-26 11:50 - 2014-12-26 11:50 - 00000004 ____H () C:\ProgramData\cm-lock
2014-12-26 11:48 - 2014-12-26 11:48 - 00003874 _____ () C:\EamClean.log
2014-12-26 00:41 - 2014-12-26 00:41 - 00852505 _____ () C:\Users\Admin\Downloads\SecurityCheck.exe
2014-12-26 00:39 - 2014-12-26 00:39 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-26 00:38 - 2014-12-26 00:38 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2014-12-26 00:36 - 2014-12-26 12:00 - 00000000 ____D () C:\FRST
2014-12-26 00:36 - 2014-12-26 11:41 - 00044595 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-12-26 00:36 - 2014-12-26 00:37 - 00037320 _____ () C:\Users\Admin\Downloads\Addition.txt
2014-12-26 00:34 - 2014-12-26 00:34 - 00000621 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-12-26 00:20 - 2014-12-26 00:20 - 02122240 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2014-12-26 00:07 - 2014-12-26 00:07 - 00023592 _____ () C:\ComboFix.txt
2014-12-25 23:53 - 2014-12-25 23:24 - 05603624 ____R (Swearware) C:\Users\Admin\Desktop\ComboFix.exe
2014-12-25 23:51 - 2014-12-25 23:51 - 00709564 _____ () C:\Users\Admin\Downloads\delfix_10.8.exe
2014-12-25 23:26 - 2014-12-26 00:07 - 00000000 ____D () C:\Qoobox
2014-12-25 23:26 - 2014-12-25 23:47 - 00000000 ____D () C:\Windows\erdnt
2014-12-25 23:26 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-25 23:26 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-25 23:26 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-25 23:26 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-25 23:26 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-25 23:26 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-25 23:26 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-25 23:26 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-25 23:24 - 2014-12-25 23:24 - 05603624 ____R (Swearware) C:\Users\Admin\Downloads\ComboFix.exe
2014-12-25 17:05 - 2014-12-25 17:05 - 00001098 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-12-25 17:05 - 2014-12-25 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2014-12-25 17:04 - 2014-12-26 11:51 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-12-25 16:57 - 2014-12-25 16:57 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2014-12-25 16:51 - 2014-12-25 16:54 - 170741736 _____ (Emsisoft Ltd ) C:\Users\Admin\Downloads\EmsisoftAntiMalwareSetup.exe
2014-12-25 13:48 - 2014-12-25 13:48 - 00007506 _____ () C:\Windows\system32\.crusader
2014-12-25 13:38 - 2014-12-25 13:49 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-12-25 13:38 - 2014-12-25 13:38 - 00001912 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-12-25 13:38 - 2014-12-25 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-12-25 13:38 - 2014-12-25 13:38 - 00000000 ____D () C:\Program Files\HitmanPro
2014-12-25 13:04 - 2014-12-25 13:05 - 11222744 _____ (SurfRight B.V.) C:\Users\Admin\Downloads\HitmanPro_x64.exe
2014-12-25 12:18 - 2014-12-25 12:18 - 00000194 _____ () C:\Users\Admin\Downloads\hosts-perm.bat
2014-12-25 11:44 - 2014-12-26 11:41 - 00002764 _____ () C:\Users\Admin\Desktop\Rkill.txt
2014-12-25 11:11 - 2014-12-25 11:11 - 01061112 _____ (Bleeping Computer, LLC) C:\Users\Admin\Downloads\blabka4.exe
2014-12-24 17:17 - 2014-12-24 17:17 - 00001801 _____ () C:\Users\Public\Desktop\Vuze.lnk
2014-12-24 16:43 - 2014-12-24 16:43 - 02953520 _____ (AVAST Software) C:\Users\Admin\Downloads\avast-browser-cleanup.exe
2014-12-24 16:34 - 2014-12-24 16:34 - 00000000 ____D () C:\Windows\ERUNT
2014-12-24 16:04 - 2014-12-26 11:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-24 16:04 - 2014-12-24 16:04 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-24 16:04 - 2014-12-24 16:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-24 16:04 - 2014-12-24 16:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-24 14:11 - 2014-12-24 14:11 - 00001271 _____ () C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2014-12-24 14:11 - 2014-12-24 14:11 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-24 14:10 - 2014-12-24 14:10 - 01707646 _____ (Thisisu) C:\Users\Admin\Desktop\JRT.exe
2014-12-24 14:09 - 2014-12-24 14:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Admin\Downloads\revosetup.exe
2014-12-24 14:08 - 2014-12-24 14:08 - 01940728 _____ (Bleeping Computer, LLC) C:\Users\Admin\Downloads\rkill.exe
2014-12-24 13:50 - 2014-12-24 13:50 - 02173952 _____ () C:\Users\Admin\Desktop\AdwCleaner_4.106.exe
2014-12-19 13:46 - 2014-12-19 13:46 - 00001723 _____ () C:\Users\Admin\Desktop\Computer.lnk
2014-12-18 08:52 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 08:52 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 22:17 - 2014-12-17 22:17 - 00003133 _____ () C:\Users\Public\Desktop\Nero BackItUp 10.lnk
2014-12-17 22:16 - 2014-12-17 22:16 - 00002937 _____ () C:\Users\Public\Desktop\Nero Burning ROM 10.lnk
2014-12-17 22:14 - 2014-12-17 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-12-17 20:59 - 2014-12-17 21:06 - 00000000 ____D () C:\Users\Admin\Desktop\volvo verkauf autoscout
2014-12-17 19:39 - 2014-12-17 19:39 - 00001156 _____ () C:\Users\Public\Desktop\etope 8 starten.lnk
2014-12-16 22:06 - 2014-12-24 14:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Line 6
2014-12-16 22:05 - 2014-12-17 18:49 - 00001137 _____ () C:\Users\Public\Desktop\Reason Essentials.lnk
2014-12-16 22:05 - 2014-12-16 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeMeter
2014-12-16 22:05 - 2014-12-16 22:06 - 00000000 ____D () C:\Program Files (x86)\CodeMeter
2014-12-16 22:05 - 2014-12-16 22:05 - 00000000 ____D () C:\ProgramData\CodeMeter
2014-12-16 22:05 - 2014-12-16 22:05 - 00000000 ____D () C:\Program Files\Propellerhead
2014-12-16 22:05 - 2014-12-16 22:05 - 00000000 ____D () C:\Program Files\CodeMeter
2014-12-16 19:49 - 2014-12-16 19:49 - 00000000 ____D () C:\Windows\pss
2014-12-16 19:13 - 2014-12-16 19:13 - 00000000 ____D () C:\ProgramData\Adobe Systems
2014-12-16 18:29 - 2014-12-16 18:29 - 02166272 _____ () C:\Users\Admin\Downloads\adwcleaner_4.105.exe
2014-12-16 18:28 - 2014-12-26 00:10 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-16 18:28 - 2014-12-16 18:28 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-16 18:28 - 2014-12-16 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-16 18:28 - 2014-12-16 18:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-16 18:28 - 2014-12-16 18:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-16 18:28 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-16 18:28 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-16 18:28 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-16 18:27 - 2014-12-16 18:27 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-11 03:24 - 2014-12-11 03:24 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 03:02 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 03:02 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 19:37 - 2014-12-16 20:05 - 00000000 _____ () C:\ProgramData\@system.temp
2014-12-10 19:36 - 2014-12-16 20:30 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FrameworkUpdate
2014-12-10 19:36 - 2014-12-10 19:36 - 00000480 ____H () C:\Users\Admin\AppData\Roaming\麽鎒駓覜
2014-12-10 08:43 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 08:43 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 08:43 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 08:43 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 08:43 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 08:43 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 08:43 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 08:43 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 08:42 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 08:42 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 08:42 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 08:42 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 08:42 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 08:42 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 08:42 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 08:42 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 08:42 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 08:42 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 08:42 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 08:42 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 08:42 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 08:42 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 08:42 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 08:42 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 08:42 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 08:42 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 08:42 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 08:42 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 08:42 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 08:42 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 08:42 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 08:42 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 08:42 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 08:42 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 08:42 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 08:42 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 08:42 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 08:42 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 08:42 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 08:42 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 08:42 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 08:42 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 08:42 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 08:42 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 08:42 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 08:42 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 08:42 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 08:42 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 08:42 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 08:42 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 08:42 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 08:42 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 08:42 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 08:42 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 08:42 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 08:42 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 08:42 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 08:42 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 08:42 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 08:42 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 08:42 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 08:42 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 08:42 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 08:42 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 08:42 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 08:42 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 08:42 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 08:42 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 08:42 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 08:42 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 08:42 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 08:42 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 08:42 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 08:42 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 08:42 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 08:42 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 08:42 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-10 08:41 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 08:41 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 21:04 - 2014-12-09 21:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Oracle
2014-12-09 09:14 - 2014-12-09 09:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-08 19:34 - 2014-12-08 19:34 - 00000000 ____D () C:\ProgramData\PACE
2014-12-08 19:19 - 2014-12-24 14:22 - 00000000 ____D () C:\Users\Admin\Documents\iZotope
2014-12-08 19:12 - 2014-12-26 11:52 - 00000000 ____D () C:\Users\Admin\AppData\Local\Idsoft
2014-12-08 19:12 - 2014-12-26 10:53 - 00000000 ____D () C:\Users\Admin\AppData\Local\Ejmtion
2014-12-07 00:22 - 2014-12-07 00:22 - 01389910 _____ () C:\Users\Admin\Downloads\mp3bee3.exe
2014-12-06 20:08 - 2014-12-06 20:08 - 00025478 _____ () C:\Users\Admin\Desktop\1131_I-Wont-be-Home-for-Christmas.mid
2014-12-06 20:04 - 2014-12-06 20:04 - 00028918 _____ () C:\Users\Admin\Desktop\Blink_182_-_I_Won't_Be_Home_for_Christmas.mid
2014-12-02 22:14 - 2014-12-02 22:14 - 04990667 _____ () C:\Users\Admin\Desktop\10433298_10204168401239201_2025431251_n.mp4
2014-11-30 16:23 - 2014-12-08 12:29 - 00000000 ____D () C:\Users\Admin\Desktop\5825
2014-11-30 12:59 - 2014-12-18 14:55 - 00000000 ____D () C:\Users\Admin\Desktop\facebook
2014-11-28 20:44 - 2014-11-28 12:13 - 00000000 ____D () C:\Users\Admin\Desktop\Haftbefehl-Russisch_Roulette-2CD-Deluxe_Edition-DE-2014-NOiR
2014-11-28 15:09 - 2014-11-28 16:09 - 184667365 _____ () C:\Users\Admin\Downloads\Haf-RuRo2CDeEdDE20NO.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-26 12:00 - 2009-07-14 05:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-26 12:00 - 2009-07-14 05:45 - 00020880 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-26 11:59 - 2013-03-31 16:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Azureus
2014-12-26 11:59 - 2013-03-30 17:29 - 00000000 ____D () C:\Users\Admin
2014-12-26 11:57 - 2013-03-31 00:28 - 01683050 _____ () C:\Windows\WindowsUpdate.log
2014-12-26 11:55 - 2009-07-14 18:58 - 00702980 _____ () C:\Windows\system32\perfh007.dat
2014-12-26 11:55 - 2009-07-14 18:58 - 00150620 _____ () C:\Windows\system32\perfc007.dat
2014-12-26 11:55 - 2009-07-14 06:13 - 01629444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-26 11:51 - 2013-04-03 21:41 - 00000000 ___RD () C:\Users\Admin\Dropbox
2014-12-26 11:51 - 2013-04-03 21:39 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Dropbox
2014-12-26 11:50 - 2013-04-04 20:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SchnapperPro
2014-12-26 11:49 - 2013-05-01 22:29 - 00268308 _____ () C:\Windows\setupact.log
2014-12-26 11:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-26 11:48 - 2013-05-01 22:28 - 00230156 _____ () C:\Windows\PFRO.log
2014-12-26 02:00 - 2013-04-01 11:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-12-26 01:22 - 2013-03-31 14:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2014-12-26 00:26 - 2014-08-30 17:51 - 00000000 ____D () C:\AdwCleaner
2014-12-26 00:06 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-25 23:49 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-25 23:16 - 2013-03-30 18:07 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2D7B81C1-8B06-4916-B13D-931EF0D2FBD7}
2014-12-25 13:50 - 2013-06-21 18:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\Greenshot
2014-12-25 13:47 - 2014-11-16 23:37 - 00000000 ____D () C:\Users\Admin\AppData\Local\JDownloader 2.0
2014-12-25 12:47 - 2014-02-26 03:02 - 01648918 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-12-25 11:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-12-24 17:17 - 2013-03-31 16:13 - 00001801 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2014-12-24 17:17 - 2013-03-31 16:13 - 00000000 ____D () C:\Program Files\Vuze
2014-12-24 14:50 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-12-24 14:27 - 2014-08-05 17:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-24 14:24 - 2013-03-30 17:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-24 14:22 - 2013-04-05 18:08 - 00000000 ____D () C:\Program Files\Common Files\VST3
2014-12-24 14:21 - 2013-04-07 10:11 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-24 14:18 - 2013-03-31 16:23 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-24 14:18 - 2013-03-31 03:19 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-24 14:14 - 2013-04-01 08:35 - 00000000 ____D () C:\Users\Admin\AppData\Local\Citrix
2014-12-24 14:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2014-12-20 21:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-12-19 14:11 - 2013-03-31 00:23 - 00000000 ____D () C:\Windows\Panther
2014-12-19 14:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2014-12-18 20:14 - 2013-05-18 11:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify
2014-12-18 15:55 - 2013-05-18 11:33 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify
2014-12-17 22:21 - 2013-04-01 18:04 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-12-17 21:55 - 2014-08-30 12:41 - 00000000 ____D () C:\Temp
2014-12-17 19:39 - 2014-04-27 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\etope 8
2014-12-16 22:14 - 2009-07-14 05:45 - 11266360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-16 22:13 - 2013-05-01 10:12 - 00000000 ____D () C:\ProgramData\Propellerhead Software
2014-12-16 22:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-12-16 22:06 - 2013-05-01 10:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Propellerhead Software
2014-12-16 22:05 - 2013-05-01 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Propellerhead
2014-12-16 19:53 - 2014-09-13 16:03 - 00000000 ____D () C:\Program Files (x86)\AntiTwin
2014-12-16 19:47 - 2013-06-19 18:24 - 00000000 ____D () C:\Program Files\ARIS Express
2014-12-16 19:40 - 2013-03-30 17:44 - 00440744 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-16 19:15 - 2013-03-30 18:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-12-16 19:12 - 2013-03-31 16:04 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-12-16 19:11 - 2013-09-01 20:02 - 00000000 ____D () C:\Users\Admin\.android
2014-12-14 03:00 - 2013-03-30 17:34 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-13 03:22 - 2013-08-30 17:11 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-11 03:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:26 - 2014-08-30 15:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-11 03:24 - 2014-05-07 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 03:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 03:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 03:07 - 2013-07-23 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:04 - 2013-03-30 20:21 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 21:04 - 2013-11-24 11:03 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-09 20:08 - 2014-11-03 17:17 - 00001144 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-12-09 20:08 - 2013-03-31 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-12-09 20:08 - 2013-03-31 13:43 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-12-09 20:02 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-08 19:44 - 2013-04-01 15:27 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\iZotope
2014-12-07 12:06 - 2014-05-01 10:37 - 00022016 ___SH () C:\Users\Admin\Thumbs.db
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkhktyu.dll
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-25 07:54
==================== End Of Log ============================
--- --- ---
--- --- ---
Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-12-2014
Ran by Admin at 2014-12-26 12:00:54
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Professional (HKLM-x32\...\Adobe_a68eec966ce913ddaa63251dc82ed31) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Antares Auto-Tune v4.39 (HKLM-x32\...\Antares Auto-Tune v4.39) (Version: - )
Arturia Arp2600 V v1.0 (HKLM-x32\...\Arturia Arp2600 V v1.0) (Version: - )
Arturia CS-80V v1.5 (HKLM-x32\...\Arturia CS-80V v1.5) (Version: - )
Arturia Moog Modular V2 v1.0 (HKLM-x32\...\Arturia Moog Modular V2 v1.0) (Version: - )
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
Audio Bro LA Scoring Strings (HKLM-x32\...\Audio Bro LA Scoring Strings) (Version: - Audio Bro)
Audio Bro LA Scoring Strings (Version: 1.0.0.001 - Audio Bro) Hidden
Authorizer 2.7.0 (HKLM\...\{F6762963-9AE5-4bc6-A70F-2D749F6AC02F}_is1) (Version: 2.7.0 - Propellerhead Software AB)
Authorizer Ignition Key Support (Version: 1.0.8.0 - Propellerhead Software AB) Hidden
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Bass Station 1.6 (HKLM-x32\...\{ABAF1232-6213-4062-9D52-04E04A730CEA}_is1) (Version: 1.6 - Novation Digital Music Systems Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Celemony Melodyne Plugin VST RTAS v1.0 (HKLM-x32\...\Celemony Melodyne Plugin_is1) (Version: - )
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.4.0.25 - Citrix Systems, Inc.)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
discoDSP Phantom VSTi v1.2 (HKLM-x32\...\discoDSP Phantom_is1) (Version: - )
Dropbox (HKU\S-1-5-21-3347311179-4269016646-269938500-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Edirol HQ Orchestral v1.01 (HKLM-x32\...\Edirol HQ Orchestral v1.01) (Version: - )
Edirol Hyper Canvas VSTi DXi 1.6.0 (HKLM-x32\...\Edirol Hyper Canvas VSTi DXi_is1) (Version: - )
Edirol Super Quartet v1.52 TALiO (HKLM-x32\...\Edirol Super Quartet v1.52 TALiO) (Version: - )
EF Duplicate Files Manager (HKLM-x32\...\EF Duplicate Files Manager) (Version: - EFSoftware)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd)
Engineering Client Viewer 7.0 (HKLM-x32\...\SAP_Engineering Client Viewer 7.0) (Version: - SAP AG)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
etope 8 (HKLM-x32\...\etope_is1) (Version: - Freshworx GmbH & Co. KG)
EZdrummer (HKLM-x32\...\{43E8D9E7-AFC9-4BA3-8106-B95E02B87AB7}) (Version: 1.0 - Toontrack)
EZXClaustrophobic (HKLM-x32\...\{8094F7AE-CA21-4AF2-A256-BC918CE0E796}) (Version: 1.0 - Toontrack)
EZXCocktail (HKLM-x32\...\{147567F0-8575-4BE0-B5B3-62706C67FA5A}) (Version: 1.0 - Toontrack)
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
EZXNashville (HKLM-x32\...\{82DF9225-13EC-41BD-BE31-AAB121B38166}) (Version: 1.0 - Toontrack)
EZXPercussion (HKLM-x32\...\{2CC4BC82-41CF-43D3-B533-7283AA8BB86F}) (Version: 1.0 - Toontrack)
EZXTwisted (HKLM-x32\...\{D1EBF11E-8CE3-4EF5-8E2D-FD5B8D6BD294}) (Version: 1.0 - Toontrack)
FabFilter Pro-Q VST RTAS v1.00 (HKLM-x32\...\FabFilter Pro-Q VST RTAS_is1) (Version: - TEAM AiR)
FabFilter Timeless VST RTAS v1.01 (HKLM-x32\...\FabFilter Timeless_is1) (Version: - )
FileZilla Client 3.9.0.3 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
Free MP4 Video Converter version 5.0.48.923 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.48.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
Futureaudioworkshop Circle VSTi RTAS v1.03 (HKLM-x32\...\Futureaudioworkshop Circle VSTi RTAS_is1) (Version: - )
Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.232 - SurfRight B.V.)
Image Line ToxicIII v1.41 VSTi (HKLM-x32\...\Image Line ToxicIII v1.41 VSTi) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KORG M1 Le (HKLM-x32\...\{9624502C-3D39-41A0-8917-858EC16769CE}) (Version: 1.0.4 - KORG Inc.)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManyGuitar 1.0 (HKLM-x32\...\ManyGuitar_is1) (Version: - ManyTone)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Project Professional 2013 (HKLM-x32\...\Office15.PRJPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2005 SP1(x86) (HKLM-x32\...\{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}) (Version: 8.0.50727.4053 - SAP)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM-x32\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version: - MixMeister Technology LLC)
MKVToolNix 6.4.1 (HKLM-x32\...\MKVToolNix) (Version: 6.4.1 - Moritz Bunkus)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.0 - Heiko Schröder)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: - Native Instruments)
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version: - )
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.2.1863 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: - )
Native Instruments George Duke Soul Treasures (HKLM-x32\...\Native Instruments George Duke Soul Treasures) (Version: - Native Instruments)
Native Instruments Hardware Controller Support (HKLM-x32\...\Native Instruments Hardware Controller Support) (Version: - Native Instruments)
Native Instruments Komplete 6 (HKLM-x32\...\Native Instruments Komplete 6) (Version: - Native Instruments)
Native Instruments Komplete Audio 6 Driver (HKLM-x32\...\Native Instruments Komplete Audio 6 Driver) (Version: - Native Instruments)
Native Instruments Kontakt 4 (HKLM-x32\...\Native Instruments Kontakt 4) (Version: - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: - Native Instruments)
Native Instruments Maschine (HKLM-x32\...\Native Instruments Maschine) (Version: - Native Instruments)
Native Instruments Maschine Driver (HKLM-x32\...\Native Instruments Maschine Driver) (Version: - Native Instruments)
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS (HKLM-x32\...\Native Instruments Massive v1.0.1.008 VSTi DXi RTAS) (Version: - )
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version: - Native Instruments)
Native Instruments Pro-53 (HKLM-x32\...\Native Instruments Pro-53) (Version: - )
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments)
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version: - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version: - Native Instruments)
Nepheton 1.5.1 (32bit) (HKLM-x32\...\{B2F62BBB-C527-4CE7-90D1-5717110677B6}) (Version: 1.5.1.0 - D16 Group Audio Software)
Nepheton 1.5.1 (64bit) (HKLM\...\{02483A2B-9FDD-47BF-81AA-F47D6379EFA5}) (Version: 1.5.1.0 - D16 Group Audio Software)
Nero 7 Premium (HKLM-x32\...\{70AB1576-7883-2313-C650-7A71270B1031}) (Version: 7.01.0735 - Nero AG)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Ohmforce Hematohm PRO VST v1.22 (HKLM-x32\...\Ohmforce Hematohm PRO VST v1.22) (Version: - )
Ohmforce Mobilohm PRO VST v1.12 (HKLM-x32\...\Ohmforce Mobilohm PRO VST v1.12) (Version: - )
Ohmforce Ohmboyz PRO VST v1.42 (HKLM-x32\...\Ohmforce Ohmboyz PRO VST v1.42) (Version: - )
Ohmforce Predatohm PRO VST v1.32 (HKLM-x32\...\Ohmforce Predatohm PRO VST v1.32) (Version: - )
Ohmforce Quad Frohmage Pro VST v1.10 (HKLM-x32\...\Ohmforce Quad Frohmage Pro VST v1.10) (Version: - )
Online Plug-in (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Platform (x32 Version: 1.38 - VIA Technologies, Inc.) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Reason 3.0 (HKLM-x32\...\Reason_is1) (Version: 3.0 - Propellerhead Software AB)
Reason Essentials 8.0.0 (HKLM\...\ReasonEssentials8.0_64_is1) (Version: 8.0.0 - Propellerhead Software AB)
Reason Essentials Ignition Key Support (Version: 1.0.8.0 - Propellerhead Software AB) Hidden
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - )
reFX Vanguard VSTi v1.6.3 (HKLM-x32\...\reFX Vanguard VSTi_is1) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rob Papen Blue VSTi v1.01 (HKLM-x32\...\Rob Papen Blue VSTi v1.01 ) (Version: - )
Rob Papen Predator V1.5.8 32 Bits Single Core (HKLM-x32\...\Predator_is1) (Version: - RPCX)
SAP Business Explorer (HKLM-x32\...\SAPBI) (Version: 7.30 - SAP AG)
SAP GUI for Windows 7.30 (HKLM-x32\...\SAPGUI710) (Version: 7.30 Compilation 1 - SAP)
SAP JNet (HKLM-x32\...\SAP_JNet) (Version: - SAP AG)
SAPSetup Automatic Workstation Update Service (HKLM-x32\...\SAP_WUS) (Version: - SAP AG)
SchnapperPro 2.0.94 (HKLM-x32\...\SchnapperPro) (Version: 2.0.94 - Schnapper-Software Robert Beer)
Secure Download Manager (HKLM-x32\...\{AA57D6F1-6360-4397-B2D9-B21C69863D97}) (Version: 3.1.0 - Kivuto Solutions Inc.)
Self-Service Plug-in (x32 Version: 3.4.0.33684 - Citrix Systems, Inc.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-003B-0000-0000-0000000FF1CE}_Office15.PRJPROR_{115B7592-B71D-4C27-AB34-34268FB199CA}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version: - Microsoft)
SideKick4.3.2 (HKLM-x32\...\SideKick432 ID_mp1) (Version: - Twisted Lemon)
Spotify (HKU\S-1-5-21-3347311179-4269016646-269938500-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Steinberg Cubase 5 (HKLM-x32\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.0 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Steinberg The Grand VSTi DXi v2.1.0 (HKLM-x32\...\Steinberg The Grand VSTi DXi_is1) (Version: - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{7A0D09B0-6575-11E2-89D5-F04DA23A5C58}) (Version: 12.0.486 - Sony)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.38 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.)
Waves Complete V9r10 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.10 - Waves)
Waves Diamond Bundle v5.2 (HKLM-x32\...\Waves Diamond Bundle v5.2) (Version: - )
Waves GTR Guitar Tool Rack v1.0 (HKLM-x32\...\Waves GTR Guitar Tool Rack v1.0) (Version: - )
Waves IRx v5.2 (HKLM-x32\...\Waves IRx v5.2) (Version: - )
Waves L3 v5.2 (HKLM-x32\...\Waves L3 v5.2) (Version: - )
Waves Musicians Bundle v5.0 (HKLM-x32\...\Waves Musicians Bundle v5.0) (Version: - )
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3347311179-4269016646-269938500-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347311179-4269016646-269938500-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347311179-4269016646-269938500-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347311179-4269016646-269938500-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347311179-4269016646-269938500-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347311179-4269016646-269938500-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347311179-4269016646-269938500-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3347311179-4269016646-269938500-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
24-12-2014 13:55:31 Removed Adobe Reader XI (11.0.10) - Deutsch.
24-12-2014 14:12:45 Revo Uninstaller's restore point - GoToMeeting 7.0.5.2130
24-12-2014 14:15:02 Revo Uninstaller's restore point - Line 6 Uninstaller
24-12-2014 14:17:44 Revo Uninstaller's restore point - Adobe Reader XI (11.0.10) - Deutsch
24-12-2014 14:19:52 Revo Uninstaller's restore point - Java 7 Update 71
24-12-2014 14:20:00 Removed Java 7 Update 71
24-12-2014 14:22:03 Revo Uninstaller's restore point - iZotope Ozone 6 Advanced
24-12-2014 14:23:26 Revo Uninstaller's restore point - PACE License Support Win64
24-12-2014 14:23:56 Removed PACE License Support Win64
24-12-2014 14:25:15 Revo Uninstaller's restore point - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
24-12-2014 14:25:37 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
24-12-2014 14:26:56 Revo Uninstaller's restore point - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
24-12-2014 14:27:11 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
25-12-2014 12:20:16 Windows Update
25-12-2014 13:47:19 Prüfpunkt von HitmanPro
25-12-2014 13:48:17 Prüfpunkt von HitmanPro
25-12-2014 16:57:19 Prüfpunkt von HitmanPro
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-05-11 10:54 - 00000894 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {088AEE40-F12C-46E4-8B37-48501D277C2C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {091A6FF8-99A4-49AB-B0C1-63C5A0FB6B49} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {1891C158-600A-465F-806F-20EC07AEEA3D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {301FC003-77CD-43DB-9226-3BE3A2952428} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-24] (Adobe Systems Incorporated)
Task: {77D876AF-4E96-4FD1-959A-F377674994E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {8F751E68-DB27-40CD-A6A5-3D26B5307D53} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {95B909CC-8EBA-4FBF-B56B-2FB75D7FFD4E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D3D0748D-ADF6-4A4C-AE63-44F56829CBED} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2014-12-08 18:53 - 2014-12-08 18:53 - 02736640 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-12-08 18:53 - 2014-12-08 18:53 - 02246144 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2013-03-31 16:13 - 2014-04-15 09:26 - 00097592 _____ () C:\Program Files\Vuze\aereg64.dll
2014-08-30 10:31 - 2014-06-24 14:12 - 00217600 _____ () C:\Users\Admin\AppData\Roaming\Azureus\plugins\azitunes\jacob-1.17-M2-x64.dll
2014-08-30 10:31 - 2014-06-24 14:12 - 00015840 _____ () C:\Users\Admin\AppData\Roaming\Azureus\plugins\azitunes\libProcessAccess64.dll
2014-12-26 10:53 - 2014-12-26 10:53 - 01301504 _____ () C:\Users\Admin\AppData\Local\Idsoft\ep0lvra9.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-26 11:50 - 2014-12-26 11:50 - 00043008 _____ () c:\users\admin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkhktyu.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Admin\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-12-09 09:14 - 2014-12-09 09:14 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-15 02:39 - 2014-10-15 02:39 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2013-03-30 20:31 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^JDownloader.lnk => C:\Windows\pss\JDownloader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: GoToMeeting => "C:\Users\Admin\AppData\Local\Citrix\GoToMeeting\1468\g2mstart.exe" "/Trigger RunAtLogon"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files (x86)\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify => "C:\Users\Admin\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: WSHelperSetup.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
========================= Accounts: ==========================
Admin (S-1-5-21-3347311179-4269016646-269938500-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3347311179-4269016646-269938500-500 - Administrator - Disabled)
Gast (S-1-5-21-3347311179-4269016646-269938500-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3347311179-4269016646-269938500-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: High Definition Audio-Gerät
Description: High Definition Audio-Gerät
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HdAudAddService
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/26/2014 10:53:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0xc24
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/26/2014 08:05:20 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.8.2_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/26/2014 08:05:20 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/26/2014 08:05:20 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/26/2014 08:05:19 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"2" in Zeile WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="AMD64",type="win32",version="1.0.0.0".
Definition: WavesQtLibs_4.7.3_Win32_Release,processorArchitecture="x86",type="win32",version="1.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/26/2014 00:38:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (12/26/2014 11:51:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Microsoft Office Sessions:
=========================
Error: (01/01/2014 10:08:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 423328 seconds with 3360 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-12-25 23:38:11.689
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-25 23:38:11.656
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 26%
Total physical RAM: 16317.59 MB
Available physical RAM: 11962.38 MB
Total Pagefile: 32633.35 MB
Available Pagefile: 28053.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive a: (Primäre Festplatte) (Fixed) (Total:1004.98 GB) (Free:300.73 GB) NTFS
Drive b: (Sekundäre Festplatte) (Fixed) (Total:232.88 GB) (Free:13.73 GB) NTFS
Drive c: (Windows) (Fixed) (Total:1042.92 GB) (Free:393.27 GB) NTFS
Drive p: (Producing) (Fixed) (Total:931.51 GB) (Free:259.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 1D631D62)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: B819B29C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1042.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1005 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 9B322B2C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 46830F60)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (Size: 931.5 GB) (Disk ID: E8900690)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
