Trojaner-Board - Windows 8: Zwei Trojaner im selben Ordner, alles sicher?

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Windows 8: Zwei Trojaner im selben Ordner, alles sicher? (https://www.trojaner-board.de/165427-windows-8-zwei-trojaner-selben-ordner-alles-sicher.html)

Windows 8: Zwei Trojaner im selben Ordner, alles sicher?

Guten Abend, Nacht, wie auch immer! :sleepy:

Also mein Problem: Ich bin mir nicht sicher, ob Panda meine Trojaner richtig entfernt hat. Es werden mir 2 Generic.gen und ein C.IA Trojaner angezeigt, beide mit der Meldung "gelöscht" (seltsamerweise alle im selben Ordner). Jetzt bin ich mir eben nicht sicher, ob alles entfernt wurde, oder ob das nur so aussieht, ich hatte nämlich (soweit ich weiß) vorher noch keine Bekanntschaft mit Trojanern gemacht und kenne mich mit Spyware und Co. auch nicht wirklich aus... :dummguck: Einfach formulieren müsst ihr eure Antworten deshalb nicht, ich denke so weit bin ich schon in Sachen Computer bewandert.:killpc: :)

Danke aber schon mal jetzt für eure Antwort(en)...

~~~Hier die Logs~~~
-DeFogger:

Code:

defogger_disable by jpshortstuff (23.02.10.1)

Log created at 22:00 on 23/03/2015 (******)
 

Checking for autostart values...

HKCU\~\Run values retrieved.

HKLM\~\Run values retrieved.
 

Checking for services/drivers...
 
 

-=E.O.F=-

-
Der warnte mich nicht zum Neustart, was ich ein bisschen seltsam fand...
-----
FRST:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015

Ran by ****** (administrator) on ******S-PC on 23-03-2015 22:02:27

Running from C:\Users\******\Desktop

Loaded Profiles: ****** (Available profiles: ****** & Administrator & Gast)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Leap Motion, Inc.) C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc64.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe

(Panda Security) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe

(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe

() C:\Program Files (x86)\Skiller Pro\Monitor.EXE

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe

(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)

HKLM\...\Run: [Remote Control Server] => C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe [5159424 2015-01-19] (Steppschuh)

HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-02] (Intel Corporation)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)

HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-06-23] (BlueStack Systems, Inc.)

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)

HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-09-02] ()

HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2448896 2014-09-19] (FileZilla Project)

HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [Skiller Pro] => C:\Program Files (x86)\Skiller Pro\Monitor.exe [475136 2014-02-26] ()

HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [RssReader] => C:\Program Files (x86)\RssReader\RssReader.exe [1077248 2004-04-04] (Ykoon)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Leap Control Panel] => C:\Program Files (x86)\Leap Motion\Core Services\LeapControlPanel.exe [3625808 2015-02-20] (Leap Motion, Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Spotify Web Helper] => C:\Users\******\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Spotify] => C:\Users\******\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Google Update] => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-09] (Google Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1313536 2014-04-01] (Bogdan Sharkov)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2042880 2014-08-25] (RemoteMouse.net)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [spotimote] => C:\Program Files (x86)\spotimote\spotimote.exe [2830248 2014-10-08] ()

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31346784 2015-02-26] (Skype Technologies S.A.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [GoogleChromeAutoLaunch_D781C9BFB3A3BA37CC3EB8921F5CCF82] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [DellSystemDetect] => C:\Users\******\AppData\Local\Apps\2.0\LLG9VHQ8.GH9\KO4XLBTX.AGH\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe [276776 2015-01-11] (Dell)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Policies\Explorer: [NoControlPanel] 0

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk

ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\devolo Cockpit.lnk

ShortcutTarget: devolo Cockpit.lnk -> C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe ( )

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Identitaetsabfrage.bat ()

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MAGIX Video deluxe 2014.lnk

ShortcutTarget: MAGIX Video deluxe 2014.lnk -> C:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exe (MAGIX Software GmbH)

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk

ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}

SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=377&r=2014/04/07&hid=5936879317086436134&lg=EN&cc=DE&unqvl=51

SearchScopes: HKLM-x32 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.amaizingsearches.info/?l=1&q={searchTerms}&pid=377&r=2014/04/07&hid=5936879317086436134&lg=EN&cc=DE&unqvl=51

SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3324427&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPAF1B23EF-781D-48EC-96E7-10E4407318A0&q={searchTerms}&SSPV=

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://pandasecurity.mystart.com/results.php?pr=vmn&gen=ms&id=pandasecuritytb&v=4_2&idate=2015-02-08&ent=ch_664&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> {B4364FC7-BB80-4056-A87B-DBC5A26B5C36} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-25] (Oracle Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)

BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16] (Adblock Plus)

BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-09-02] (Wondershare)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-13] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-13] (Oracle Corporation)

BHO-x32: FlowSurf -> {E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0} -> C:\Program Files (x86)\Flowsurf\FlowSurf.dll [2013-10-16] (FlowSurf Inc.)

BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)

Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()

Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default

FF SearchEngineOrder.1: Google.at

FF Homepage: https://www.google.de/

FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-08] ()

FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-08] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-13] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-13] (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-20] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @talk.google.com/O1DPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @tools.google.com/Google Update;version=3 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @tools.google.com/Google Update;version=9 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\******\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-06] (Unity Technologies ApS)

FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)

FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\searchplugins\youtube-videosuche.xml [2014-08-30]

FF Extension: Avira Browser Safety - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\abs@avira.com [2015-03-02]

FF Extension: FireFTP - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-01-16]

FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2015-01-16]

FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\langpack-de@Waterfox.mozilla.org.xpi [2014-08-30]

FF Extension: Session Manager - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-10-31]

FF Extension: Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-16]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com

FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-09-11]
 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "https://www.google.de/", "hxxp://websearch.amaizingsearches.info/?pid=377&r=2014/04/07&hid=5936879317086436134&lg=EN&cc=DE&unqvl=51", "hxxp://google.com/", "hxxp://google.de/", "https://de.search.yahoo.com/?type=937811&fr=yo-yhp-ch"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\******\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Angry Birds) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-04-07]

CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]

CHR Extension: (Berlin Events) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopbgcbccpbkbficacifdijmlpdnddkf [2014-04-07]

CHR Extension: (Adblock Plus) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-17]

CHR Extension: (Google Search) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]

CHR Extension: (Session Buddy) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2014-04-07]

CHR Extension: (Floating YouTube Extension) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2014-11-12]

CHR Extension: (Yahoo!) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhbkaahephniejapepaiggngjnedpci [2015-02-09]

CHR Extension: (Show Frame) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmgcfdnagjkihmgjhbiombjdcgckgnb [2015-01-18]

CHR Extension: (Google Keep - notes and lists) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-04-07]

CHR Extension: (ProxMate) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-05-13]

CHR Extension: (Floating YouTube™) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2014-11-12]

CHR Extension: (FullStream) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkchcbdilffpbpkknniliidiflhbagkl [2015-01-23]

CHR Extension: (Open Frame) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdhjgkkaacdhdioocfbpmhjidbinfajj [2015-01-18]

CHR Extension: (Wetter Berlin) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\klefihnmmfkcaoeebemdmeebbfdhlknm [2014-04-07]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]

CHR Extension: (Twitch Now) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-01-23]

CHR Extension: (Google Wallet) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-29]

CHR Extension: (Gmail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]

CHR HKLM-x32\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [iijmpjamifmplbakhgikofogdfackici] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com.crx [2014-09-11]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\******\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-01-25]

CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [Not Found]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-03-01] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)

R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-30] (Dell Inc.)

R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201424 2015-01-30] (Dell Inc.)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]

R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [772608 2014-09-19] (FileZilla Project) [File not signed]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)

S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] ()

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)

R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)

R2 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc64.exe [10083840 2015-02-20] (Leap Motion, Inc.) [File not signed]

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)

R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)

S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)

R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-31] (Electronic Arts)

R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)

R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)

R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)

S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()

R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)

S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)

R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-02-19] (Dell Inc.)

S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]

S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]

S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [X]

S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-06-23] (BlueStack Systems)

S3 CCUSBMIDI; C:\Windows\System32\Drivers\ccusbmid.sys [26624 2012-02-24] (CASIO COMPUTER CO., LTD.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)

R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)

R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)

S3 MP4ConverterAudio; C:\Windows\system32\drivers\MP4ConverterAudio.sys [36064 2014-07-28] (Windows (R) Win 7 DDK provider)

S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)

R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)

R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)

R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)

R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)

R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)

R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)

R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)

R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)

R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)

R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)

R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)

R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)

R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-01-29] (CACE Technologies)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

R3 panda_url_filteringd; C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)

R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)

R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)

R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)

R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)

R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)

R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)

R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()

R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-23 22:02 - 2015-03-23 22:03 - 00042414 _____ () C:\Users\******\Desktop\FRST.txt

2015-03-23 22:00 - 2015-03-23 22:02 - 00000476 _____ () C:\Users\******\Desktop\defogger_disable.log

2015-03-23 21:58 - 2015-03-23 22:02 - 00000000 ____D () C:\FRST

2015-03-23 21:58 - 2015-03-23 21:58 - 00000000 _____ () C:\Users\******\defogger_reenable

2015-03-23 21:57 - 2015-03-23 21:57 - 00050477 _____ () C:\Users\******\Desktop\Defogger.exe

2015-03-23 21:55 - 2015-03-23 21:55 - 02095616 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe

2015-03-23 21:54 - 2015-03-23 21:54 - 00380416 _____ () C:\Users\******\Desktop\k501derz.exe

2015-03-23 21:39 - 2015-03-23 21:40 - 01203488 _____ () C:\Users\******\Downloads\Regin Scanner - CHIP-Installer.exe

2015-03-23 18:14 - 2015-03-23 18:14 - 00001325 _____ () C:\Users\Public\Desktop\River-Simulator 2012 - Demo.lnk

2015-03-23 18:14 - 2015-03-23 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\River-Simulator 2012 - Demo

2015-03-23 18:13 - 2015-03-23 18:13 - 00000000 ____D () C:\Program Files (x86)\River-Simulator 2012 - Demo

2015-03-23 18:06 - 2015-03-23 18:06 - 00000000 ____D () C:\Users\******\Tracing

2015-03-23 17:47 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys

2015-03-22 14:08 - 2015-03-04 22:24 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-03-22 14:08 - 2015-03-04 22:24 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-03-22 10:31 - 2015-03-22 10:55 - 00000000 ____D () C:\Users\******\AppData\Roaming\Rettungswagen Simulator 2014 Demo

2015-03-22 10:31 - 2015-03-22 10:32 - 00000000 ____D () C:\Users\******\Documents\Rettungswagen Simulator 2014 Demo

2015-03-22 10:31 - 2015-03-22 10:31 - 00000000 ____D () C:\ProgramData\RTWS2014DEMO

2015-03-22 10:28 - 2015-03-22 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rettungswagen Simulator 2014 Demo

2015-03-22 10:22 - 2015-03-22 10:28 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2014 Demo

2015-03-22 10:21 - 2015-03-22 10:27 - 218461259 _____ () C:\Users\******\Downloads\Schiff-Simulator2012-Demo_Setup.zip

2015-03-22 10:01 - 2015-03-22 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schwebebahn-Simulator 2013 Demo

2015-03-22 10:00 - 2015-03-22 10:00 - 00000000 ____D () C:\Program Files (x86)\rondomedia

2015-03-22 09:52 - 2015-03-22 09:55 - 179712052 _____ () C:\Users\******\Downloads\Schwebebahn-Simulator2013_simuwelt_Demo Setup.zip

2015-03-22 09:51 - 2015-03-22 10:11 - 1682428100 _____ () C:\Users\******\Downloads\rtws2014-demo-1.0a.zip

2015-03-22 09:19 - 2015-03-22 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airport Simulator 2013 Demo

2015-03-22 09:19 - 2015-03-22 09:19 - 00000000 ____D () C:\Program Files (x86)\Airport Simulator 2013 Demo

2015-03-22 09:18 - 2015-03-22 09:18 - 50171380 _____ () C:\Users\******\Downloads\Airport-Simulator2013_simuwelt_Demo.zip

2015-03-21 21:19 - 2015-03-21 21:19 - 00000000 ____D () C:\Users\******\AppData\Roaming\Open Rails

2015-03-21 20:42 - 2015-03-21 20:42 - 00001082 _____ () C:\Users\Public\Desktop\Open Rails.lnk

2015-03-21 20:42 - 2015-03-21 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Rails

2015-03-21 20:42 - 2015-03-21 20:42 - 00000000 ____D () C:\Program Files (x86)\Open Rails

2015-03-21 20:41 - 2015-03-21 20:41 - 23850158 _____ (Open Rails ) C:\Users\******\Downloads\setup_OR_pre-v1.0_from_download.exe

2015-03-21 20:20 - 2015-03-21 20:39 - 00000000 ____D () C:\Users\******\AppData\Local\Loksim3D

2015-03-21 20:20 - 2015-03-21 20:34 - 00000000 ____D () C:\Program Files (x86)\Loksim3D

2015-03-21 20:20 - 2015-03-21 20:25 - 00000000 ____D () C:\Users\Public\Documents\Loksim3D

2015-03-21 20:20 - 2015-03-21 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loksim3D

2015-03-21 20:15 - 2015-03-21 20:17 - 120920998 _____ () C:\Users\******\Downloads\Setup-Loksim3D-2-9-1.zip

2015-03-21 20:14 - 2015-03-21 20:14 - 00373824 _____ () C:\Users\******\Downloads\Setup-Loksim3D-2-9-1_CB-DL-Manager.exe

2015-03-21 15:12 - 2015-03-21 15:24 - 436138144 _____ (MAGIX Software GmbH) C:\Users\******\Downloads\music_maker_2015_dlv_chip_de_20140827_13-38.exe

2015-03-20 20:25 - 2015-03-13 16:38 - 00622224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2015-03-20 20:22 - 2015-03-13 20:41 - 32114888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 18580512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 17258024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 16022016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 14121624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2015-03-20 20:22 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 03303448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 02906928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434788.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434788.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00944784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00178512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00164568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00032456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys

2015-03-20 20:22 - 2015-03-13 20:41 - 00027441 _____ () C:\WINDOWS\system32\nvinfo.pb

2015-03-11 07:39 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2015-03-11 07:39 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2015-03-11 07:39 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2015-03-11 07:39 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys

2015-03-11 07:39 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys

2015-03-11 07:39 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

2015-03-11 07:39 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll

2015-03-11 07:39 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll

2015-03-11 07:39 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2015-03-11 07:39 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2015-03-11 07:39 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll

2015-03-11 07:39 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll

2015-03-11 07:39 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe

2015-03-11 07:39 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe

2015-03-11 07:39 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2015-03-11 07:39 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2015-03-11 07:38 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2015-03-11 07:38 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2015-03-11 07:38 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2015-03-11 07:38 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2015-03-11 07:38 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2015-03-11 07:38 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2015-03-11 07:38 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2015-03-11 07:38 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2015-03-11 07:38 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2015-03-11 07:38 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2015-03-11 07:38 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2015-03-11 07:38 - 2015-01-30 04:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys

2015-03-11 07:38 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll

2015-03-11 07:38 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll

2015-03-11 07:38 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll

2015-03-11 07:38 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll

2015-03-11 07:38 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll

2015-03-11 07:38 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll

2015-03-11 07:38 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll

2015-03-11 07:38 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll

2015-03-11 07:38 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll

2015-03-11 07:38 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll

2015-03-11 07:38 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll

2015-03-11 07:38 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll

2015-03-11 07:38 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll

2015-03-11 07:38 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2015-03-11 07:38 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2015-03-11 07:38 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2015-03-11 07:38 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2015-03-11 07:38 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2015-03-11 07:38 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2015-03-11 07:38 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2015-03-11 07:38 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2015-03-11 07:38 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-03-11 07:38 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-03-11 07:38 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-03-11 07:38 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll

2015-03-11 07:38 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll

2015-03-11 07:38 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2015-03-11 07:38 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2015-03-11 07:37 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-03-11 07:37 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-03-11 07:37 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2015-03-11 07:37 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2015-03-11 07:37 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-03-11 07:37 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-03-11 07:37 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2015-03-11 07:37 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-03-11 07:37 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-03-11 07:37 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2015-03-11 07:37 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-03-11 07:37 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2015-03-11 07:37 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-03-11 07:37 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-03-11 07:37 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2015-03-11 07:37 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2015-03-11 07:37 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2015-03-11 07:37 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-03-11 07:37 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-03-11 07:37 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-03-11 07:37 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2015-03-11 07:37 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-03-11 07:37 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2015-03-11 07:37 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2015-03-11 07:37 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-03-11 07:37 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-03-11 07:37 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-03-11 07:37 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2015-03-11 07:37 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-03-11 07:37 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2015-03-11 07:37 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2015-03-11 07:37 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-03-11 07:37 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-03-11 07:37 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-03-11 07:37 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-03-11 07:37 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-03-11 07:37 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-03-11 07:37 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2015-03-11 07:37 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2015-03-11 07:37 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2015-03-11 07:37 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2015-03-11 07:37 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2015-03-11 07:37 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2015-03-11 07:37 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2015-03-11 07:37 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2015-03-11 07:37 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2015-03-11 07:37 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2015-03-11 07:37 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2015-03-11 07:37 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2015-03-11 07:37 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe

2015-03-11 07:02 - 2015-03-11 07:02 - 01142192 _____ () C:\WINDOWS\Minidump\031115-35765-01.dmp

2015-03-10 18:31 - 2015-03-10 18:32 - 00166935 _____ () C:\Users\******\Downloads\xape.rar

2015-03-08 19:31 - 2015-03-08 19:38 - 00000000 ____D () C:\Users\******\Desktop\Chips

2015-03-07 12:04 - 2015-03-07 21:17 - 00000000 ____D () C:\Users\******\AppData\Local\LogMeIn Hamachi

2015-03-07 12:02 - 2015-03-07 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2015-03-07 12:02 - 2015-03-07 12:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

2015-03-06 19:06 - 2015-03-23 18:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1481936226-3761452550-2346937436-1002

2015-03-06 18:55 - 2015-03-06 18:55 - 00000000 ___HD () C:\WINDOWS\AxInstSV

2015-03-06 16:00 - 2015-03-06 16:31 - 4225595392 _____ () C:\Users\******\Downloads\Windows10_TechnicalPreview_x64_DE-DE_9926 (1).iso

2015-03-05 20:04 - 2015-03-05 20:04 - 00001134 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

2015-03-05 20:04 - 2015-03-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

2015-03-05 20:04 - 2015-03-05 20:04 - 00000000 ____D () C:\Program Files\Oracle

2015-03-05 20:04 - 2015-03-02 15:20 - 00922168 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys

2015-03-05 20:04 - 2015-03-02 15:18 - 00128592 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys

2015-03-05 20:01 - 2015-03-05 20:01 - 01203488 _____ () C:\Users\******\Downloads\VirtualBox - CHIP-Installer.exe

2015-03-02 15:18 - 2015-03-02 15:18 - 00204264 _____ (Oracle Corporation) C:\WINDOWS\system32\VBoxNetFltNobj.dll

2015-03-02 15:18 - 2015-03-02 15:18 - 00156360 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetFlt.sys

2015-03-02 15:18 - 2015-03-02 15:18 - 00141440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp.sys

2015-03-01 19:12 - 2015-03-01 19:12 - 00063769 _____ () C:\Users\******\Desktop\Bigband Konzert.odt

2015-02-28 15:13 - 2015-02-28 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigel

2015-02-28 15:11 - 2015-02-28 15:11 - 01203488 _____ () C:\Users\******\Downloads\Visitenkarten in 2 Minuten - CHIP-Installer.exe

2015-02-28 08:56 - 2015-02-28 08:56 - 00001312 _____ () C:\Users\Public\Desktop\Leap Motion App Home.lnk

2015-02-28 08:56 - 2015-02-28 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leap Motion

2015-02-25 15:28 - 2013-09-30 16:26 - 00019152 ____N () C:\WINDOWS\system32\pwdrvio.sys

2015-02-25 15:28 - 2013-09-30 16:26 - 00012504 ____N () C:\WINDOWS\system32\pwdspio.sys

2015-02-25 15:14 - 2015-01-14 11:28 - 03066880 _____ () C:\WINDOWS\system32\pwNative.exe

2015-02-25 15:12 - 2015-02-25 15:14 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0

2015-02-25 15:12 - 2015-02-25 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0

2015-02-25 15:10 - 2015-02-25 15:10 - 01203488 _____ () C:\Users\******\Downloads\Partition Wizard Home Edition - CHIP-Installer.exe

2015-02-25 14:49 - 2015-02-25 15:08 - 00000000 ____D () C:\Backup

2015-02-25 06:58 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls

2015-02-25 06:58 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls

2015-02-24 18:00 - 2015-02-24 18:05 - 239433883 _____ () C:\Users\******\Downloads\cm12.0_golden.nova.20150214.ODIN_TWRP.zip

2015-02-24 17:32 - 2015-02-24 17:32 - 11029139 _____ () C:\Users\******\Downloads\CWM_6.0.4.5_Spec-Assert_fixed.zip

2015-02-23 16:48 - 2015-02-23 16:48 - 01192075 _____ () C:\Users\******\Desktop\UPDATE-SuperSU-v1.51.zip

2015-02-23 16:39 - 2010-08-27 05:32 - 00069120 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsx64.dll

2015-02-23 16:38 - 2015-02-23 16:38 - 00000000 ____D () C:\Program Files\SAMSUNG

2015-02-23 16:19 - 2015-02-23 16:20 - 01203488 _____ () C:\Users\******\Downloads\Odin3 - CHIP-Installer.exe

2015-02-23 16:15 - 2015-02-23 16:16 - 01203488 _____ () C:\Users\******\Downloads\I8190XXAMA1_I8190OXAAMA1_4.1.2_rooted_by_infected_V2 - CHIP-Installer.exe

2015-02-21 11:38 - 2015-02-21 11:38 - 00000000 ____D () C:\Users\******\Documents\BeamNG.drive

2015-02-21 11:37 - 2015-02-21 11:38 - 00000000 ____D () C:\Users\******\Desktop\BeamNG-Techdemo-v2

2015-02-21 11:35 - 2015-02-21 11:36 - 181003643 _____ () C:\Users\******\Downloads\BeamNG-Techdemo-v2.1.zip

2015-02-21 10:56 - 2015-02-23 16:14 - 00002248 _____ () C:\Users\******\Desktop\lückenbestücken.txt
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-23 22:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-03-23 21:58 - 2014-01-17 23:09 - 00000000 ____D () C:\Users\******

2015-03-23 21:57 - 2015-02-08 21:52 - 00001148 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002UA.job

2015-03-23 21:57 - 2015-02-08 21:52 - 00001096 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002Core.job

2015-03-23 21:50 - 2014-10-12 15:15 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-03-23 21:32 - 2013-12-29 09:07 - 00000000 ____D () C:\Users\******\AppData\Roaming\Skype

2015-03-23 21:23 - 2015-02-08 22:18 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-03-23 21:10 - 2014-09-13 18:10 - 00000308 _____ () C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job

2015-03-23 20:04 - 2014-01-17 23:05 - 01980046 _____ () C:\WINDOWS\WindowsUpdate.log

2015-03-23 18:06 - 2013-12-29 09:07 - 00000000 ___RD () C:\Program Files (x86)\Skype

2015-03-23 18:06 - 2013-12-29 09:07 - 00000000 ____D () C:\ProgramData\Skype

2015-03-23 18:02 - 2014-01-18 07:24 - 00000000 ___DO () C:\Users\******\SkyDrive

2015-03-23 17:56 - 2013-12-12 11:05 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery

2015-03-23 17:51 - 2014-03-06 20:28 - 00007650 _____ () C:\WINDOWS\system32\debug.log

2015-03-23 17:51 - 2013-11-14 08:27 - 00006882 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-03-23 17:51 - 2013-11-14 08:11 - 00897846 _____ () C:\WINDOWS\system32\perfh007.dat

2015-03-23 17:51 - 2013-11-14 08:11 - 00211324 _____ () C:\WINDOWS\system32\perfc007.dat

2015-03-23 17:48 - 2015-02-08 22:18 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-03-23 17:47 - 2014-05-01 14:02 - 00041459 _____ () C:\WINDOWS\setupact.log

2015-03-23 17:47 - 2014-01-17 23:05 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-03-23 17:47 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-03-23 14:00 - 2015-02-08 22:22 - 00000000 ____D () C:\ProgramData\panda_url_filtering

2015-03-22 19:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2015-03-22 14:07 - 2013-08-22 15:44 - 05363216 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-03-22 14:05 - 2014-04-29 20:40 - 00703610 _____ () C:\WINDOWS\PFRO.log

2015-03-22 14:04 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2015-03-22 10:27 - 2014-05-14 19:39 - 00134580 _____ () C:\WINDOWS\DirectX.log

2015-03-22 10:20 - 2013-12-25 19:29 - 00000000 ____D () C:\Users\******\Desktop\Spiele

2015-03-21 21:22 - 2014-09-13 20:22 - 00000330 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job

2015-03-21 20:20 - 2014-03-01 09:35 - 00000000 ____D () C:\ProgramData\Package Cache

2015-03-21 19:52 - 2014-03-18 15:09 - 00000000 ____D () C:\Users\Public\Documents\MAGIX

2015-03-21 19:51 - 2014-03-18 15:08 - 00000000 ____D () C:\ProgramData\MAGIX

2015-03-21 19:51 - 2014-03-17 19:39 - 00000000 ____D () C:\Users\******\AppData\Roaming\MAGIX

2015-03-21 19:50 - 2014-03-18 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX

2015-03-21 19:43 - 2014-03-18 15:08 - 00000000 ____D () C:\Program Files (x86)\MAGIX

2015-03-21 19:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help

2015-03-20 20:26 - 2014-03-18 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2015-03-20 20:26 - 2013-12-12 11:06 - 00000000 ____D () C:\Temp

2015-03-20 20:24 - 2014-01-17 23:05 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2015-03-20 20:12 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-03-20 20:03 - 2013-12-29 13:51 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-03-20 19:54 - 2014-02-20 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2015-03-20 19:46 - 2013-12-29 13:51 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-03-16 20:47 - 2014-02-20 17:21 - 00000000 ____D () C:\Users\******\Documents\Schule

2015-03-13 17:16 - 2015-01-23 16:27 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2015-03-13 17:16 - 2014-03-18 20:10 - 01099408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 06861968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 03526856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 00935056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2015-03-13 17:16 - 2014-01-17 23:05 - 00386248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 00075976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2015-03-11 14:10 - 2014-01-17 23:05 - 04246327 _____ () C:\WINDOWS\system32\nvcoproc.bin

2015-03-11 07:25 - 2015-01-31 22:57 - 00000000 ____D () C:\Users\******\Desktop\Musik Handy

2015-03-11 07:05 - 2014-04-03 19:49 - 00000000 ____D () C:\Users\******\AppData\Roaming\Spotify

2015-03-11 07:02 - 2014-02-06 23:08 - 00000000 ____D () C:\WINDOWS\Minidump

2015-03-11 07:01 - 2014-04-09 13:20 - 545536433 _____ () C:\WINDOWS\MEMORY.DMP

2015-03-08 19:44 - 2014-03-16 19:45 - 00000000 ____D () C:\Users\******\AppData\Roaming\Audacity

2015-03-08 19:44 - 2013-12-31 15:22 - 00000000 ____D () C:\Users\******\AppData\Roaming\vlc

2015-03-07 12:19 - 2014-02-14 18:08 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2015-03-07 12:15 - 2014-02-14 17:59 - 00000000 ____D () C:\Program Files (x86)\Steam

2015-03-07 11:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2015-03-07 10:47 - 2014-02-12 15:26 - 00000000 ____D () C:\Users\******\AppData\Local\Airspace

2015-03-07 10:35 - 2014-07-04 21:41 - 00000000 ____D () C:\Users\******\.VirtualBox

2015-03-06 18:30 - 2015-02-09 22:01 - 00000424 ____H () C:\WINDOWS\Tasks\{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C}.job

2015-03-06 18:10 - 2014-07-04 21:41 - 00000000 ____D () C:\Users\******\VirtualBox VMs

2015-03-06 16:23 - 2014-04-03 19:51 - 00000000 ____D () C:\Users\******\AppData\Local\Spotify

2015-03-04 21:22 - 2014-09-13 20:22 - 00000314 _____ () C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job

2015-02-28 10:01 - 2013-06-26 23:19 - 00000000 ____D () C:\dell

2015-02-28 08:56 - 2014-04-29 20:42 - 00108968 _____ () C:\WINDOWS\DPINST.LOG

2015-02-28 08:56 - 2014-02-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Leap Motion

2015-02-25 18:29 - 2014-05-29 14:20 - 00000000 ____D () C:\ProgramData\Origin

2015-02-25 15:12 - 2014-05-29 14:20 - 00000000 ____D () C:\Program Files (x86)\Origin

2015-02-24 17:31 - 2014-02-20 22:45 - 00000382 _____ () C:\Users\******\Desktop\MASSE STICK (D) - Verknüpfung.lnk

2015-02-23 16:39 - 2014-08-16 10:54 - 00000000 ____D () C:\Program Files (x86)\Samsung
 

==================== Files in the root of some directories =======
 

2014-05-16 17:14 - 2014-05-16 17:14 - 0000132 _____ () C:\Users\******\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen

2014-07-04 21:27 - 2014-07-04 22:43 - 1177208 _____ () C:\Users\******\AppData\Roaming\AndyCleanupTool.exe

2014-07-04 21:27 - 2014-07-04 22:43 - 1176696 _____ () C:\Users\******\AppData\Roaming\AndyCleanVM.exe

2014-09-13 18:19 - 2014-09-13 18:19 - 0000000 _____ () C:\Users\******\AppData\Roaming\gdfw.log

2014-09-13 18:19 - 2014-09-13 18:19 - 0000779 _____ () C:\Users\******\AppData\Roaming\gdscan.log

2014-01-07 20:56 - 2014-01-07 20:56 - 0000095 _____ () C:\Users\******\AppData\Local\fusioncache.dat

2014-05-04 12:47 - 2014-05-04 12:47 - 0001546 _____ () C:\Users\******\AppData\Local\RecConfig.xml

2014-09-02 15:37 - 2014-09-02 15:37 - 0000896 _____ () C:\Users\******\AppData\Local\recently-used.xbel

2014-04-06 06:20 - 2014-10-17 21:55 - 0007599 _____ () C:\Users\******\AppData\Local\resmon.resmoncfg

2013-12-12 11:05 - 2013-12-12 11:05 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log

2013-12-12 11:01 - 2013-12-12 11:02 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log

2013-12-12 11:03 - 2013-12-12 11:04 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log

2013-12-12 11:01 - 2013-12-12 11:01 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

2013-12-12 11:04 - 2013-12-12 11:05 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
 

Files to move or delete:

====================

C:\Windows\Tasks\{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C}.job
 
 

Some content of TEMP:

====================

C:\Users\******\AppData\Local\Temp\avgnt.exe

C:\Users\******\AppData\Local\Temp\Creative Cloud Helper.exe

C:\Users\******\AppData\Local\Temp\CreativeCloudSet-Up.exe

C:\Users\******\AppData\Local\Temp\dateinj01.dll

C:\Users\******\AppData\Local\Temp\drm_dialogs.dll

C:\Users\******\AppData\Local\Temp\drm_dyndata_7400008.dll

C:\Users\******\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\******\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\******\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\******\AppData\Local\Temp\mgxoschk.dll

C:\Users\******\AppData\Local\Temp\MgxVistaTools.dll

C:\Users\******\AppData\Local\Temp\npp.6.7.4.Installer.exe

C:\Users\******\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\******\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\******\AppData\Local\Temp\nvSCPAPISvr.exe

C:\Users\******\AppData\Local\Temp\nvStInst.exe

C:\Users\******\AppData\Local\Temp\sdanircmdc.exe

C:\Users\******\AppData\Local\Temp\sdapskill.exe

C:\Users\******\AppData\Local\Temp\sdaspwn.exe

C:\Users\******\AppData\Local\Temp\SkypeSetup.exe

C:\Users\******\AppData\Local\Temp\tmd_34015596.exe

C:\Users\******\AppData\Local\Temp\unwise.exe

C:\Users\******\AppData\Local\Temp\vlc-2.1.5-win32.exe

C:\Users\******\AppData\Local\Temp\xmlUpdater.exe

C:\Users\******\AppData\Local\Temp\_is3400.exe

C:\Users\******\AppData\Local\Temp\{98FE302D-7ADF-468E-BD7F-C22045491D76}.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-30 14:19
 

==================== End Of Log ============================

...und die dazugehörige Addition ... dann im nächsten Beitrag...

~~~Fortsetzung~~~
Hier also die Additional von FRST:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015

Ran by ****** at 2015-03-23 22:03:50

Running from C:\Users\******\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Panda Free Antivirus (Enabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Panda Antivirus Pro 2015 (Enabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}

FW: Panda Firewall (Enabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )

Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{E407C8D7-09C6-4056-BFAD-68C5FD8340F0}) (Version: 1.3 - Eyeo GmbH)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)

Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)

Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Airport Simulator 2013 Demo Version 1.0 (HKLM-x32\...\{67F30877-CBBB-425C-9511-93181EFB8F08}_is1) (Version: 1.0 - rondomedia)

Andy 0.22 (HKLM\...\{8ACC085C-9691-470F-8552-7ACB64985DAA}_is1) (Version: 0.22 - GreatFruit)

ANDY OS (HKLM\...\ANDY OS) (Version: 1.1 - andyroid.net)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)

AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)

AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)

AzureTools.Notifications.VwdExpress (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden

Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.4.505 - Bandisoft.com)

Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)

Banished 1.0 (HKLM-x32\...\Banished 1.0) (Version: 1.0 - Cat-A-Cat)

Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden

Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden

Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)

Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden

Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden

Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden

Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation)

BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.11.3116 - BlueStack Systems, Inc.)

BlueStacks Notification Center (HKLM-x32\...\{80194F84-21CE-44CF-A46E-38D8CE448856}) (Version: 0.8.11.3116 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden

Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden

Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Bus-Simulator 2008 Demo (HKLM-x32\...\Bus-Simulator 2008 Demo_is1) (Version:  - astragon Software GmbH)

Casio SMF Conveter (HKLM-x32\...\InstallShield_{4AF6FE63-53AB-4D03-A4D0-8D42AC0A7856}) (Version: 1.00.0000 - Your Company Name)

Casio SMF Conveter (x32 Version: 1.00.0000 - Your Company Name) Hidden

Citybus Simulator Munich Demo (HKLM-x32\...\{B5778FF8-CCE7-4C57-A8CE-C87D3E42D748}) (Version: 1.23 - aerosoft)

Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )

Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Content Transfer (HKLM-x32\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.3.0.23190 - Sony Corporation)

CorsixTH 0.40 (HKLM-x32\...\CorsixTH) (Version: 0.40 - CorsixTH Team)

Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)

CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)

Dell Data Vault (Version: 4.1.9.0 - Dell Inc.) Hidden

Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)

Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)

Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.1.56462 - Dell)

Dell System Detect - 1  (HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\73f463568823ebbe) (Version: 5.13.0.1 - Dell)

Dell System Detect (HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\9204f5692a8faf3b) (Version: 5.4.0.4 - Dell)

Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 10.0 - Dell)

Deponia - The Complete Journey (HKLM-x32\...\Deponia The Complete Journey) (Version: 3.0 - Daedalic Entertainment)

Deponia – The Puzzle (HKLM-x32\...\Deponia – The Puzzle_is1) (Version: 1.0 - Daedalic Entertainment)

Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.0.0 - devolo AG)

DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM-x32\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte)

Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)

Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)

Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.4.83.1010 - Electronic Arts Inc.)

Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)

Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com)

Dojotech Spotify Recorder (HKLM-x32\...\{461179FC-E2AC-4CC8-AA95-82D35FB3E7EA}) (Version: 3.3 - Dojotech Software)

Edna & Harvey: Harvey's New Eyes Demo (HKLM-x32\...\Steam App 221660) (Version:  - Daedalic Entertainment)

Edna bricht aus Demo (HKLM-x32\...\{2F5B0382-8269-4A86-9568-05542CA0CC39}_is1) (Version:  - )

EINSATZWAGEN 20/20. Der Polizei-Simulator (HKLM-x32\...\EINSATZWAGEN 20/20. Der Polizei-Simulator_is1) (Version:  - )

Entity Framework 6.1.0 Tools  for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation)

Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)

Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.8.2.5 - SCS Software)

FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.47 - FileZilla Project)

Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )

Free M4a to MP3 Converter 8.1 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)

Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)

Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.3.6.716 - DVDVideoSoft Ltd.)

Free YouTube Download version 3.2.41.623 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.41.623 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.12.39.604 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.39.604 - DVDVideoSoft Ltd.)

ftp-uploader (HKLM-x32\...\ftp-uploader) (Version: 3.3.0.0 - Firma Gregor Schommer Systemberatung, Raderthaler Str. 31, D-50968 Köln)

Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

GDR 5520 für SQL Server 2008 (KB 2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)

GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)

Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)

Google Cloud Print-Drucker (HKLM-x32\...\{74AA24E0-AC50-4B28-BA46-9CF05467C9B7}) (Version: 28.0.1489.0 - Google Inc.)

Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

Grand Theft Flying Object (HKLM-x32\...\{34ACB5D6-D955-4E43-931C-7EB46B70F4E9}}_is1) (Version:  - DigiPen Institute of Technology)

Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - Crackshell)

HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )

Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)

HTML Studio (HKLM-x32\...\HTML Studio_is1) (Version:  - Michael Elsdörfer)

IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)

IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )

IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)

Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)

Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)

Karmaflow: The Rock Opera Videogame (HKLM-x32\...\Steam App 317940) (Version:  - Basecamp Games)

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

Landmark Beta (HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\SOE-Landmark Beta) (Version: 1.0.3.183 - Sony Online Entertainment)

Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.1 (x32 Version: 1.1.20410.1601 - Microsoft Corporation) Hidden

Leap Motion Software (HKLM-x32\...\Leap Services) (Version: 2.2.3.25971 - Leap Motion)

LEGO® Star Wars™: Die Komplette Saga (HKLM-x32\...\InstallShield_{D596980D-17BE-4425-B8F0-5640719AADE9}) (Version: 1.00.0000 - LucasArts)

LEGO® Star Wars™: The Complete Saga (x32 Version: 1.00.0000 - LucasArts) Hidden

LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden

LocalESPCui for de-de (x32 Version: 8.59.29989 - Microsoft) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden

Loksim3D (HKLM\...\Loksim3D_is1) (Version: 2.9.1 - Loksim3D)

MAGIX 3D Maker (embeded) (HKLM-x32\...\MAGIX 3D Maker D) (Version: 6.0.0.8 - MAGIX AG)

MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)

MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{A1566920-701E-4DEC-B15F-CD3679E0D2E0}) (Version: 4.3.2.0 - MAGIX Software GmbH)

MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden

MAGIX Goya burnR 1.3.1.3 (D) (HKLM-x32\...\MAGIX Goya burnR D) (Version: 1.3.1.3 - MAGIX AG)

MAGIX Music Maker 2015 (HKLM-x32\...\MX.{78E174AA-8527-48DF-97B5-E9038B4163DF}) (Version: 21.0.0.28 - MAGIX Software GmbH)

MAGIX Music Maker 2015 (Version: 21.0.0.28 - MAGIX Software GmbH) Hidden

MAGIX Music Maker 2015 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden

MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)

MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{16884C3D-3512-486D-A2F9-39071551BFEF}) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden

MAGIX Video deluxe 2014 (HKLM-x32\...\MX.{EA62B22F-AB0A-406B-80A9-8036D3CE3446}) (Version: 13.0.2.8 - MAGIX AG)

MAGIX Video deluxe 2014 (Version: 13.0.2.8 - MAGIX AG) Hidden

MAGIX Video deluxe 2014 Update (Version: 13.0.5.4 - MAGIX AG) Hidden

MAGIX Video Pro X - Academic Suite 8.0.5.12 (D) (HKLM-x32\...\MAGIX Video Pro X - Academic Suite D) (Version: 8.0.5.12 - MAGIX AG)

MAGIX Xtreme Foto Designer 6 6.0.27.0 (D) (HKLM-x32\...\MAGIX Xtreme Foto Designer 6 D) (Version: 6.0.27.0 - MAGIX AG)

Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)

Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)

Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)

Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)

Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)

Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)

Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)

Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{393CA5BF-0362-42FD-ABC2-BA9D22EF925E}) (Version: 10.3.5520.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)

Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)

Microsoft SQL Server Native Client (HKLM\...\{519918B9-24E9-4227-B927-9DD4F0FDBD0E}) (Version: 9.00.3042.00 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)

Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version:  - Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)

Microsoft Visual Studio Express 2013 für das Web - DEU (HKLM-x32\...\{c1430962-1638-4b8e-af71-36b5d16b9575}) (Version: 12.0.21005.13 - Microsoft Corporation)

Microsoft Visual Studio Express 2013 für Windows - DEU (HKLM-x32\...\{3c9117be-a5d9-4785-b194-f7a0ff657ed4}) (Version: 12.0.30501 - Microsoft Corporation)

Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (HKLM-x32\...\{31e4d2a5-b246-4c2d-a7fb-aee157c26b02}) (Version: 12.0.21005.13 - Microsoft Corporation)

Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{3ea69e8e-ae6e-445b-bc1d-809ecb789ec4}) (Version: 12.0.21005.13 - Microsoft Corporation)

Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)

Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version:  - )

Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)

Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)

Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)

MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)

Module Microsoft Report Viewer pour Visual Studio*2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)

MSDN Library for Microsoft Visual Studio 2008 Express Editions (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden

MSDN Library für Microsoft Visual Studio 2008 Express Editions (HKLM-x32\...\MSDN Library for Microsoft Visual Studio 2008 Express Editions) (Version:  - Microsoft Corporation)

MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MyFreeCodec (HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\MyFreeCodec) (Version:  - )

Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)

Node.js (HKLM\...\{1BA2E8E7-7C3E-4D6C-9A8A-569A7918761A}) (Version: 0.10.29 - Joyent, Inc. and other Node contributors)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)

NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)

NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)

NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)

Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden

Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden

Open Rails Version pre-v1.0 (HKLM-x32\...\{94E15E08-869D-4B69-B8D7-8C82075CB51C} ; Generat~67F3DAC8_is1) (Version: pre-v1.0 - Open Rails)

Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)

Oracle VM VirtualBox 4.3.24 (HKLM\...\{15E093DF-951E-46CB-B3EC-E1287E7A2319}) (Version: 4.3.24 - Oracle Corporation)

Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)

Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)

Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden

Panda Antivirus Pro 2015 (Version: 7.23.00.0000 - Panda Security) Hidden

Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)

Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden

Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.04.0002 - Panda Security)

Panda Security Toolbar (HKLM-x32\...\pandasecuritytb) (Version: 4.2.1.7 - Panda Security and Visicom Media Inc.)

Panda Security URL Filtering (HKLM-x32\...\Panda Security URL Filtering) (Version: 2.0.2.0 - Panda Security)

Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)

Python 3.2 (HKLM-x32\...\{B2042D5E-986D-44EC-AEE3-AFE4108CCC93}) (Version: 3.2.150 - Python Software Foundation)

Python 3.3.3 (HKLM-x32\...\{39B6EB84-331C-3657-AD2E-837537DDF04F}) (Version: 3.3.3150 - Python Software Foundation)

Qt Creator (HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Qt Creator) (Version: 3.1.2 - Qt Project)

Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)

Remote Control Server (HKLM-x32\...\{755C6515-9FEA-490C-B15E-22BB6519E57E}) (Version: 3.0.1.50 - Steppschuh)

Remote Mouse version 2.56 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.56 - Remote Mouse)

Rettungswagen Simulator 2014 Demo (HKLM-x32\...\Rettungswagen Simulator 2014 Demo) (Version: 1.0 - Z-Software GmbH)

River-Simulator 2012 - Demo version 1.22 (HKLM-x32\...\{CECF7F36-36E7-4E52-982B-DBE0982B6A74}_is1) (Version: 1.22 - weltenbauer. Software Entwicklung GmbH)

RssReader (HKLM-x32\...\{D88857C8-B36B-42CE-AC26-9FFFEEDB181A}) (Version: 1.0.88 - Ykoon)

Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)

Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.6.2.14014_6 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1500.0 - SAMSUNG Electronics Co., Ltd.)

Schwebebahn-Simulator 2013 Demo (HKLM-x32\...\{983E191D-6DE0-4E12-811B-61E4A514A665}_is1) (Version:  - rondomedia Marketing & Vertriebs GmbH)

Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden

SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden

SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)

SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.0.0.0 - Electronic Arts)

SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)

simfy (HKLM-x32\...\Simfy) (Version: 1.7.5 - simfy AG)

simfy (x32 Version: 1.7.5 - simfy AG) Hidden

Skiller Pro Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - )

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)

Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)

Spotify (HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)

spotimote (HKLM-x32\...\spotimote) (Version:  - )

Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden

Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

Stellarium 0.12.4 (HKLM\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)

Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )

System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)

Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)

Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)

The Plan (HKLM-x32\...\Steam App 250600) (Version:  - Krillbite Studio)

TopStyle 5 (HKLM-x32\...\TopStyle5_is1) (Version: 5.0 - topstyle4.com)

Touchless For Windows (HKLM-x32\...\Touchless) (Version: 9111.0.0 - Leap Motion)

TweetDeck (HKLM-x32\...\{C4ADB67B-C908-4D94-B85E-585D2F3F9118}) (Version: 3.3.7 - Twitter)

TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden

TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden

Unified Remote (HKLM-x32\...\{D7930C67-5816-417B-BF28-54BB75EFDAF9}) (Version: 2.14.4.0 - Unified Remote)

Unity Web Player (HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.3042.00 - Microsoft Corporation)

Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)

VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden

Warsow 1.02 (HKLM-x32\...\{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1) (Version: 1.02 - Chasseur de bots)

Waterfox 34.0.1 (x64 en-US) (HKLM\...\Waterfox 34.0.1 (x64 en-US)) (Version: 34.0.1 - Mozilla)

WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)

Windows Driver Package - CASIO (CCUSBMIDI) MEDIA  (02/24/2012 1.00.00.0004) (HKLM\...\74347E8ACBB0CD4B3A12C89F2E2FAA6CEFBE40CA) (Version: 02/24/2012 1.00.00.0004 - CASIO)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{940596e5-652a-4970-8a5a-492e73ed0fbb}) (Version: 12.0.30501.0 - Microsoft Corporation)

Windows Utils (HKLM-x32\...\Windows Utils) (Version:  - )

WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

Wondershare Video Converter Ultimate(Build 7.3.1.1) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 7.3.1.1 - Wondershare Software)

XBMC (HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\XBMC) (Version:  - Team XBMC)

YTD Video Downloader 4.8.7 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.7 - GreenTree Applications SRL) <==== ATTENTION

Zello 1.43.0.0 (HKLM-x32\...\Zello) (Version: 1.43.0.0 - Zello Inc)

Zoo Tycoon 2 - Zoodirektor-Sammlung (HKLM-x32\...\InstallShield_{238DCFCD-70B3-46B2-B90B-2CDCC69A3D03}) (Version: 1.00.0000 - Microsoft Game Studios)

Zoo Tycoon 2 - Zoodirektor-Sammlung (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden

�?ад�?тройка Microsoft Report Viewer дл�? Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden

用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
 

==================== Custom CLSID (selected items): ==========================
 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\******\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{67F2A879-82D5-4A6D-8CC5-FFB3C114B69D}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\so_activex_x64.dll ()

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\******\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\******\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\******\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 

==================== Restore Points  =========================
 

05-03-2015 20:03:53 Installed Oracle VM VirtualBox 4.3.24

07-03-2015 11:39:36 Removed LogMeIn Hamachi

20-03-2015 19:29:15 Windows Modules Installer

21-03-2015 20:18:49 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

21-03-2015 20:19:50 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
 

==================== Hosts content: ==========================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 

Task: {10A458D8-7E24-4C86-895A-39CDCF2B5549} - \fsupdate No Task File <==== ATTENTION

Task: {14099271-CE60-4264-8AE5-3BA4E64ACA06} - \PrivacyDR_Popup No Task File <==== ATTENTION

Task: {21495103-B53D-41A7-84BD-3988BF564556} - \PrivacyDR_Start No Task File <==== ATTENTION

Task: {2ECBA8F8-73C8-4EAE-B9F2-664C227473A1} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-02-19] (Microsoft)

Task: {3C0D7C83-BC4D-4694-916B-CA26891AC669} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)

Task: {44447B85-02CE-4BBD-B5B7-F91856E19589} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)

Task: {453F2BC7-CF45-4956-A12E-93F8C26DFA4B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)

Task: {5703D37F-674D-42E0-AB49-208219AA3416} - \User_Feed_Synchronization-{6A2331D9-777A-4E3D-A95D-18FB72897615} No Task File <==== ATTENTION

Task: {731DBF05-C17B-4A60-A7B9-86F22C293296} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated)

Task: {74EC9B1B-1013-4EFA-B192-332DDEA21712} - \PCDEventLauncherTask No Task File <==== ATTENTION

Task: {7C5AB125-DB4B-41BE-848A-ACE4CA2B91AF} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)

Task: {7D006103-8329-449A-A923-108D7416CE5B} - \AmiUpdXp No Task File <==== ATTENTION

Task: {847EC8F0-4B08-4C86-B2C3-D0A0DF0C0D5E} - \GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002UA No Task File <==== ATTENTION

Task: {88729143-D39A-40A0-A969-4285B6C058A8} - \{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C} No Task File <==== ATTENTION

Task: {971AB198-12A5-442A-9397-149502C123EC} - \{EC70D4AA-B0EA-4C71-8DE2-7E6B78E515CC} No Task File <==== ATTENTION

Task: {99C5213D-8DAD-4496-9695-F9D5FCE89859} - \GoforFilesUpdate No Task File <==== ATTENTION

Task: {9D9B16F6-D157-417A-897A-4C3962676AFC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-20] (Microsoft Corporation)

Task: {9EA9C305-2878-4C3F-A0B5-5E33C9784E89} - \GoogleUpdateTaskMachineUA No Task File <==== ATTENTION

Task: {A41949C7-4B34-4041-A749-54968180D253} - \GoogleUpdateTaskMachineCore No Task File <==== ATTENTION

Task: {AEB16554-4CD0-448E-8389-8ABD3C4F480E} - \SystemToolsDailyTest No Task File <==== ATTENTION

Task: {B05D6C53-AE0F-4124-B974-687519D770A9} - \Re-markit Update No Task File <==== ATTENTION

Task: {B1F3D71D-E35B-43E5-BCD0-8E7A8C470048} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)

Task: {B64A3BF7-8134-4983-9EBB-3105AF7DC899} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION

Task: {B6756879-5A2C-4A36-B8B6-5E1E02D45A38} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2014-06-10] (Dll-FIles.Com)

Task: {C34E52FB-03F6-42EC-9103-758355BB2B58} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)

Task: {CD98BC50-5C90-403C-8EF1-204E36FE057C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)

Task: {D4825EB2-5E07-4F95-B031-4C94D49CB38D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)

Task: {D7A56AF5-7866-4ACC-8231-ED740B09F4F7} - \{F74C1D05-6BF3-4018-9FAD-C2BDA9C912E0} No Task File <==== ATTENTION

Task: {D7B34865-B49E-4E2E-A836-685B678CB8D7} - \SomotoUpdateCheckerAutoStart No Task File <==== ATTENTION

Task: {DF398351-01C4-4C35-969C-DD128298E1E5} - \GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002Core No Task File <==== ATTENTION

Task: {EDFAE902-D5AA-4545-929C-20CB03B1DD25} - \{B94C0966-AA9C-467A-A4BC-A2F2BB51D858} No Task File <==== ATTENTION

Task: {F24E74A8-E95A-4BDD-9A4F-CD92543E94E1} - \Optimize Start Menu Cache Files-S-1-5-21-1481936226-3761452550-2346937436-500 No Task File <==== ATTENTION

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\Dell SupportAssistAgent AutoUpdate.job => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe

Task: C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe

Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe

Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002Core.job => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002UA.job => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C}.job => C:\Program Files (x86)\Panda Security\Panda Security Protection\JobLauncher.exe
 

==================== Loaded Modules (whitelisted) ==============
 

2014-01-17 23:05 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2015-03-20 19:46 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll

2014-09-26 13:41 - 2014-09-26 13:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2014-09-11 18:44 - 2013-08-23 12:36 - 00721263 _____ () C:\WINDOWS\SysWOW64\WSCM64.dll

2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll

2015-01-04 10:59 - 2014-02-26 14:45 - 00475136 _____ () C:\Program Files (x86)\Skiller Pro\Monitor.EXE

2014-09-18 20:37 - 2014-07-03 04:55 - 00487144 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe

2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll

2015-03-21 15:20 - 2015-03-14 11:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libglesv2.dll

2015-03-21 15:20 - 2015-03-14 11:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\libegl.dll

2015-01-04 10:59 - 2014-09-03 15:58 - 00057344 _____ () C:\Program Files (x86)\Skiller Pro\lan.dll

2015-01-04 10:59 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller Pro\hiddriver.dll

2015-03-21 15:20 - 2015-03-14 11:12 - 09278792 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.101\pdf.dll

2013-12-12 11:02 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

2012-06-08 20:34 - 2012-06-08 20:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll

2012-02-22 16:46 - 2012-02-22 16:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll

2012-01-05 22:40 - 2012-01-05 22:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll

2013-12-12 10:55 - 2012-07-18 20:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

2014-09-18 20:37 - 2014-07-31 00:37 - 01906464 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll

2013-12-12 11:06 - 2012-11-26 08:19 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll

2014-09-18 20:37 - 2012-11-26 06:19 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 

AlternateDataStreams: C:\Users\Administrator\SkyDrive:ms-properties

AlternateDataStreams: C:\Users\******\SkyDrive:ms-properties
 

==================== Safe Mode (whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
 

==================== EXE Association (whitelisted) ===============
 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\******\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg

DNS Servers: 192.168.178.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run: => "Andy"

HKLM\...\StartupApproved\Run32: => "mcpltui_exe"

HKLM\...\StartupApproved\Run32: => "IMSS"

HKLM\...\StartupApproved\Run32: => "RemoteControl10"

HKLM\...\StartupApproved\Run32: => "BingDesktop"

HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"

HKLM\...\StartupApproved\Run32: => "ContentTransferWMDetector.exe"

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"

HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"

HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\StartupFolder: => "Identitaetsabfrage.bat"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\StartupFolder: => "Rainmeter.lnk"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\StartupFolder: => "MAGIX Video deluxe 2014.lnk"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "Speech Recognition"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "Advanced SystemCare 7"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "RssReader"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "Leap Control Panel"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "Spotify Web Helper"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "Clownfish"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "Google Update"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "KiesPreload"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "KiesAirMessage"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "Remote Mouse"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "spotimote"

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\StartupApproved\Run: => "Unified Remote v2"
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-1481936226-3761452550-2346937436-500 - Administrator - Enabled) => C:\Users\Administrator

ASPNET (S-1-5-21-1481936226-3761452550-2346937436-1011 - Limited - Enabled)

Gast (S-1-5-21-1481936226-3761452550-2346937436-501 - Limited - Enabled) => C:\Users\Gast

HomeGroupUser$ (S-1-5-21-1481936226-3761452550-2346937436-1014 - Limited - Enabled)

****** (S-1-5-21-1481936226-3761452550-2346937436-1002 - Administrator - Enabled) => C:\Users\******
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (03/23/2015 10:02:23 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: 19120CensoredUser.HyperforYouTube_c0tqyanwsgfn65
 

Error: (03/23/2015 10:02:23 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: 19804SaschaElsner.LetsPlay_qw44hm8tnqbgj5
 

Error: (03/23/2015 10:02:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: ERUNT.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19

Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c846bb

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0006db7c

ID des fehlerhaften Prozesses: 0x227c

Startzeit der fehlerhaften Anwendung: 0xERUNT.exe0

Pfad der fehlerhaften Anwendung: ERUNT.exe1

Pfad des fehlerhaften Moduls: ERUNT.exe2

Berichtskennung: ERUNT.exe3

Vollständiger Name des fehlerhaften Pakets: ERUNT.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ERUNT.exe5
 

Error: (03/23/2015 09:58:03 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: ERUNT.exe, Version: 0.0.0.0, Zeitstempel: 0x2a425e19

Name des fehlerhaften Moduls: user32.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54503d20

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000c76a

ID des fehlerhaften Prozesses: 0x2694

Startzeit der fehlerhaften Anwendung: 0xERUNT.exe0

Pfad der fehlerhaften Anwendung: ERUNT.exe1

Pfad des fehlerhaften Moduls: ERUNT.exe2

Berichtskennung: ERUNT.exe3

Vollständiger Name des fehlerhaften Pakets: ERUNT.exe4

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ERUNT.exe5
 

Error: (03/23/2015 09:51:20 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: 19120CensoredUser.HyperforYouTube_c0tqyanwsgfn65
 

Error: (03/23/2015 09:51:19 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: 19804SaschaElsner.LetsPlay_qw44hm8tnqbgj5
 

Error: (03/23/2015 09:49:14 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5
 

Error: (03/23/2015 09:49:14 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5
 

Error: (03/23/2015 09:49:14 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5
 

Error: (03/23/2015 09:48:56 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5
 
 

System errors:

=============

Error: (03/23/2015 05:48:14 PM) (Source: NetBT) (EventID: 4307) (User: )

Description: Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.
 

Error: (03/23/2015 05:48:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )

Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 

%%1064
 

Error: (03/23/2015 05:47:56 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 

%%5
 

Error: (03/23/2015 05:47:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (03/23/2015 05:47:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Cyberlink RichVideo Service(CRVS) erreicht.
 

Error: (03/23/2015 05:47:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "McAfee OOBE Service2" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (03/23/2015 05:47:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bing Desktop Update service erreicht.
 

Error: (03/23/2015 05:47:26 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎23.‎03.‎2015 um 17:35:23 unerwartet heruntergefahren.
 

Error: (03/22/2015 02:07:46 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 

%%5
 

Error: (03/22/2015 02:07:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Cyberlink RichVideo Service(CRVS)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 
 

Microsoft Office Sessions:

=========================

Error: (03/23/2015 10:02:23 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: 19120CensoredUser.HyperforYouTube_c0tqyanwsgfn65
 

Error: (03/23/2015 10:02:23 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: 19804SaschaElsner.LetsPlay_qw44hm8tnqbgj5
 

Error: (03/23/2015 10:02:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ERUNT.exe0.0.0.02a425e19ntdll.dll6.3.9600.1766854c846bbc00000050006db7c227c01d065aca68f3a9dC:\WINDOWS\ERUNT.exeC:\WINDOWS\SYSTEM32\ntdll.dlle464216d-d19f-11e4-bee7-c81f661ceeb2
 

Error: (03/23/2015 09:58:03 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ERUNT.exe0.0.0.02a425e19user32.dll6.3.9600.1741554503d20c00000050000c76a269401d065ac0cebd794C:\WINDOWS\ERUNT.exeC:\WINDOWS\SYSTEM32\user32.dll4bbee398-d19f-11e4-bee7-c81f661ceeb2
 

Error: (03/23/2015 09:51:20 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: 19120CensoredUser.HyperforYouTube_c0tqyanwsgfn65
 

Error: (03/23/2015 09:51:19 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: 19804SaschaElsner.LetsPlay_qw44hm8tnqbgj5
 

Error: (03/23/2015 09:49:14 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5
 

Error: (03/23/2015 09:49:14 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5
 

Error: (03/23/2015 09:49:14 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5
 

Error: (03/23/2015 09:48:56 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ******S-PC)

Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe5
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-09-06 17:52:24.780

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-09-06 17:52:24.686

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-09-06 17:52:24.623

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-09-06 17:52:24.483

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-09-06 17:52:24.405

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-09-06 17:52:24.311

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-09-06 17:52:24.202

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-09-06 17:52:24.139

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-09-06 17:52:24.045

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2014-09-06 17:52:23.967

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 

==================== Memory info =========================== 
 

Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz

Percentage of memory in use: 62%

Total physical RAM: 3967.5 MB

Available physical RAM: 1495.41 MB

Total Pagefile: 7935.5 MB

Available Pagefile: 4173.46 MB

Total Virtual: 131072 MB

Available Virtual: 131071.83 MB
 

==================== Drives ================================
 

Drive c: (OS) (Fixed) (Total:914.94 GB) (Free:487.75 GB) NTFS

Drive x: () (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS

Drive y: (PBR Image) (Fixed) (Total:13.57 GB) (Free:0.69 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 6C61C271)
 

Partition: GPT Partition Type.
 

==================== End Of Log ============================

-----
Und die GMER.txt, da bekam ich aber leider immer die Fehlermeldung

Code:

C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Succesfull war es trotzdem also hier die GMER.txt:

Code:

GMER 2.1.19357 - hxxp://www.gmer.net

Rootkit scan 2015-03-23 22:13:38

Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\00000035 ST1000DM003-1CH162 rev.CC47 931,51GB

Running: k501derz.exe; Driver: C:\Users\******\AppData\Local\Temp\pgtdifoc.sys
 
 

---- Threads - GMER 2.1 ----
 

Thread  C:\WINDOWS\system32\csrss.exe [596:6692]  fffff9600099b2d0
 

---- Disk sectors - GMER 2.1 ----
 

Disk    \Device\Harddisk0\DR0                     unknown MBR code
 

---- EOF - GMER 2.1 ----

-----
Und noch der Panda-Security-Log

Code:

Ereignisse                                                      Datum/Zeit                Status                    Weitere Details

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Scan                                                            23.03.2015 22:17          Gestartet                 Durchsuche: Kritische Bereiche

Scan                                                            23.03.2015 22:00          Abgebrochen               Kompletter Scan (Gesamten Arbeitsplatz)

Cookie erkannt Cookie/Adtech                                    23.03.2015 20:41          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies[.adtech.de/]

Cookie erkannt Cookie/Adtech                                    23.03.2015 18:32          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies[.adtech.de/]

Synchronisierung                                                23.03.2015 18:09          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Scan                                                            23.03.2015 18:06          Gestartet                 Kompletter Scan (Gesamten Arbeitsplatz)

Scan                                                            23.03.2015 18:06          Abgebrochen               Durchsuche: Kritische Bereiche

Scan                                                            23.03.2015 18:05          Gestartet                 Durchsuche: Kritische Bereiche

Computer geimpft                                                23.03.2015 18:01          Geimpft

Synchronisierung                                                20.03.2015 19:38          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Element entsperrt                                               19.03.2015 22:05                                    Speicherort: C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srpts.exe.vir

Element entsperrt                                               19.03.2015 22:05                                    Speicherort: C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe.vir

Element entsperrt                                               19.03.2015 22:05                                    Speicherort: C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\linmsl.exe.vir

Element entsperrt                                               19.03.2015 22:05                                    Speicherort: C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\HtmlAgilityPack.dll.vir

Synchronisierung                                                16.03.2015 17:14          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                12.03.2015 05:37          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                11.03.2015 07:24          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                08.03.2015 19:22          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Scan                                                            07.03.2015 13:05          Beendet                   Kompletter Scan (Gesamten Arbeitsplatz)

Synchronisierung                                                07.03.2015 11:39          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Cookie erkannt Cookie/Serving-sys                               07.03.2015 11:21          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Roaming\Spotify\Users\maksim.holly-user\Cookies\Cookies[.serving-sys.com/]

Cookie erkannt Cookie/Mediaplex                                 07.03.2015 11:21          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Roaming\Spotify\Users\maksim.holly-user\Cookies\Cookies[.mediaplex.com/]

Cookie erkannt Unbekannter Name                                 07.03.2015 11:21          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Roaming\Spotify\Users\maksim.holly-user\Cookies\Cookies[.doubleclick.net/]

Cookie erkannt Cookie/Serving-sys                               07.03.2015 11:21          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Roaming\Spotify\Users\maksim.holly-user\Cookies\Cookies[.bs.serving-sys.com/]

Cookie erkannt Unbekannter Name                                 07.03.2015 11:21          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Roaming\Spotify\Users\maksim.holly-user\Apps\discover\Cookies[.doubleclick.net/]

Cookie erkannt Unbekannter Name                                 07.03.2015 11:21          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Roaming\Spotify\Users\maksim.holly-user\Apps\browse\Cookies[.doubleclick.net/]

Cookie erkannt Unbekannter Name                                 07.03.2015 11:00          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Packages\19804SaschaElsner.LetsPlay_qw44hm8tnqbgj\AC\INetCookies\5HOO2945.txt

Cookie erkannt Cookie/adultfriendfinder                         07.03.2015 10:53          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Microsoft\Windows\INetCookies\Low\RIBUZD72.txt

Cookie erkannt Cookie/Xiti                                      07.03.2015 10:53          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Microsoft\Windows\INetCookies\Low\J5WJCM73.txt

Cookie erkannt Cookie/Statcounter                               07.03.2015 10:53          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Microsoft\Windows\INetCookies\Low\H09R7JG5.txt

Cookie erkannt Cookie/BurstNet                                  07.03.2015 10:53          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Microsoft\Windows\INetCookies\Low\1ILD9F9A.txt

Cookie erkannt Cookie/BurstNet                                  07.03.2015 10:53          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Microsoft\Windows\INetCookies\JYJSQZ4Q.txt

Cookie erkannt Cookie/Weborama                                  07.03.2015 10:53          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Microsoft\Windows\INetCookies\91EVUM7B.txt

Cookie erkannt Cookie/WebtrendsLive                             07.03.2015 10:49          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies[statse.webtrendslive.com/]

Cookie erkannt Cookie/Yadro                                     07.03.2015 10:49          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies[.yadro.ru/]

Cookie erkannt Cookie/Xiti                                      07.03.2015 10:49          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies[.xiti.com/]

Cookie erkannt Cookie/Statcounter                               07.03.2015 10:49          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies[.statcounter.com/]

Cookie erkannt Unbekannter Name                                 07.03.2015 10:49          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies[.doubleclick.net/]

Cookie erkannt Cookie/Advertising                               07.03.2015 10:49          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Google\Chrome\User Data\Default\Cookies[.advertising.com/]

Cookie erkannt Unbekannter Name                                 07.03.2015 10:47          Gelöscht                  Speicherort: C:\Users\Steffen\AppData\Local\Airspace\cookies[.doubleclick.net/]

Cookie erkannt Cookie/Mediaplex                                 07.03.2015 10:35          Gelöscht                  Speicherort: C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies[.mediaplex.com/]

Cookie erkannt Unbekannter Name                                 07.03.2015 10:35          Gelöscht                  Speicherort: C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies[.doubleclick.net/]

Cookie erkannt Unbekannter Name                                 07.03.2015 10:34          Gelöscht                  Speicherort: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cookies[.doubleclick.net/]

Verdächtige Datei erkannt                                       06.03.2015 19:32          Neutralisiert             Speicherort: C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srpts.exe.vir

Verdächtige Datei erkannt                                       06.03.2015 19:32          Neutralisiert             Speicherort: C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\Smartbar.Monetization.Proxy.ProxyRemover.exe.vir

Verdächtige Datei erkannt                                       06.03.2015 19:32          Neutralisiert             Speicherort: C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\linmsl.exe.vir

Verdächtige Datei erkannt                                       06.03.2015 19:32          Neutralisiert             Speicherort: C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\HtmlAgilityPack.dll.vir

Trojaner erkannt Trj/CI.A                                       06.03.2015 19:32          Gelöscht                  Speicherort: C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$RSF5TQN.rar

Trojaner erkannt Trj/Genetic.gen                                06.03.2015 19:20          Gelöscht                  Speicherort: C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$RGHWSQ6.exe

Trojaner erkannt Trj/Genetic.gen                                06.03.2015 19:02          Gelöscht                  Speicherort: C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$R4AGBAR.exe

Potenziell unerwünschtes Programm erkannt Application/Brutus.A  06.03.2015 19:02          Gelöscht                  Speicherort: C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$R38XYSK\BrutusA2.exe

Scan                                                            06.03.2015 18:30          Gestartet                 Kompletter Scan (Gesamten Arbeitsplatz)

Synchronisierung                                                06.03.2015 15:58          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                05.03.2015 19:55          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                04.03.2015 16:59          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                04.03.2015 16:19          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                03.03.2015 22:17          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                02.03.2015 16:57          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Einbruchsversuch                                                01.03.2015 18:03          Blockiert                 Angriffstyp: Smart ARP

Synchronisierung                                                01.03.2015 12:02          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Einbruchsversuch                                                28.02.2015 13:32          Blockiert                 Angriffstyp: Smart ARP

Einbruchsversuch                                                28.02.2015 13:21          Blockiert                 Angriffstyp: Smart ARP

Synchronisierung                                                28.02.2015 11:54          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Einbruchsversuch                                                28.02.2015 09:50          Blockiert                 Angriffstyp: Smart ARP

Synchronisierung                                                28.02.2015 09:14          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                25.02.2015 15:02          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                24.02.2015 17:24          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Einbruchsversuch                                                23.02.2015 19:39          Blockiert                 Angriffstyp: Smart ARP

Synchronisierung                                                23.02.2015 17:16          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                23.02.2015 16:17          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Einbruchsversuch                                                21.02.2015 11:33          Blockiert                 Angriffstyp: Smart ARP

Synchronisierung                                                20.02.2015 18:47          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                19.02.2015 19:54          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                17.02.2015 17:01          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Einbruchsversuch                                                16.02.2015 19:05          Blockiert                 Angriffstyp: Smart ARP

Synchronisierung                                                16.02.2015 18:58          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Einbruchsversuch                                                15.02.2015 19:48          Blockiert                 Angriffstyp: Smart ARP

Einbruchsversuch                                                15.02.2015 18:44          Blockiert                 Angriffstyp: Smart ARP

Einbruchsversuch                                                15.02.2015 18:27          Blockiert                 Angriffstyp: Smart ARP

Synchronisierung                                                15.02.2015 13:00          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                14.02.2015 11:00          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                14.02.2015 08:40          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                12.02.2015 17:02          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Einbruchsversuch                                                11.02.2015 20:28          Blockiert                 Angriffstyp: Smart ARP

Synchronisierung                                                11.02.2015 15:23          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                10.02.2015 18:17          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Scan                                                            09.02.2015 22:03          Abgebrochen               Durchsuche: Kritische Bereiche

Scan                                                            09.02.2015 22:02          Gestartet                 Durchsuche: Kritische Bereiche

Synchronisierung                                                09.02.2015 17:09          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Synchronisierung                                                09.02.2015 16:29          Synchronisiert            Ihr Schutz wurde über die Cloud synchronisiert, um Sie vor den neuesten Bedrohungen zu schützen.

Einbruchsversuch                                                09.02.2015 15:57          Blockiert                 Angriffstyp: Smart ARP

Einbruchsversuch                                                09.02.2015 15:49          Blockiert                 Angriffstyp: Smart ARP

Computer geimpft                                                08.02.2015 22:29          Geimpft

Computer geimpft                                                08.02.2015 22:21          Geimpft

Malware erkannt                                                 02.02.2015 22:51          Blockiert                 URL: hxxp://bamba.theplaora.com/FlashBeat/PCSChecker.exe

~~~~~~
Hoffe, da war jetzt alles richtig...
Es grüßt, Massenmensch ;)

hi,

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

YTD Video Downloader 4.8.7
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

So... Malwarebytes läuft bereits...
Aber die Ergebnisse gibt's dann erst morgen, das dauert alles noch ein bisschen... :sleepy:
Aber danke erst einmal für deine Hilfe!

Es wünscht eine Gute Nacht, Massenmensch

So... Jetzt die weiteren Logs... Nochmal :dankeschoen: für deine Hilfe bis jetzt!

~~~Logs~~~
MB-AM:

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 23.03.2015

Suchlauf-Zeit: 23:35:21

Logdatei: mbam.txt

Administrator: Ja
 

Version: 2.01.4.1018

Malware Datenbank: v2015.03.23.08

Rootkit Datenbank: v2015.02.25.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 8.1

CPU: x64

Dateisystem: NTFS

Benutzer: ******
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 602772

Verstrichene Zeit: 25 Min, 17 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(Keine schädliche Elemente gefunden)
 

Module: 0

(Keine schädliche Elemente gefunden)
 

Registrierungsschlüssel: 24

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6CA2A4DE-483E-456B-8634-6445460D7097}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E3F1CA13-EA0E-4617-8D03-3EAA6A94A7E0}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6CA2A4DE-483E-456B-8634-6445460D7097}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6CA2A4DE-483E-456B-8634-6445460D7097}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\{6CA2A4DE-483E-456B-8634-6445460D7097}, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.Snapdo.T, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [3db7b98f7a10340226064f1526dd43bd], 

PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\awesomehpSoftware, , [03f1b98fbbcf53e3bdfd3dc48e76be42], 

PUP.Optional.FastSearchings, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [f4007eca404a91a515b1b9828a7bad53], 

PUP.Optional.FlowSurf.A, HKU\S-1-5-18\SOFTWARE\FLOWSURF, , [8a6a1e2aa7e385b14ea478bc0cf9bf41], 

PUP.Optional.ReMarkit.A, HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\SOFTWARE\APPDATALOW\SOFTWARE\Re_markit, , [38bc1533d5b5af8739e3ede33ec5639d], 

PUP.Optional.FlowSurf.A, HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\SOFTWARE\FLOWSURF, , [51a32c1ca1e9d6609e54fb39d1343ac6], 
 

Registrierungswerte: 3

PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [ab496ddb01898babd115bf7ea1644fb1]

PUP.Optional.FlowSurf.A, HKU\S-1-5-18\SOFTWARE\FLOWSURF|chrid, oglkiljdmflopemijdadoiepkhcaodjn, , [8a6a1e2aa7e385b14ea478bc0cf9bf41]

PUP.Optional.FlowSurf.A, HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\SOFTWARE\FLOWSURF|chrid, oglkiljdmflopemijdadoiepkhcaodjn, , [51a32c1ca1e9d6609e54fb39d1343ac6]
 

Registrierungsdaten: 5

PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[9a5a12365d2d2115af78f9fb51b44cb4]

PUP.Optional.SnapDo.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}),,[e90bfc4ccfbb5ed8d6c0f6f2c441cb35]

PUP.Optional.SnapDo.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}),,[e90beb5dff8b3ef87e1b12d6f015847c]

PUP.Optional.SnapDo.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}),,[5a9a1533adddb97d9bff9058a85d9070]

PUP.Optional.SnapDo.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPBDDI6Pk-fpITtt_7-dx2uywuT-4gdlO-xkuKtzfsTQg0ujSI71XNij6XDeVTlMzu3v1nTicPInFt8MMITDhEmuaulDXmT3GdVLsok__v0Xui2S9xghVYrToeEJNY46DtWQAXfvHO-wj9TlcLakOdU8n0vOrtf2_yGPF7pZaoJsw,,&q={searchTerms}),,[c62eeb5d6a20d660484d9e4a72937090]
 

Ordner: 5

PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAdblocker, , [b440d8707218cd6920bf7ef82dd6a759], 

PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, , [a252c5838cfe77bfb21ae197c241ba46], 

PUP.Optional.Extutil.A, C:\Users\******\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, , [7a7a4305c6c486b0696a6a21cf34c33d], 

PUP.Optional.Managera.A, C:\Users\******\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, , [a35121273d4ddf570bc91b709c67946c], 

PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf, , [18dcba8ed7b3f1458250267cb84bcc34], 
 

Dateien: 12

PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\flowsurf.dll, , [6e8699afcbbf65d12922b5754eb50cf4], 

PUP.Optional.Downloader, C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$RNZABIX.exe, , [9f5593b5b2d8979fecbfd398936db64a], 

Trojan.MSIL, C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$R8D6G4I.crdownload, , [5c986cdc3b4ffe382cc607d89869c040], 

PUP.Optional.Spigot.A, C:\Users\******\AppData\Local\Temp\~sp2092.tmp, , [82720c3cf496b87ec6a182a78383ad53], 

PUP.Optional.Spigot.A, C:\Users\******\AppData\Local\Temp\~sp4C1.tmp, , [46ae2a1e682260d6fe69dc4d3bcb14ec], 

PUP.Optional.DownloadSponsor, C:\Users\******\AppData\Local\Temp\OCS\ocs_v71b.exe, , [93612a1e7a10fe382f6fe0f34bba4bb5], 

PUP.Optional.Eguide, C:\Users\******\Downloads\ispd-Downloader.exe, , [1ada2523325847efd967b7a79868d62a], 

PUP.Optional.Downloader, C:\Users\******\Downloads\DesktopOK 64 Bit - CHIP-Installer.exe, , [886c83c5eb9fa98d367555167a867888], 

PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\atl110.dll, , [18dcba8ed7b3f1458250267cb84bcc34], 

PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\fsupd.exe, , [18dcba8ed7b3f1458250267cb84bcc34], 

PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\install.ico, , [18dcba8ed7b3f1458250267cb84bcc34], 

PUP.Optional.FlowSurf.A, C:\Program Files (x86)\Flowsurf\msvcr110.dll, , [18dcba8ed7b3f1458250267cb84bcc34], 
 

Physische Sektoren: 0

(Keine schädliche Elemente gefunden)
 
 

(end)

-----
und JRT:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.6 (03.22.2015:1)

OS: Windows 8.1 x64

Ran by ****** on 24.03.2015 at  9:15:38,76

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\ProgramData\pcdr"

Successfully deleted: [Folder] "C:\Users\******\AppData\Roaming\pcdr"

Successfully deleted: [Folder] "C:\Users\******\appdata\locallow\pcdr"

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 24.03.2015 at  9:19:55,67

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

------

und FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015

Ran by ****** (administrator) on ******S-PC on 24-03-2015 10:45:44

Running from C:\Users\******\Desktop

Loaded Profiles: ****** (Available profiles: ****** & Administrator & Gast)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Leap Motion, Inc.) C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc64.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe

(Panda Security) C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe

() C:\Program Files (x86)\Skiller Pro\Monitor.EXE

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe

(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe

(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)

HKLM\...\Run: [Remote Control Server] => C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe [5159424 2015-01-19] (Steppschuh)

HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-02] (Intel Corporation)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)

HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-06-23] (BlueStack Systems, Inc.)

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)

HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-09-02] ()

HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2448896 2014-09-19] (FileZilla Project)

HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [Skiller Pro] => C:\Program Files (x86)\Skiller Pro\Monitor.exe [475136 2014-02-26] ()

HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [RssReader] => C:\Program Files (x86)\RssReader\RssReader.exe [1077248 2004-04-04] (Ykoon)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Leap Control Panel] => C:\Program Files (x86)\Leap Motion\Core Services\LeapControlPanel.exe [3609936 2015-03-21] (Leap Motion, Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Spotify Web Helper] => C:\Users\******\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Spotify] => C:\Users\******\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Google Update] => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-09] (Google Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1313536 2014-04-01] (Bogdan Sharkov)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2042880 2014-08-25] (RemoteMouse.net)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [spotimote] => C:\Program Files (x86)\spotimote\spotimote.exe [2830248 2014-10-08] ()

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31346784 2015-02-26] (Skype Technologies S.A.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [GoogleChromeAutoLaunch_D781C9BFB3A3BA37CC3EB8921F5CCF82] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [DellSystemDetect] => C:\Users\******\AppData\Local\Apps\2.0\LLG9VHQ8.GH9\KO4XLBTX.AGH\dell..tion_e30b47f5d4a30e9e_0005.000d_4ab2a66cfade09be\DellSystemDetect.exe [276776 2015-01-11] (Dell)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Policies\Explorer: [NoControlPanel] 0

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk

ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\devolo Cockpit.lnk

ShortcutTarget: devolo Cockpit.lnk -> C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe ( )

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Identitaetsabfrage.bat ()

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MAGIX Video deluxe 2014.lnk

ShortcutTarget: MAGIX Video deluxe 2014.lnk -> C:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exe (MAGIX Software GmbH)

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk

ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}

SearchScopes: HKLM-x32 -> DefaultScope value is missing.

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3324427&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPAF1B23EF-781D-48EC-96E7-10E4407318A0&q={searchTerms}&SSPV=

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> {B4364FC7-BB80-4056-A87B-DBC5A26B5C36} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-25] (Oracle Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)

BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16] (Adblock Plus)

BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-09-02] (Wondershare)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2015-01-13] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-13] (Oracle Corporation)

BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)

Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()

Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
 

FireFox:

========

FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default

FF SearchEngineOrder.1: Google.at

FF Homepage: https://www.google.de/

FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-08] ()

FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-08] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-13] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-13] (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-20] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @talk.google.com/O1DPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @tools.google.com/Google Update;version=3 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @tools.google.com/Google Update;version=9 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\******\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-06] (Unity Technologies ApS)

FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)

FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\searchplugins\youtube-videosuche.xml [2014-08-30]

FF Extension: Avira Browser Safety - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\abs@avira.com [2015-03-02]

FF Extension: FireFTP - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-01-16]

FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2015-01-16]

FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\langpack-de@Waterfox.mozilla.org.xpi [2014-08-30]

FF Extension: Session Manager - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-10-31]

FF Extension: Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-16]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com

FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-09-11]
 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "https://www.google.de/", "hxxp://websearch.amaizingsearches.info/?pid=377&r=2014/04/07&hid=5936879317086436134&lg=EN&cc=DE&unqvl=51", "hxxp://google.com/", "hxxp://google.de/", "https://de.search.yahoo.com/?type=937811&fr=yo-yhp-ch"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\******\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Angry Birds) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-04-07]

CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]

CHR Extension: (Berlin Events) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopbgcbccpbkbficacifdijmlpdnddkf [2014-04-07]

CHR Extension: (Adblock Plus) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-17]

CHR Extension: (Google Search) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]

CHR Extension: (Session Buddy) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2014-04-07]

CHR Extension: (Floating YouTube Extension) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2014-11-12]

CHR Extension: (Yahoo!) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhbkaahephniejapepaiggngjnedpci [2015-02-09]

CHR Extension: (Show Frame) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmgcfdnagjkihmgjhbiombjdcgckgnb [2015-01-18]

CHR Extension: (Google Keep - notes and lists) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-04-07]

CHR Extension: (ProxMate) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-05-13]

CHR Extension: (Floating YouTube™) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2014-11-12]

CHR Extension: (FullStream) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkchcbdilffpbpkknniliidiflhbagkl [2015-01-23]

CHR Extension: (Open Frame) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdhjgkkaacdhdioocfbpmhjidbinfajj [2015-01-18]

CHR Extension: (Wetter Berlin) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\klefihnmmfkcaoeebemdmeebbfdhlknm [2014-04-07]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]

CHR Extension: (Twitch Now) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-01-23]

CHR Extension: (Google Wallet) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-29]

CHR Extension: (Gmail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]

CHR HKLM-x32\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-03-01] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)

R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-30] (Dell Inc.)

R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201424 2015-01-30] (Dell Inc.)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]

R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [772608 2014-09-19] (FileZilla Project) [File not signed]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)

S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] ()

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)

R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)

R2 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc64.exe [10166784 2015-03-21] (Leap Motion, Inc.) [File not signed]

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)

R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)

S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)

R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-31] (Electronic Arts)

R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)

R2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)

R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)

S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()

R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)

S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)

R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-02-19] (Dell Inc.)

S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]

S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]

S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [X]

S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-06-23] (BlueStack Systems)

S3 CCUSBMIDI; C:\Windows\System32\Drivers\ccusbmid.sys [26624 2012-02-24] (CASIO COMPUTER CO., LTD.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)

R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)

R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)

S3 MP4ConverterAudio; C:\Windows\system32\drivers\MP4ConverterAudio.sys [36064 2014-07-28] (Windows (R) Win 7 DDK provider)

S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)

R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)

R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)

R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)

R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)

R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)

R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)

R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)

R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)

R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)

R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)

R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)

R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)

R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-01-29] (CACE Technologies)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)

R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)

R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)

R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)

R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)

R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)

R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()

R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-24 10:45 - 2015-03-24 10:46 - 00040558 _____ () C:\Users\******\Desktop\FRST.txt

2015-03-24 09:19 - 2015-03-24 09:19 - 00000886 _____ () C:\Users\******\Desktop\JRT.txt

2015-03-24 09:15 - 2015-03-24 09:15 - 00006267 _____ () C:\Users\******\Desktop\AdwCleaner[S3].txt

2015-03-24 09:10 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys

2015-03-24 09:08 - 2015-03-24 09:11 - 00001780 _____ () C:\Users\******\Desktop\Google Keep.lnk

2015-03-24 09:08 - 2015-03-24 09:08 - 00001049 _____ () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-03-24 00:02 - 2015-03-24 09:07 - 00009999 _____ () C:\Users\******\Desktop\mbam.txt

2015-03-23 23:33 - 2015-03-23 23:33 - 02168320 _____ () C:\Users\******\Desktop\AdwCleaner_4.113.exe

2015-03-23 23:33 - 2015-03-23 23:33 - 01388782 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe

2015-03-23 23:31 - 2015-03-23 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leap Motion

2015-03-23 23:25 - 2015-03-23 23:25 - 00488088 _____ () C:\WINDOWS\Minidump\032315-26625-01.dmp

2015-03-23 23:11 - 2015-03-23 23:35 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-03-23 23:10 - 2015-03-23 23:10 - 00001172 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-23 23:10 - 2015-03-23 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-03-23 23:10 - 2015-03-23 23:10 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-03-23 23:10 - 2015-03-23 23:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-03-23 23:10 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-03-23 23:10 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-03-23 23:10 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-03-23 23:07 - 2015-03-23 23:07 - 00001340 _____ () C:\Users\******\Desktop\Revo Uninstaller.lnk

2015-03-23 23:07 - 2015-03-23 23:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2015-03-23 22:13 - 2015-03-23 22:56 - 00000493 _____ () C:\Users\******\Desktop\GMER.txt

2015-03-23 22:00 - 2015-03-23 22:02 - 00000476 _____ () C:\Users\******\Desktop\defogger_disable.log

2015-03-23 21:58 - 2015-03-24 10:45 - 00000000 ____D () C:\FRST

2015-03-23 21:58 - 2015-03-23 21:58 - 00000000 _____ () C:\Users\******\defogger_reenable

2015-03-23 21:57 - 2015-03-23 21:57 - 00050477 _____ () C:\Users\******\Desktop\Defogger.exe

2015-03-23 21:55 - 2015-03-23 21:55 - 02095616 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe

2015-03-23 21:54 - 2015-03-23 21:54 - 00380416 _____ () C:\Users\******\Desktop\k501derz.exe

2015-03-23 21:39 - 2015-03-23 21:40 - 01203488 _____ () C:\Users\******\Downloads\Regin Scanner - CHIP-Installer.exe

2015-03-23 18:14 - 2015-03-23 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\River-Simulator 2012 - Demo

2015-03-23 18:13 - 2015-03-23 18:13 - 00000000 ____D () C:\Program Files (x86)\River-Simulator 2012 - Demo

2015-03-23 18:06 - 2015-03-23 18:06 - 00000000 ____D () C:\Users\******\Tracing

2015-03-22 14:08 - 2015-03-04 22:24 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-03-22 14:08 - 2015-03-04 22:24 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-03-22 10:31 - 2015-03-22 10:55 - 00000000 ____D () C:\Users\******\AppData\Roaming\Rettungswagen Simulator 2014 Demo

2015-03-22 10:31 - 2015-03-22 10:32 - 00000000 ____D () C:\Users\******\Documents\Rettungswagen Simulator 2014 Demo

2015-03-22 10:31 - 2015-03-22 10:31 - 00000000 ____D () C:\ProgramData\RTWS2014DEMO

2015-03-22 10:28 - 2015-03-22 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rettungswagen Simulator 2014 Demo

2015-03-22 10:22 - 2015-03-22 10:28 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2014 Demo

2015-03-22 10:21 - 2015-03-22 10:27 - 218461259 _____ () C:\Users\******\Downloads\Schiff-Simulator2012-Demo_Setup.zip

2015-03-22 10:01 - 2015-03-22 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schwebebahn-Simulator 2013 Demo

2015-03-22 10:00 - 2015-03-22 10:00 - 00000000 ____D () C:\Program Files (x86)\rondomedia

2015-03-22 09:52 - 2015-03-22 09:55 - 179712052 _____ () C:\Users\******\Downloads\Schwebebahn-Simulator2013_simuwelt_Demo Setup.zip

2015-03-22 09:51 - 2015-03-22 10:11 - 1682428100 _____ () C:\Users\******\Downloads\rtws2014-demo-1.0a.zip

2015-03-22 09:19 - 2015-03-22 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airport Simulator 2013 Demo

2015-03-22 09:19 - 2015-03-22 09:19 - 00000000 ____D () C:\Program Files (x86)\Airport Simulator 2013 Demo

2015-03-22 09:18 - 2015-03-22 09:18 - 50171380 _____ () C:\Users\******\Downloads\Airport-Simulator2013_simuwelt_Demo.zip

2015-03-21 21:19 - 2015-03-21 21:19 - 00000000 ____D () C:\Users\******\AppData\Roaming\Open Rails

2015-03-21 20:42 - 2015-03-21 20:42 - 00001082 _____ () C:\Users\Public\Desktop\Open Rails.lnk

2015-03-21 20:42 - 2015-03-21 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Rails

2015-03-21 20:42 - 2015-03-21 20:42 - 00000000 ____D () C:\Program Files (x86)\Open Rails

2015-03-21 20:41 - 2015-03-21 20:41 - 23850158 _____ (Open Rails ) C:\Users\******\Downloads\setup_OR_pre-v1.0_from_download.exe

2015-03-21 20:20 - 2015-03-21 20:39 - 00000000 ____D () C:\Users\******\AppData\Local\Loksim3D

2015-03-21 20:20 - 2015-03-21 20:34 - 00000000 ____D () C:\Program Files (x86)\Loksim3D

2015-03-21 20:20 - 2015-03-21 20:25 - 00000000 ____D () C:\Users\Public\Documents\Loksim3D

2015-03-21 20:20 - 2015-03-21 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loksim3D

2015-03-21 20:15 - 2015-03-21 20:17 - 120920998 _____ () C:\Users\******\Downloads\Setup-Loksim3D-2-9-1.zip

2015-03-21 20:14 - 2015-03-21 20:14 - 00373824 _____ () C:\Users\******\Downloads\Setup-Loksim3D-2-9-1_CB-DL-Manager.exe

2015-03-21 15:12 - 2015-03-21 15:24 - 436138144 _____ (MAGIX Software GmbH) C:\Users\******\Downloads\music_maker_2015_dlv_chip_de_20140827_13-38.exe

2015-03-20 20:25 - 2015-03-13 16:38 - 00622224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2015-03-20 20:22 - 2015-03-13 20:41 - 32114888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 18580512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 17258024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 16022016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 14121624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2015-03-20 20:22 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 03303448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 02906928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434788.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434788.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00944784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00178512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00164568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00032456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys

2015-03-20 20:22 - 2015-03-13 20:41 - 00027441 _____ () C:\WINDOWS\system32\nvinfo.pb

2015-03-11 07:39 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2015-03-11 07:39 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2015-03-11 07:39 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2015-03-11 07:39 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys

2015-03-11 07:39 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys

2015-03-11 07:39 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

2015-03-11 07:39 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll

2015-03-11 07:39 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll

2015-03-11 07:39 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2015-03-11 07:39 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2015-03-11 07:39 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll

2015-03-11 07:39 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll

2015-03-11 07:39 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe

2015-03-11 07:39 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe

2015-03-11 07:39 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2015-03-11 07:39 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2015-03-11 07:38 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2015-03-11 07:38 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2015-03-11 07:38 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2015-03-11 07:38 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2015-03-11 07:38 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2015-03-11 07:38 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2015-03-11 07:38 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2015-03-11 07:38 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2015-03-11 07:38 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2015-03-11 07:38 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2015-03-11 07:38 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2015-03-11 07:38 - 2015-01-30 04:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys

2015-03-11 07:38 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll

2015-03-11 07:38 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll

2015-03-11 07:38 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll

2015-03-11 07:38 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll

2015-03-11 07:38 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll

2015-03-11 07:38 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll

2015-03-11 07:38 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll

2015-03-11 07:38 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll

2015-03-11 07:38 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll

2015-03-11 07:38 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll

2015-03-11 07:38 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll

2015-03-11 07:38 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll

2015-03-11 07:38 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll

2015-03-11 07:38 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2015-03-11 07:38 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2015-03-11 07:38 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2015-03-11 07:38 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2015-03-11 07:38 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2015-03-11 07:38 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2015-03-11 07:38 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2015-03-11 07:38 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2015-03-11 07:38 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-03-11 07:38 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-03-11 07:38 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-03-11 07:38 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll

2015-03-11 07:38 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll

2015-03-11 07:38 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2015-03-11 07:38 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2015-03-11 07:37 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-03-11 07:37 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-03-11 07:37 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2015-03-11 07:37 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2015-03-11 07:37 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-03-11 07:37 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-03-11 07:37 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2015-03-11 07:37 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-03-11 07:37 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-03-11 07:37 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2015-03-11 07:37 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-03-11 07:37 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2015-03-11 07:37 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-03-11 07:37 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-03-11 07:37 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2015-03-11 07:37 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2015-03-11 07:37 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2015-03-11 07:37 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-03-11 07:37 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-03-11 07:37 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-03-11 07:37 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2015-03-11 07:37 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-03-11 07:37 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2015-03-11 07:37 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2015-03-11 07:37 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-03-11 07:37 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-03-11 07:37 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-03-11 07:37 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2015-03-11 07:37 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-03-11 07:37 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2015-03-11 07:37 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2015-03-11 07:37 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-03-11 07:37 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-03-11 07:37 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-03-11 07:37 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-03-11 07:37 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-03-11 07:37 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-03-11 07:37 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2015-03-11 07:37 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2015-03-11 07:37 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2015-03-11 07:37 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2015-03-11 07:37 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2015-03-11 07:37 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2015-03-11 07:37 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2015-03-11 07:37 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2015-03-11 07:37 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2015-03-11 07:37 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2015-03-11 07:37 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2015-03-11 07:37 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2015-03-11 07:37 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe

2015-03-11 07:02 - 2015-03-11 07:02 - 01142192 _____ () C:\WINDOWS\Minidump\031115-35765-01.dmp

2015-03-11 07:01 - 2015-03-23 23:25 - 740588065 _____ () C:\WINDOWS\MEMORY.DMP

2015-03-10 18:31 - 2015-03-10 18:32 - 00166935 _____ () C:\Users\******\Downloads\xape.rar

2015-03-08 19:31 - 2015-03-08 19:38 - 00000000 ____D () C:\Users\******\Desktop\Chips

2015-03-07 12:04 - 2015-03-07 21:17 - 00000000 ____D () C:\Users\******\AppData\Local\LogMeIn Hamachi

2015-03-07 12:02 - 2015-03-07 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2015-03-07 12:02 - 2015-03-07 12:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

2015-03-06 19:06 - 2015-03-24 09:31 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1481936226-3761452550-2346937436-1002

2015-03-06 18:55 - 2015-03-06 18:55 - 00000000 ___HD () C:\WINDOWS\AxInstSV

2015-03-06 16:00 - 2015-03-06 16:31 - 4225595392 _____ () C:\Users\******\Downloads\Windows10_TechnicalPreview_x64_DE-DE_9926 (1).iso

2015-03-05 20:04 - 2015-03-05 20:04 - 00001134 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

2015-03-05 20:04 - 2015-03-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

2015-03-05 20:04 - 2015-03-05 20:04 - 00000000 ____D () C:\Program Files\Oracle

2015-03-05 20:04 - 2015-03-02 15:20 - 00922168 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys

2015-03-05 20:04 - 2015-03-02 15:18 - 00128592 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys

2015-03-05 20:01 - 2015-03-05 20:01 - 01203488 _____ () C:\Users\******\Downloads\VirtualBox - CHIP-Installer.exe

2015-03-02 15:18 - 2015-03-02 15:18 - 00204264 _____ (Oracle Corporation) C:\WINDOWS\system32\VBoxNetFltNobj.dll

2015-03-02 15:18 - 2015-03-02 15:18 - 00156360 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetFlt.sys

2015-03-02 15:18 - 2015-03-02 15:18 - 00141440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp.sys

2015-03-01 19:12 - 2015-03-01 19:12 - 00063769 _____ () C:\Users\******\Desktop\Bigband Konzert.odt

2015-02-28 15:13 - 2015-02-28 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigel

2015-02-28 15:11 - 2015-02-28 15:11 - 01203488 _____ () C:\Users\******\Downloads\Visitenkarten in 2 Minuten - CHIP-Installer.exe

2015-02-28 08:56 - 2015-03-23 23:31 - 00001312 _____ () C:\Users\Public\Desktop\Leap Motion App Home.lnk

2015-02-25 15:28 - 2013-09-30 16:26 - 00019152 ____N () C:\WINDOWS\system32\pwdrvio.sys

2015-02-25 15:28 - 2013-09-30 16:26 - 00012504 ____N () C:\WINDOWS\system32\pwdspio.sys

2015-02-25 15:14 - 2015-01-14 11:28 - 03066880 _____ () C:\WINDOWS\system32\pwNative.exe

2015-02-25 15:12 - 2015-02-25 15:14 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0

2015-02-25 15:12 - 2015-02-25 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0

2015-02-25 15:10 - 2015-02-25 15:10 - 01203488 _____ () C:\Users\******\Downloads\Partition Wizard Home Edition - CHIP-Installer.exe

2015-02-25 14:49 - 2015-02-25 15:08 - 00000000 ____D () C:\Backup

2015-02-25 06:58 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls

2015-02-25 06:58 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls

2015-02-24 18:00 - 2015-02-24 18:05 - 239433883 _____ () C:\Users\******\Downloads\cm12.0_golden.nova.20150214.ODIN_TWRP.zip

2015-02-24 17:32 - 2015-02-24 17:32 - 11029139 _____ () C:\Users\******\Downloads\CWM_6.0.4.5_Spec-Assert_fixed.zip

2015-02-23 16:48 - 2015-02-23 16:48 - 01192075 _____ () C:\Users\******\Desktop\UPDATE-SuperSU-v1.51.zip

2015-02-23 16:39 - 2010-08-27 05:32 - 00069120 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsx64.dll

2015-02-23 16:38 - 2015-02-23 16:38 - 00000000 ____D () C:\Program Files\SAMSUNG

2015-02-23 16:19 - 2015-02-23 16:20 - 01203488 _____ () C:\Users\******\Downloads\Odin3 - CHIP-Installer.exe

2015-02-23 16:15 - 2015-02-23 16:16 - 01203488 _____ () C:\Users\******\Downloads\I8190XXAMA1_I8190OXAAMA1_4.1.2_rooted_by_infected_V2 - CHIP-Installer.exe
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-24 10:23 - 2015-02-08 22:18 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-03-24 10:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-03-24 09:57 - 2015-02-08 21:52 - 00001148 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002UA.job

2015-03-24 09:50 - 2014-10-12 15:15 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-03-24 09:28 - 2014-01-17 23:05 - 01094742 _____ () C:\WINDOWS\WindowsUpdate.log

2015-03-24 09:19 - 2013-12-12 11:05 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery

2015-03-24 09:17 - 2013-11-14 08:27 - 00006882 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-03-24 09:17 - 2013-11-14 08:11 - 00926930 _____ () C:\WINDOWS\system32\perfh007.dat

2015-03-24 09:17 - 2013-11-14 08:11 - 00220360 _____ () C:\WINDOWS\system32\perfc007.dat

2015-03-24 09:12 - 2014-03-06 20:28 - 00007830 _____ () C:\WINDOWS\system32\debug.log

2015-03-24 09:12 - 2014-01-18 07:24 - 00000000 ___DO () C:\Users\******\SkyDrive

2015-03-24 09:10 - 2015-02-08 22:18 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-03-24 09:10 - 2014-05-01 14:02 - 00041921 _____ () C:\WINDOWS\setupact.log

2015-03-24 09:09 - 2014-04-29 20:40 - 00708918 _____ () C:\WINDOWS\PFRO.log

2015-03-24 09:09 - 2014-01-17 23:05 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-03-24 09:09 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-03-24 09:09 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

2015-03-24 09:08 - 2014-01-30 16:42 - 00000000 ____D () C:\AdwCleaner

2015-03-24 09:08 - 2014-01-17 23:09 - 00000000 ____D () C:\Users\******

2015-03-23 23:31 - 2014-04-29 20:42 - 00117848 _____ () C:\WINDOWS\DPINST.LOG

2015-03-23 23:31 - 2014-02-12 15:25 - 00000000 ____D () C:\ProgramData\Leap Motion

2015-03-23 23:30 - 2014-03-01 09:35 - 00000000 ____D () C:\ProgramData\Package Cache

2015-03-23 23:30 - 2014-02-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Leap Motion

2015-03-23 23:25 - 2015-02-08 21:52 - 00001096 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002Core.job

2015-03-23 23:25 - 2014-02-06 23:08 - 00000000 ____D () C:\WINDOWS\Minidump

2015-03-23 23:10 - 2013-12-25 19:29 - 00000000 ____D () C:\Users\******\Desktop\Spiele

2015-03-23 22:08 - 2013-12-29 09:07 - 00000000 ____D () C:\Users\******\AppData\Roaming\Skype

2015-03-23 21:10 - 2014-09-13 18:10 - 00000308 _____ () C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job

2015-03-23 18:06 - 2013-12-29 09:07 - 00000000 ___RD () C:\Program Files (x86)\Skype

2015-03-23 18:06 - 2013-12-29 09:07 - 00000000 ____D () C:\ProgramData\Skype

2015-03-23 14:00 - 2015-02-08 22:22 - 00000000 ____D () C:\ProgramData\panda_url_filtering

2015-03-22 19:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2015-03-22 14:07 - 2013-08-22 15:44 - 05363216 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-03-22 14:04 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2015-03-22 10:27 - 2014-05-14 19:39 - 00134580 _____ () C:\WINDOWS\DirectX.log

2015-03-21 19:52 - 2014-03-18 15:09 - 00000000 ____D () C:\Users\Public\Documents\MAGIX

2015-03-21 19:51 - 2014-03-18 15:08 - 00000000 ____D () C:\ProgramData\MAGIX

2015-03-21 19:51 - 2014-03-17 19:39 - 00000000 ____D () C:\Users\******\AppData\Roaming\MAGIX

2015-03-21 19:50 - 2014-03-18 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX

2015-03-21 19:43 - 2014-03-18 15:08 - 00000000 ____D () C:\Program Files (x86)\MAGIX

2015-03-21 19:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help

2015-03-20 20:26 - 2014-03-18 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2015-03-20 20:26 - 2013-12-12 11:06 - 00000000 ____D () C:\Temp

2015-03-20 20:24 - 2014-01-17 23:05 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2015-03-20 20:12 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-03-20 20:03 - 2013-12-29 13:51 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-03-20 19:54 - 2014-02-20 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2015-03-20 19:46 - 2013-12-29 13:51 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-03-16 20:47 - 2014-02-20 17:21 - 00000000 ____D () C:\Users\******\Documents\Schule

2015-03-13 17:16 - 2015-01-23 16:27 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2015-03-13 17:16 - 2014-03-18 20:10 - 01099408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 06861968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 03526856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 00935056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2015-03-13 17:16 - 2014-01-17 23:05 - 00386248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 00075976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2015-03-11 14:10 - 2014-01-17 23:05 - 04246327 _____ () C:\WINDOWS\system32\nvcoproc.bin

2015-03-11 07:25 - 2015-01-31 22:57 - 00000000 ____D () C:\Users\******\Desktop\Musik Handy

2015-03-11 07:05 - 2014-04-03 19:49 - 00000000 ____D () C:\Users\******\AppData\Roaming\Spotify

2015-03-08 19:44 - 2014-03-16 19:45 - 00000000 ____D () C:\Users\******\AppData\Roaming\Audacity

2015-03-08 19:44 - 2013-12-31 15:22 - 00000000 ____D () C:\Users\******\AppData\Roaming\vlc

2015-03-07 12:19 - 2014-02-14 18:08 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2015-03-07 12:15 - 2014-02-14 17:59 - 00000000 ____D () C:\Program Files (x86)\Steam

2015-03-07 11:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2015-03-07 10:47 - 2014-02-12 15:26 - 00000000 ____D () C:\Users\******\AppData\Local\Airspace

2015-03-07 10:35 - 2014-07-04 21:41 - 00000000 ____D () C:\Users\******\.VirtualBox

2015-03-06 18:30 - 2015-02-09 22:01 - 00000424 ____H () C:\WINDOWS\Tasks\{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C}.job

2015-03-06 18:10 - 2014-07-04 21:41 - 00000000 ____D () C:\Users\******\VirtualBox VMs

2015-03-06 16:23 - 2014-04-03 19:51 - 00000000 ____D () C:\Users\******\AppData\Local\Spotify

2015-02-28 10:01 - 2013-06-26 23:19 - 00000000 ____D () C:\dell

2015-02-25 18:29 - 2014-05-29 14:20 - 00000000 ____D () C:\ProgramData\Origin

2015-02-25 15:12 - 2014-05-29 14:20 - 00000000 ____D () C:\Program Files (x86)\Origin

2015-02-24 17:31 - 2014-02-20 22:45 - 00000382 _____ () C:\Users\******\Desktop\MASSE STICK (D) - Verknüpfung.lnk

2015-02-23 16:39 - 2014-08-16 10:54 - 00000000 ____D () C:\Program Files (x86)\Samsung

2015-02-23 16:14 - 2015-02-21 10:56 - 00002248 _____ () C:\Users\******\Desktop\lückenbestücken.txt
 

==================== Files in the root of some directories =======
 

2014-05-16 17:14 - 2014-05-16 17:14 - 0000132 _____ () C:\Users\******\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen

2014-07-04 21:27 - 2014-07-04 22:43 - 1177208 _____ () C:\Users\******\AppData\Roaming\AndyCleanupTool.exe

2014-07-04 21:27 - 2014-07-04 22:43 - 1176696 _____ () C:\Users\******\AppData\Roaming\AndyCleanVM.exe

2014-09-13 18:19 - 2014-09-13 18:19 - 0000000 _____ () C:\Users\******\AppData\Roaming\gdfw.log

2014-09-13 18:19 - 2014-09-13 18:19 - 0000779 _____ () C:\Users\******\AppData\Roaming\gdscan.log

2014-01-07 20:56 - 2014-01-07 20:56 - 0000095 _____ () C:\Users\******\AppData\Local\fusioncache.dat

2014-05-04 12:47 - 2014-05-04 12:47 - 0001546 _____ () C:\Users\******\AppData\Local\RecConfig.xml

2014-09-02 15:37 - 2014-09-02 15:37 - 0000896 _____ () C:\Users\******\AppData\Local\recently-used.xbel

2014-04-06 06:20 - 2014-10-17 21:55 - 0007599 _____ () C:\Users\******\AppData\Local\resmon.resmoncfg

2013-12-12 11:05 - 2013-12-12 11:05 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log

2013-12-12 11:01 - 2013-12-12 11:02 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log

2013-12-12 11:03 - 2013-12-12 11:04 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log

2013-12-12 11:01 - 2013-12-12 11:01 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

2013-12-12 11:04 - 2013-12-12 11:05 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
 

Files to move or delete:

====================

C:\Windows\Tasks\{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C}.job
 
 

Some content of TEMP:

====================

C:\Users\******\AppData\Local\Temp\avgnt.exe

C:\Users\******\AppData\Local\Temp\Creative Cloud Helper.exe

C:\Users\******\AppData\Local\Temp\CreativeCloudSet-Up.exe

C:\Users\******\AppData\Local\Temp\dateinj01.dll

C:\Users\******\AppData\Local\Temp\drm_dialogs.dll

C:\Users\******\AppData\Local\Temp\drm_dyndata_7400008.dll

C:\Users\******\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\******\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\******\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\******\AppData\Local\Temp\mgxoschk.dll

C:\Users\******\AppData\Local\Temp\MgxVistaTools.dll

C:\Users\******\AppData\Local\Temp\npp.6.7.4.Installer.exe

C:\Users\******\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\******\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\******\AppData\Local\Temp\nvSCPAPISvr.exe

C:\Users\******\AppData\Local\Temp\nvStInst.exe

C:\Users\******\AppData\Local\Temp\sdanircmdc.exe

C:\Users\******\AppData\Local\Temp\sdapskill.exe

C:\Users\******\AppData\Local\Temp\sdaspwn.exe

C:\Users\******\AppData\Local\Temp\SkypeSetup.exe

C:\Users\******\AppData\Local\Temp\tmd_34015596.exe

C:\Users\******\AppData\Local\Temp\unwise.exe

C:\Users\******\AppData\Local\Temp\vlc-2.1.5-win32.exe

C:\Users\******\AppData\Local\Temp\xmlUpdater.exe

C:\Users\******\AppData\Local\Temp\_is3400.exe

C:\Users\******\AppData\Local\Temp\{98FE302D-7ADF-468E-BD7F-C22045491D76}.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-30 14:19
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

So, das müsste es gewesen sein...

Es grüßt, Massenmensch.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

So... ESET läuft, braucht aber noch ein bisschen (kein Wunder bei 0,5 TB Daten auf der Festplatte :rolleyes: ). Melde mich dann später nochmal...

Bis dann,

Massenmensch

ESET erfolgreich, SecurityCheck nicht...

So...
ESET ist erfolgreich durchgelaufen, hat aber 30 Dateien gefunden.

~~~LOGS~~~

ESET:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=7c19386227ee8640b3a622f1e0509b6f

# engine=23058

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2015-03-24 11:41:46

# local_time=2015-03-25 12:41:46 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1031

# osver=6.2.9200 NT 

# compatibility_mode_1=''

# compatibility_mode=5893 16776574 100 94 214820 10222416 0 0

# scanned=920257

# found=30

# cleaned=0

# scan_time=23186

sh=F5860D75BE06C15152233BBBB10B4F9427AF24AF ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppsGeyser.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$R62BJ5D.apk"

sh=4370E4F60FB96627C6AD4F4820A4FA8A61F8EC29 ft=1 fh=3b60eb1472d7e959 vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$R63I109.exe"

sh=E3DBE85EE28DAE87B82A12F472D2721BE7AF85F1 ft=1 fh=0747bc396f6aa6f9 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$RAL1I1Q.exe"

sh=2D47123B8608D4818326B72C005E229E93FBC145 ft=1 fh=ac498f0af5877273 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$RMS7L4L.exe"

sh=4370E4F60FB96627C6AD4F4820A4FA8A61F8EC29 ft=1 fh=3b60eb1472d7e959 vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$RT8MT0I.exe"

sh=8B73E6CC95E14F6D2BC3F55C62A6FF9D7979B168 ft=1 fh=70f2756a00a72489 vn="Win32/BundleLoader.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1481936226-3761452550-2346937436-1002\$RWDGY7Q.exe"

sh=87F0C80D829248D28AF737B1F24671B860A5FE44 ft=1 fh=b73fba368dc1806f vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe.vir"

sh=91DC006B84C4F51ADCADC1BB498E3376FC40130E ft=1 fh=c3b5952672b90e6f vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir"

sh=43F30D297BD0E20FC2BEF7CF049B4D1C6D5C43AB ft=0 fh=0000000000000000 vn="Variante von Android/Leadbolt.E evtl. unerwünschte Anwendung" ac=I fn="C:\Backup\download\getapk.co.1.6.93.apk"

sh=21EEE9DD961EC98171EA4D67FFE345D75BC989EC ft=1 fh=c71c0011480feaa6 vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Free Screen To Video\Helper.dll"

sh=9279B4584121A5D0AE482A4011C8E1C7FCD2FAF3 ft=1 fh=309830e801f5ad07 vn="Variante von Win32/KoyoteLab.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Free Screen To Video\Uninstall.exe"

sh=15219C0F274C5C9956981C91ABEC5D4E3A1F6442 ft=1 fh=3fec66b3c1704bce vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe"

sh=41DE1AFF8AC7BF30EA7F952825E02FA6EC6A306D ft=1 fh=cfbb424d50a0cab5 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\pandasecuritytb\dtUser.exe"

sh=30E5E6B0B58E73CADC4D59EE657E07E5AE9F5813 ft=1 fh=f84afab4951a6e89 vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll"

sh=81374ADC5FD8E52504FA3E9A88C38EAA56058384 ft=1 fh=2c5c7dc7e05fe486 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\pandasecuritytb\pandasecuritytb.dll"

sh=B220378A5BF471164F89D187B202F3C87A1A0DEA ft=1 fh=9c19cdffb1d463ae vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\AppData\Local\Temp\Dn9pnvxB.exe.part"

sh=4552B652E80C8CAEC8B40FE72352FBD23F55E3F2 ft=1 fh=55912cd62853b6de vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\AppData\Local\Temp\{98FE302D-7ADF-468E-BD7F-C22045491D76}.exe"

sh=5002FD8CC026149119FB423A2AE4D8E7459FBE10 ft=1 fh=484528c6c0408215 vn="Win32/ClickAdvanced.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\AppData\Local\Temp\dlmCBCD.tmp\new_MVP_Downloader_Converter.exe"

sh=47B19AB97028D8925579BED54EFEE88C8107D6B6 ft=1 fh=34f71966959b3eb8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\AppData\Local\Temp\DMR\dmr_72.exe"

sh=F5860D75BE06C15152233BBBB10B4F9427AF24AF ft=0 fh=0000000000000000 vn="Variante von Android/AdDisplay.AppsGeyser.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\-Vertretungsplan_9.2.apk"

sh=6F4CC0CEE2881F282593EBF084448DA3B97E709A ft=1 fh=b2dfbd5d5e5a396f vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\HTML Editor Phase - CHIP-Installer.exe"

sh=9DD70DD3D1772B194F52DD649A4CC27D3326478B ft=1 fh=774a203150c16457 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\I8190XXAMA1_I8190OXAAMA1_4.1.2_rooted_by_infected_V2 - CHIP-Installer.exe"

sh=49B76E2F0C4440462CE7A245D00AFA52EB576C34 ft=1 fh=639caa2dff0ef4f0 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\ispd-Downloader (1).exe"

sh=4E1DA3E2F90B78C47E7E4AFC2E7180F3A3AF5EE4 ft=1 fh=1542f2cf79c170ee vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\Odin3 - CHIP-Installer.exe"

sh=593946DD4BE9C7E0344EAAF2F60166F56EE21953 ft=1 fh=2f3a3b390ddaa4f4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\Partition Wizard Home Edition - CHIP-Installer.exe"

sh=8A8BDD3E14928E51DF0DCE6F95221A299C76000C ft=1 fh=6f83c187e5e5372c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\Regin Scanner - CHIP-Installer.exe"

sh=F80E5DF43655E17453B2B23D92FFDD65085C1BAE ft=1 fh=daa452cf77f1714b vn="Win32/DownloadGuide.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\Setup-Loksim3D-2-9-1_CB-DL-Manager.exe"

sh=4D022A2B33AE943D8FA622271B3F4CAE744A1509 ft=1 fh=ca34b1f01670cd5e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\TopStyle - CHIP-Installer.exe"

sh=3C800414F7F589EFC70F236F21E5F62C457A43D5 ft=1 fh=ea747b6b88b6bed7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\VirtualBox - CHIP-Installer.exe"

sh=EF2C785CA2AC5E3ED101A0D1A1A2E1C1E25BAC95 ft=1 fh=95245476dfe92772 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\******\Downloads\Visitenkarten in 2 Minuten - CHIP-Installer.exe"

------
SecurityCheck zeigte mir aber jedes mal folgenden Error an:
checkup.txt

Code:

UNSUPPORTED OPERATING SYSTEM! ABORTED!

------
und FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015

Ran by ****** (administrator) on ******S-PC on 25-03-2015 09:30:39

Running from C:\Users\******\Desktop

Loaded Profiles: ****** (Available profiles: ****** & Administrator & Gast)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

(Leap Motion, Inc.) C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc64.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe

() C:\Program Files (x86)\Skiller Pro\Monitor.EXE

(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe

(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe

() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe

(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe

(Dell) C:\Users\******\AppData\Local\Apps\2.0\LLG9VHQ8.GH9\KO4XLBTX.AGH\dell..tion_0f612f649c4a10af_0005.0004_3ddfe37344028d2c\DellSystemDetect.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

( ) C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(NVIDIA Corporation) C:\Users\******\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)

HKLM\...\Run: [Remote Control Server] => C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe [5159424 2015-01-19] (Steppschuh)

HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133440 2012-07-19] (Intel Corporation)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-02] (Intel Corporation)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)

HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-06-23] (BlueStack Systems, Inc.)

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2020704 2014-08-05] (Wondershare)

HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-09-02] ()

HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2448896 2014-09-19] (FileZilla Project)

HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [Skiller Pro] => C:\Program Files (x86)\Skiller Pro\Monitor.exe [475136 2014-02-26] ()

HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-10-16] (Panda Security, S.L.)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [RssReader] => C:\Program Files (x86)\RssReader\RssReader.exe [1077248 2004-04-04] (Ykoon)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Leap Control Panel] => C:\Program Files (x86)\Leap Motion\Core Services\LeapControlPanel.exe [3609936 2015-03-21] (Leap Motion, Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Spotify Web Helper] => C:\Users\******\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Spotify] => C:\Users\******\AppData\Roaming\Spotify\spotify.exe [6737976 2014-12-11] (Spotify Ltd)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Google Update] => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-09] (Google Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1313536 2014-04-01] (Bogdan Sharkov)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-07] (Samsung)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [2042880 2014-08-25] (RemoteMouse.net)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [spotimote] => C:\Program Files (x86)\spotimote\spotimote.exe [2830248 2014-10-08] ()

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31346784 2015-02-26] (Skype Technologies S.A.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [GoogleChromeAutoLaunch_D781C9BFB3A3BA37CC3EB8921F5CCF82] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Run: [DellSystemDetect] => C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Policies\Explorer: [NoFolderOptions] 0

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\...\Policies\Explorer: [NoControlPanel] 0

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk

ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\devolo Cockpit.lnk

ShortcutTarget: devolo Cockpit.lnk -> C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe ( )

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Identitaetsabfrage.bat ()

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MAGIX Video deluxe 2014.lnk

ShortcutTarget: MAGIX Video deluxe 2014.lnk -> C:\Program Files (x86)\MAGIX\Video deluxe 2014\Videodeluxe.exe (MAGIX Software GmbH)

Startup: C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk

ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

HKU\S-1-5-21-1481936226-3761452550-2346937436-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com/search?q={searchTerms}

SearchScopes: HKLM-x32 -> DefaultScope value is missing.

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3324427&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SPAF1B23EF-781D-48EC-96E7-10E4407318A0&q={searchTerms}&SSPV=

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}

SearchScopes: HKU\S-1-5-21-1481936226-3761452550-2346937436-1002 -> {B4364FC7-BB80-4056-A87B-DBC5A26B5C36} URL = 

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-25] (Oracle Corporation)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)

BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-12-16] (Adblock Plus)

BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-09-02] (Wondershare)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-24] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-24] (Oracle Corporation)

BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-12-16] (Adblock Plus)

Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2014-10-17] ()

Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2014-10-17] ()

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default

FF SearchEngineOrder.1: Google.at

FF Homepage: https://www.google.de/

FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-08] ()

FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)

FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-08] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-24] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-24] (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-20] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @talk.google.com/GoogleTalkPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @talk.google.com/O1DPlugin -> C:\Users\******\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @tools.google.com/Google Update;version=3 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @tools.google.com/Google Update;version=9 -> C:\Users\******\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin HKU\S-1-5-21-1481936226-3761452550-2346937436-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\******\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-06] (Unity Technologies ApS)

FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\******\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)

FF SearchPlugin: C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\searchplugins\youtube-videosuche.xml [2014-08-30]

FF Extension: Avira Browser Safety - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\abs@avira.com [2015-03-02]

FF Extension: FireFTP - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2015-01-16]

FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\langpack-de@firefox.mozilla.org.xpi [2015-01-16]

FF Extension: Deutsch (DE) Language Pack - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\langpack-de@Waterfox.mozilla.org.xpi [2014-08-30]

FF Extension: Session Manager - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-10-31]

FF Extension: Adblock Plus - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\ynwd5408.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-16]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com

FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-09-11]
 

Chrome: 

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "https://www.google.de/", "hxxp://websearch.amaizingsearches.info/?pid=377&r=2014/04/07&hid=5936879317086436134&lg=EN&cc=DE&unqvl=51", "hxxp://google.com/", "hxxp://google.de/", "https://de.search.yahoo.com/?type=937811&fr=yo-yhp-ch"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\******\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Angry Birds) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-04-07]

CHR Extension: (YouTube) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-07]

CHR Extension: (Berlin Events) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopbgcbccpbkbficacifdijmlpdnddkf [2014-04-07]

CHR Extension: (Adblock Plus) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-17]

CHR Extension: (Google Search) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-07]

CHR Extension: (Session Buddy) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2014-04-07]

CHR Extension: (Floating YouTube Extension) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\egncdnniomonjgpjbapalkckojhkfddk [2014-11-12]

CHR Extension: (Yahoo!) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhbkaahephniejapepaiggngjnedpci [2015-02-09]

CHR Extension: (Show Frame) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmgcfdnagjkihmgjhbiombjdcgckgnb [2015-01-18]

CHR Extension: (Google Keep - notes and lists) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-04-07]

CHR Extension: (ProxMate) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-05-13]

CHR Extension: (Floating YouTube™) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2014-11-12]

CHR Extension: (FullStream) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkchcbdilffpbpkknniliidiflhbagkl [2015-01-23]

CHR Extension: (Open Frame) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdhjgkkaacdhdioocfbpmhjidbinfajj [2015-01-18]

CHR Extension: (Wetter Berlin) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\klefihnmmfkcaoeebemdmeebbfdhlknm [2014-04-07]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]

CHR Extension: (Twitch Now) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-01-23]

CHR Extension: (Google Wallet) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-29]

CHR Extension: (Gmail) - C:\Users\******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-07]

CHR HKLM-x32\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [406288 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-06-23] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-06-23] (BlueStack Systems, Inc.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-03-01] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)

R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-30] (Dell Inc.)

R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201424 2015-01-30] (Dell Inc.)

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3736520 2015-01-29] (devolo AG)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]

S2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [772608 2014-09-19] (FileZilla Project) [File not signed]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]

R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)

S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [444640 2014-07-28] ()

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)

R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-07-19] (Intel Corporation)

R2 LeapService; C:\Program Files (x86)\Leap Motion\Core Services\LeapSvc64.exe [10166784 2015-03-21] (Leap Motion, Inc.) [File not signed]

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-02-16] (LogMeIn, Inc.)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)

R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58387104 2014-07-12] (Microsoft Corporation)

S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation)

S2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2014-10-13] (Panda Security, S.L.)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-01-31] (Electronic Arts)

S2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)

S2 panda_url_filtering; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe [296760 2014-09-19] (Panda Security)

S2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-10-16] (Panda Security, S.L.)

S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()

R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)

S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441504 2014-07-12] (Microsoft Corporation)

R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-02-19] (Dell Inc.)

S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]

S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]

S3 McAWFwk; C:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [X]

S2 McOobeSv2; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-06-23] (BlueStack Systems)

S3 CCUSBMIDI; C:\Windows\System32\Drivers\ccusbmid.sys [26624 2012-02-24] (CASIO COMPUTER CO., LTD.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)

R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)

R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-02-17] (LogMeIn Inc.)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-07-24] (McAfee, Inc.)

S3 MP4ConverterAudio; C:\Windows\system32\drivers\MP4ConverterAudio.sys [36064 2014-07-28] (Windows (R) Win 7 DDK provider)

S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation)

R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)

R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)

R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)

R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)

R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)

R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)

R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)

R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)

R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)

R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)

R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)

R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)

R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)

R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-01-29] (CACE Technologies)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)

R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [163088 2014-10-13] (Panda Security, S.L.)

R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2014-10-13] (Panda Security, S.L.)

R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)

R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)

R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)

R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2014-10-13] (Panda Security, S.L.)

R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)

R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()

R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)

S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 

==================== One Month Created Files and Folders ========
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-25 09:30 - 2015-03-25 09:31 - 00040255 _____ () C:\Users\******\Desktop\FRST.txt

2015-03-25 09:26 - 2015-03-25 09:26 - 00000041 _____ () C:\Users\******\Desktop\checkup.txt

2015-03-24 23:23 - 2015-03-24 23:24 - 00000085 _____ () C:\Users\******\Desktop\todo.txt

2015-03-24 21:53 - 2015-03-24 21:53 - 00000000 ____H () C:\Users\******\Documents\A76269CE35ADACDF.dat

2015-03-24 21:49 - 2015-03-24 21:49 - 00000136 _____ () C:\WINDOWS\ODBC.INI

2015-03-24 21:49 - 2015-03-24 21:49 - 00000000 ____D () C:\Users\******\Documents\Profile1

2015-03-24 18:20 - 2015-03-24 18:21 - 00852604 _____ () C:\Users\******\Desktop\SecurityCheck.exe

2015-03-24 18:13 - 2015-03-24 18:13 - 02347384 _____ (ESET) C:\Users\******\Downloads\esetsmartinstaller_deu.exe

2015-03-24 11:27 - 2015-03-24 11:27 - 00000000 ____D () C:\WINDOWS\Sun

2015-03-24 11:26 - 2015-03-24 11:24 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-03-24 11:24 - 2015-03-24 11:24 - 00560552 _____ (Oracle Corporation) C:\Users\******\Downloads\jre-8u40-windows-i586-iftw.exe

2015-03-24 09:19 - 2015-03-24 10:47 - 00000884 _____ () C:\Users\******\Desktop\JRT.txt

2015-03-24 09:15 - 2015-03-24 09:15 - 00006267 _____ () C:\Users\******\Desktop\AdwCleaner[S3].txt

2015-03-24 09:10 - 2014-03-25 14:15 - 00060400 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys

2015-03-24 09:08 - 2015-03-24 09:11 - 00001780 _____ () C:\Users\******\Desktop\Google Keep.lnk

2015-03-24 09:08 - 2015-03-24 09:08 - 00001049 _____ () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-03-24 00:02 - 2015-03-24 09:07 - 00009999 _____ () C:\Users\******\Desktop\mbam.txt

2015-03-23 23:33 - 2015-03-23 23:33 - 02168320 _____ () C:\Users\******\Desktop\AdwCleaner_4.113.exe

2015-03-23 23:33 - 2015-03-23 23:33 - 01388782 _____ (Thisisu) C:\Users\******\Desktop\JRT.exe

2015-03-23 23:31 - 2015-03-23 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leap Motion

2015-03-23 23:25 - 2015-03-23 23:25 - 00488088 _____ () C:\WINDOWS\Minidump\032315-26625-01.dmp

2015-03-23 23:11 - 2015-03-23 23:35 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-03-23 23:10 - 2015-03-23 23:10 - 00001172 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-03-23 23:10 - 2015-03-23 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-03-23 23:10 - 2015-03-23 23:10 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-03-23 23:10 - 2015-03-23 23:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-03-23 23:10 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-03-23 23:10 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-03-23 23:10 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-03-23 23:07 - 2015-03-23 23:07 - 00001340 _____ () C:\Users\******\Desktop\Revo Uninstaller.lnk

2015-03-23 23:07 - 2015-03-23 23:07 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2015-03-23 22:13 - 2015-03-23 22:56 - 00000493 _____ () C:\Users\******\Desktop\GMER.txt

2015-03-23 22:00 - 2015-03-23 22:02 - 00000476 _____ () C:\Users\******\Desktop\defogger_disable.log

2015-03-23 21:58 - 2015-03-25 09:30 - 00000000 ____D () C:\FRST

2015-03-23 21:58 - 2015-03-23 21:58 - 00000000 _____ () C:\Users\******\defogger_reenable

2015-03-23 21:57 - 2015-03-23 21:57 - 00050477 _____ () C:\Users\******\Desktop\Defogger.exe

2015-03-23 21:55 - 2015-03-23 21:55 - 02095616 _____ (Farbar) C:\Users\******\Desktop\FRST64.exe

2015-03-23 21:54 - 2015-03-23 21:54 - 00380416 _____ () C:\Users\******\Desktop\k501derz.exe

2015-03-23 21:39 - 2015-03-23 21:40 - 01203488 _____ () C:\Users\******\Downloads\Regin Scanner - CHIP-Installer.exe

2015-03-23 18:14 - 2015-03-23 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\River-Simulator 2012 - Demo

2015-03-23 18:13 - 2015-03-23 18:13 - 00000000 ____D () C:\Program Files (x86)\River-Simulator 2012 - Demo

2015-03-23 18:06 - 2015-03-23 18:06 - 00000000 ____D () C:\Users\******\Tracing

2015-03-22 14:08 - 2015-03-04 22:24 - 00792032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-03-22 14:08 - 2015-03-04 22:24 - 00178144 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-03-22 10:31 - 2015-03-22 10:55 - 00000000 ____D () C:\Users\******\AppData\Roaming\Rettungswagen Simulator 2014 Demo

2015-03-22 10:31 - 2015-03-22 10:32 - 00000000 ____D () C:\Users\******\Documents\Rettungswagen Simulator 2014 Demo

2015-03-22 10:31 - 2015-03-22 10:31 - 00000000 ____D () C:\ProgramData\RTWS2014DEMO

2015-03-22 10:28 - 2015-03-22 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rettungswagen Simulator 2014 Demo

2015-03-22 10:22 - 2015-03-22 10:28 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2014 Demo

2015-03-22 10:21 - 2015-03-22 10:27 - 218461259 _____ () C:\Users\******\Downloads\Schiff-Simulator2012-Demo_Setup.zip

2015-03-22 10:01 - 2015-03-22 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schwebebahn-Simulator 2013 Demo

2015-03-22 10:00 - 2015-03-22 10:00 - 00000000 ____D () C:\Program Files (x86)\rondomedia

2015-03-22 09:52 - 2015-03-22 09:55 - 179712052 _____ () C:\Users\******\Downloads\Schwebebahn-Simulator2013_simuwelt_Demo Setup.zip

2015-03-22 09:51 - 2015-03-22 10:11 - 1682428100 _____ () C:\Users\******\Downloads\rtws2014-demo-1.0a.zip

2015-03-22 09:19 - 2015-03-22 09:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Airport Simulator 2013 Demo

2015-03-22 09:19 - 2015-03-22 09:19 - 00000000 ____D () C:\Program Files (x86)\Airport Simulator 2013 Demo

2015-03-22 09:18 - 2015-03-22 09:18 - 50171380 _____ () C:\Users\******\Downloads\Airport-Simulator2013_simuwelt_Demo.zip

2015-03-21 21:19 - 2015-03-21 21:19 - 00000000 ____D () C:\Users\******\AppData\Roaming\Open Rails

2015-03-21 20:42 - 2015-03-21 20:42 - 00001082 _____ () C:\Users\Public\Desktop\Open Rails.lnk

2015-03-21 20:42 - 2015-03-21 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Rails

2015-03-21 20:42 - 2015-03-21 20:42 - 00000000 ____D () C:\Program Files (x86)\Open Rails

2015-03-21 20:41 - 2015-03-21 20:41 - 23850158 _____ (Open Rails ) C:\Users\******\Downloads\setup_OR_pre-v1.0_from_download.exe

2015-03-21 20:20 - 2015-03-21 20:39 - 00000000 ____D () C:\Users\******\AppData\Local\Loksim3D

2015-03-21 20:20 - 2015-03-21 20:34 - 00000000 ____D () C:\Program Files (x86)\Loksim3D

2015-03-21 20:20 - 2015-03-21 20:25 - 00000000 ____D () C:\Users\Public\Documents\Loksim3D

2015-03-21 20:20 - 2015-03-21 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loksim3D

2015-03-21 20:15 - 2015-03-21 20:17 - 120920998 _____ () C:\Users\******\Downloads\Setup-Loksim3D-2-9-1.zip

2015-03-21 20:14 - 2015-03-21 20:14 - 00373824 _____ () C:\Users\******\Downloads\Setup-Loksim3D-2-9-1_CB-DL-Manager.exe

2015-03-21 15:12 - 2015-03-21 15:24 - 436138144 _____ (MAGIX Software GmbH) C:\Users\******\Downloads\music_maker_2015_dlv_chip_de_20140827_13-38.exe

2015-03-20 20:25 - 2015-03-13 16:38 - 00622224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe

2015-03-20 20:22 - 2015-03-13 20:41 - 32114888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 25460880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 24775368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 20466376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 18580512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 17258024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 16022016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 14121624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 13297144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 13210080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 10775080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 10715864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 10262160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys

2015-03-20 20:22 - 2015-03-13 20:41 - 03611792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 03303448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 03249352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 02906928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 01896136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434788.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 01557648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434788.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00997856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00970384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00944784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00930448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00909512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00878328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00354112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00306208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00178512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00164568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll

2015-03-20 20:22 - 2015-03-13 20:41 - 00032456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys

2015-03-20 20:22 - 2015-03-13 20:41 - 00027441 _____ () C:\WINDOWS\system32\nvinfo.pb

2015-03-11 07:39 - 2015-03-06 03:53 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2015-03-11 07:39 - 2015-03-06 03:33 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2015-03-11 07:39 - 2015-02-26 00:26 - 04178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2015-03-11 07:39 - 2015-02-04 00:58 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys

2015-03-11 07:39 - 2015-02-04 00:58 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys

2015-03-11 07:39 - 2015-02-04 00:58 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

2015-03-11 07:39 - 2015-02-03 00:53 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll

2015-03-11 07:39 - 2015-02-03 00:53 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll

2015-03-11 07:39 - 2015-01-31 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll

2015-03-11 07:39 - 2015-01-31 00:29 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll

2015-03-11 07:39 - 2015-01-29 02:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll

2015-03-11 07:39 - 2015-01-29 02:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll

2015-03-11 07:39 - 2015-01-27 04:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe

2015-03-11 07:39 - 2015-01-24 02:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe

2015-03-11 07:39 - 2015-01-23 08:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll

2015-03-11 07:39 - 2015-01-23 06:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll

2015-03-11 07:38 - 2015-02-20 04:03 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2015-03-11 07:38 - 2015-02-20 03:58 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2015-03-11 07:38 - 2015-02-20 03:20 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2015-03-11 07:38 - 2015-02-20 03:15 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2015-03-11 07:38 - 2015-02-07 00:09 - 00396419 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2015-03-11 07:38 - 2015-02-06 02:28 - 02257408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2015-03-11 07:38 - 2015-02-06 02:08 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2015-03-11 07:38 - 2015-02-05 21:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2015-03-11 07:38 - 2015-02-03 01:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2015-03-11 07:38 - 2015-02-03 01:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2015-03-11 07:38 - 2015-01-31 00:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll

2015-03-11 07:38 - 2015-01-30 04:01 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys

2015-03-11 07:38 - 2015-01-30 03:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll

2015-03-11 07:38 - 2015-01-30 03:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll

2015-03-11 07:38 - 2015-01-30 03:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll

2015-03-11 07:38 - 2015-01-30 02:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll

2015-03-11 07:38 - 2015-01-30 02:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll

2015-03-11 07:38 - 2015-01-30 02:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll

2015-03-11 07:38 - 2015-01-30 02:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll

2015-03-11 07:38 - 2015-01-30 02:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll

2015-03-11 07:38 - 2015-01-30 02:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll

2015-03-11 07:38 - 2015-01-30 02:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll

2015-03-11 07:38 - 2015-01-30 02:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll

2015-03-11 07:38 - 2015-01-30 02:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll

2015-03-11 07:38 - 2015-01-30 02:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll

2015-03-11 07:38 - 2015-01-29 02:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2015-03-11 07:38 - 2015-01-29 02:04 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2015-03-11 07:38 - 2015-01-29 02:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2015-03-11 07:38 - 2015-01-29 02:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2015-03-11 07:38 - 2015-01-29 01:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2015-03-11 07:38 - 2015-01-29 01:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2015-03-11 07:38 - 2015-01-29 01:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2015-03-11 07:38 - 2015-01-29 01:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2015-03-11 07:38 - 2015-01-28 16:41 - 07472960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-03-11 07:38 - 2015-01-28 16:41 - 01733440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2015-03-11 07:38 - 2015-01-28 16:41 - 01498360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2015-03-11 07:38 - 2015-01-28 03:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll

2015-03-11 07:38 - 2015-01-28 02:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll

2015-03-11 07:38 - 2015-01-27 05:22 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2015-03-11 07:38 - 2015-01-27 03:11 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2015-03-11 07:37 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-03-11 07:37 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-03-11 07:37 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2015-03-11 07:37 - 2015-02-21 01:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2015-03-11 07:37 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-03-11 07:37 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-03-11 07:37 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2015-03-11 07:37 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-03-11 07:37 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-03-11 07:37 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2015-03-11 07:37 - 2015-02-20 03:35 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-03-11 07:37 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2015-03-11 07:37 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-03-11 07:37 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-03-11 07:37 - 2015-02-20 03:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2015-03-11 07:37 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2015-03-11 07:37 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2015-03-11 07:37 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-03-11 07:37 - 2015-02-20 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-03-11 07:37 - 2015-02-20 02:56 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-03-11 07:37 - 2015-02-20 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2015-03-11 07:37 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-03-11 07:37 - 2015-02-20 02:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2015-03-11 07:37 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2015-03-11 07:37 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-03-11 07:37 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-03-11 07:37 - 2015-02-20 02:30 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-03-11 07:37 - 2015-02-20 02:29 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2015-03-11 07:37 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-03-11 07:37 - 2015-02-20 02:26 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2015-03-11 07:37 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2015-03-11 07:37 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-03-11 07:37 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-03-11 07:37 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-03-11 07:37 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-03-11 07:37 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-03-11 07:37 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-03-11 07:37 - 2015-02-12 18:40 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2015-03-11 07:37 - 2015-02-12 18:34 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2015-03-11 07:37 - 2015-02-08 00:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2015-03-11 07:37 - 2015-02-08 00:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2015-03-11 07:37 - 2015-01-29 19:45 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2015-03-11 07:37 - 2015-01-29 19:34 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2015-03-11 07:37 - 2015-01-28 02:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll

2015-03-11 07:37 - 2015-01-28 02:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll

2015-03-11 07:37 - 2015-01-28 00:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2015-03-11 07:37 - 2015-01-28 00:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2015-03-11 07:37 - 2015-01-21 06:54 - 01384712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll

2015-03-11 07:37 - 2015-01-21 06:15 - 01123848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

2015-03-11 07:37 - 2014-12-11 06:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe

2015-03-11 07:02 - 2015-03-11 07:02 - 01142192 _____ () C:\WINDOWS\Minidump\031115-35765-01.dmp

2015-03-11 07:01 - 2015-03-23 23:25 - 740588065 _____ () C:\WINDOWS\MEMORY.DMP

2015-03-10 18:31 - 2015-03-10 18:32 - 00166935 _____ () C:\Users\******\Downloads\xape.rar

2015-03-08 19:31 - 2015-03-08 19:38 - 00000000 ____D () C:\Users\******\Desktop\Chips

2015-03-07 12:04 - 2015-03-07 21:17 - 00000000 ____D () C:\Users\******\AppData\Local\LogMeIn Hamachi

2015-03-07 12:02 - 2015-03-07 12:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2015-03-07 12:02 - 2015-03-07 12:02 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

2015-03-06 19:06 - 2015-03-24 14:14 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1481936226-3761452550-2346937436-1002

2015-03-06 18:55 - 2015-03-06 18:55 - 00000000 ___HD () C:\WINDOWS\AxInstSV

2015-03-06 16:00 - 2015-03-06 16:31 - 4225595392 _____ () C:\Users\******\Downloads\Windows10_TechnicalPreview_x64_DE-DE_9926 (1).iso

2015-03-05 20:04 - 2015-03-05 20:04 - 00001134 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk

2015-03-05 20:04 - 2015-03-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox

2015-03-05 20:04 - 2015-03-05 20:04 - 00000000 ____D () C:\Program Files\Oracle

2015-03-05 20:04 - 2015-03-02 15:20 - 00922168 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxDrv.sys

2015-03-05 20:04 - 2015-03-02 15:18 - 00128592 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxUSBMon.sys

2015-03-05 20:01 - 2015-03-05 20:01 - 01203488 _____ () C:\Users\******\Downloads\VirtualBox - CHIP-Installer.exe

2015-03-02 15:18 - 2015-03-02 15:18 - 00204264 _____ (Oracle Corporation) C:\WINDOWS\system32\VBoxNetFltNobj.dll

2015-03-02 15:18 - 2015-03-02 15:18 - 00156360 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetFlt.sys

2015-03-02 15:18 - 2015-03-02 15:18 - 00141440 _____ (Oracle Corporation) C:\WINDOWS\system32\Drivers\VBoxNetAdp.sys

2015-03-01 19:12 - 2015-03-01 19:12 - 00063769 _____ () C:\Users\******\Desktop\Bigband Konzert.odt

2015-02-28 15:13 - 2015-02-28 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigel

2015-02-28 15:11 - 2015-02-28 15:11 - 01203488 _____ () C:\Users\******\Downloads\Visitenkarten in 2 Minuten - CHIP-Installer.exe

2015-02-28 08:56 - 2015-03-23 23:31 - 00001312 _____ () C:\Users\Public\Desktop\Leap Motion App Home.lnk

2015-02-25 15:28 - 2013-09-30 16:26 - 00019152 ____N () C:\WINDOWS\system32\pwdrvio.sys

2015-02-25 15:28 - 2013-09-30 16:26 - 00012504 ____N () C:\WINDOWS\system32\pwdspio.sys

2015-02-25 15:14 - 2015-01-14 11:28 - 03066880 _____ () C:\WINDOWS\system32\pwNative.exe

2015-02-25 15:12 - 2015-02-25 15:14 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0

2015-02-25 15:12 - 2015-02-25 15:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.0

2015-02-25 15:10 - 2015-02-25 15:10 - 01203488 _____ () C:\Users\******\Downloads\Partition Wizard Home Edition - CHIP-Installer.exe

2015-02-25 14:49 - 2015-02-25 15:08 - 00000000 ____D () C:\Backup

2015-02-25 06:58 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls

2015-02-25 06:58 - 2014-12-13 22:28 - 00513488 _____ () C:\WINDOWS\system32\locale.nls

2015-02-24 18:00 - 2015-02-24 18:05 - 239433883 _____ () C:\Users\******\Downloads\cm12.0_golden.nova.20150214.ODIN_TWRP.zip

2015-02-24 17:32 - 2015-02-24 17:32 - 11029139 _____ () C:\Users\******\Downloads\CWM_6.0.4.5_Spec-Assert_fixed.zip

2015-02-23 16:48 - 2015-02-23 16:48 - 01192075 _____ () C:\Users\******\Desktop\UPDATE-SuperSU-v1.51.zip

2015-02-23 16:39 - 2010-08-27 05:32 - 00069120 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsx64.dll

2015-02-23 16:38 - 2015-02-23 16:38 - 00000000 ____D () C:\Program Files\SAMSUNG

2015-02-23 16:19 - 2015-02-23 16:20 - 01203488 _____ () C:\Users\******\Downloads\Odin3 - CHIP-Installer.exe

2015-02-23 16:15 - 2015-02-23 16:16 - 01203488 _____ () C:\Users\******\Downloads\I8190XXAMA1_I8190OXAAMA1_4.1.2_rooted_by_infected_V2 - CHIP-Installer.exe
 

==================== One Month Modified Files and Folders =======
 

(If an entry is included in the fixlist, the file\folder will be moved.)
 

2015-03-25 09:23 - 2015-02-08 22:18 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-03-25 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-03-25 08:57 - 2015-02-08 21:52 - 00001148 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002UA.job

2015-03-25 08:50 - 2014-10-12 15:15 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-03-25 06:36 - 2014-01-17 23:05 - 01525634 _____ () C:\WINDOWS\WindowsUpdate.log

2015-03-25 05:04 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2015-03-24 23:18 - 2013-12-29 09:07 - 00000000 ____D () C:\Users\******\AppData\Roaming\Skype

2015-03-24 23:00 - 2013-12-12 11:05 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery

2015-03-24 22:45 - 2014-05-01 14:02 - 00042075 _____ () C:\WINDOWS\setupact.log

2015-03-24 22:23 - 2015-02-08 22:18 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-03-24 22:14 - 2013-12-29 08:50 - 00000000 ____D () C:\ProgramData\softthinks

2015-03-24 21:57 - 2015-02-08 21:52 - 00001096 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1481936226-3761452550-2346937436-1002Core.job

2015-03-24 21:52 - 2014-01-18 07:23 - 00000000 ____D () C:\Users\******\AppData\Local\Deployment

2015-03-24 21:10 - 2014-09-13 18:10 - 00000308 _____ () C:\WINDOWS\Tasks\DLL-Files FixerASKUSER.job

2015-03-24 11:26 - 2014-01-04 11:25 - 00000000 ____D () C:\ProgramData\Oracle

2015-03-24 11:25 - 2014-11-01 09:23 - 00000000 ____D () C:\Program Files (x86)\Java

2015-03-24 11:24 - 2015-01-19 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit

2015-03-24 09:17 - 2013-11-14 08:27 - 00006882 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-03-24 09:17 - 2013-11-14 08:11 - 00926930 _____ () C:\WINDOWS\system32\perfh007.dat

2015-03-24 09:17 - 2013-11-14 08:11 - 00220360 _____ () C:\WINDOWS\system32\perfc007.dat

2015-03-24 09:12 - 2014-03-06 20:28 - 00007830 _____ () C:\WINDOWS\system32\debug.log

2015-03-24 09:12 - 2014-01-18 07:24 - 00000000 ___DO () C:\Users\******\SkyDrive

2015-03-24 09:09 - 2014-04-29 20:40 - 00708918 _____ () C:\WINDOWS\PFRO.log

2015-03-24 09:09 - 2014-01-17 23:05 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-03-24 09:09 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-03-24 09:09 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

2015-03-24 09:08 - 2014-01-30 16:42 - 00000000 ____D () C:\AdwCleaner

2015-03-24 09:08 - 2014-01-17 23:09 - 00000000 ____D () C:\Users\******

2015-03-23 23:31 - 2014-04-29 20:42 - 00117848 _____ () C:\WINDOWS\DPINST.LOG

2015-03-23 23:31 - 2014-02-12 15:25 - 00000000 ____D () C:\ProgramData\Leap Motion

2015-03-23 23:30 - 2014-03-01 09:35 - 00000000 ____D () C:\ProgramData\Package Cache

2015-03-23 23:30 - 2014-02-12 15:24 - 00000000 ____D () C:\Program Files (x86)\Leap Motion

2015-03-23 23:25 - 2014-02-06 23:08 - 00000000 ____D () C:\WINDOWS\Minidump

2015-03-23 23:10 - 2013-12-25 19:29 - 00000000 ____D () C:\Users\******\Desktop\Spiele

2015-03-23 18:06 - 2013-12-29 09:07 - 00000000 ___RD () C:\Program Files (x86)\Skype

2015-03-23 18:06 - 2013-12-29 09:07 - 00000000 ____D () C:\ProgramData\Skype

2015-03-23 14:00 - 2015-02-08 22:22 - 00000000 ____D () C:\ProgramData\panda_url_filtering

2015-03-22 14:07 - 2013-08-22 15:44 - 05363216 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-03-22 14:04 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender

2015-03-22 14:01 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2015-03-22 10:27 - 2014-05-14 19:39 - 00134580 _____ () C:\WINDOWS\DirectX.log

2015-03-21 19:52 - 2014-03-18 15:09 - 00000000 ____D () C:\Users\Public\Documents\MAGIX

2015-03-21 19:51 - 2014-03-18 15:08 - 00000000 ____D () C:\ProgramData\MAGIX

2015-03-21 19:51 - 2014-03-17 19:39 - 00000000 ____D () C:\Users\******\AppData\Roaming\MAGIX

2015-03-21 19:50 - 2014-03-18 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX

2015-03-21 19:43 - 2014-03-18 15:08 - 00000000 ____D () C:\Program Files (x86)\MAGIX

2015-03-21 19:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help

2015-03-20 20:26 - 2014-03-18 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2015-03-20 20:26 - 2013-12-12 11:06 - 00000000 ____D () C:\Temp

2015-03-20 20:24 - 2014-01-17 23:05 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2015-03-20 20:12 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-03-20 20:03 - 2013-12-29 13:51 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-03-20 19:54 - 2014-02-20 16:01 - 00000000 ____D () C:\Program Files\Microsoft Office 15

2015-03-20 19:46 - 2013-12-29 13:51 - 122905848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-03-16 20:47 - 2014-02-20 17:21 - 00000000 ____D () C:\Users\******\Documents\Schule

2015-03-13 17:16 - 2015-01-23 16:27 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll

2015-03-13 17:16 - 2014-03-18 20:10 - 01099408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 06861968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 03526856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 02559808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 00935056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe

2015-03-13 17:16 - 2014-01-17 23:05 - 00386248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll

2015-03-13 17:16 - 2014-01-17 23:05 - 00075976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

2015-03-11 14:10 - 2014-01-17 23:05 - 04246327 _____ () C:\WINDOWS\system32\nvcoproc.bin

2015-03-11 07:25 - 2015-01-31 22:57 - 00000000 ____D () C:\Users\******\Desktop\Musik Handy

2015-03-11 07:05 - 2014-04-03 19:49 - 00000000 ____D () C:\Users\******\AppData\Roaming\Spotify

2015-03-08 19:44 - 2014-03-16 19:45 - 00000000 ____D () C:\Users\******\AppData\Roaming\Audacity

2015-03-08 19:44 - 2013-12-31 15:22 - 00000000 ____D () C:\Users\******\AppData\Roaming\vlc

2015-03-07 12:19 - 2014-02-14 18:08 - 00000000 ____D () C:\Users\******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2015-03-07 12:15 - 2014-02-14 17:59 - 00000000 ____D () C:\Program Files (x86)\Steam

2015-03-07 11:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2015-03-07 10:47 - 2014-02-12 15:26 - 00000000 ____D () C:\Users\******\AppData\Local\Airspace

2015-03-07 10:35 - 2014-07-04 21:41 - 00000000 ____D () C:\Users\******\.VirtualBox

2015-03-06 18:30 - 2015-02-09 22:01 - 00000424 ____H () C:\WINDOWS\Tasks\{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C}.job

2015-03-06 18:10 - 2014-07-04 21:41 - 00000000 ____D () C:\Users\******\VirtualBox VMs

2015-03-06 16:23 - 2014-04-03 19:51 - 00000000 ____D () C:\Users\******\AppData\Local\Spotify

2015-02-28 10:01 - 2013-06-26 23:19 - 00000000 ____D () C:\dell

2015-02-25 18:29 - 2014-05-29 14:20 - 00000000 ____D () C:\ProgramData\Origin

2015-02-25 15:12 - 2014-05-29 14:20 - 00000000 ____D () C:\Program Files (x86)\Origin

2015-02-24 17:31 - 2014-02-20 22:45 - 00000382 _____ () C:\Users\******\Desktop\MASSE STICK (D) - Verknüpfung.lnk

2015-02-23 16:39 - 2014-08-16 10:54 - 00000000 ____D () C:\Program Files (x86)\Samsung

2015-02-23 16:14 - 2015-02-21 10:56 - 00002248 _____ () C:\Users\******\Desktop\lückenbestücken.txt
 

==================== Files in the root of some directories =======
 

2014-05-16 17:14 - 2014-05-16 17:14 - 0000132 _____ () C:\Users\******\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen

2014-07-04 21:27 - 2014-07-04 22:43 - 1177208 _____ () C:\Users\******\AppData\Roaming\AndyCleanupTool.exe

2014-07-04 21:27 - 2014-07-04 22:43 - 1176696 _____ () C:\Users\******\AppData\Roaming\AndyCleanVM.exe

2014-09-13 18:19 - 2014-09-13 18:19 - 0000000 _____ () C:\Users\******\AppData\Roaming\gdfw.log

2014-09-13 18:19 - 2014-09-13 18:19 - 0000779 _____ () C:\Users\******\AppData\Roaming\gdscan.log

2014-01-07 20:56 - 2014-01-07 20:56 - 0000095 _____ () C:\Users\******\AppData\Local\fusioncache.dat

2014-05-04 12:47 - 2014-05-04 12:47 - 0001546 _____ () C:\Users\******\AppData\Local\RecConfig.xml

2014-09-02 15:37 - 2014-09-02 15:37 - 0000896 _____ () C:\Users\******\AppData\Local\recently-used.xbel

2014-04-06 06:20 - 2014-10-17 21:55 - 0007599 _____ () C:\Users\******\AppData\Local\resmon.resmoncfg

2013-12-12 11:05 - 2013-12-12 11:05 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log

2013-12-12 11:01 - 2013-12-12 11:02 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log

2013-12-12 11:03 - 2013-12-12 11:04 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log

2013-12-12 11:01 - 2013-12-12 11:01 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

2013-12-12 11:04 - 2013-12-12 11:05 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
 

Files to move or delete:

====================

C:\Windows\Tasks\{E4175FC2-DAAC-4D63-8D2B-F2A64AA7BD2C}.job
 
 

Some content of TEMP:

====================

C:\Users\******\AppData\Local\Temp\avgnt.exe

C:\Users\******\AppData\Local\Temp\Creative Cloud Helper.exe

C:\Users\******\AppData\Local\Temp\CreativeCloudSet-Up.exe

C:\Users\******\AppData\Local\Temp\dateinj01.dll

C:\Users\******\AppData\Local\Temp\drm_dialogs.dll

C:\Users\******\AppData\Local\Temp\drm_dyndata_7400008.dll

C:\Users\******\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\******\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\******\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\******\AppData\Local\Temp\mgxoschk.dll

C:\Users\******\AppData\Local\Temp\MgxVistaTools.dll

C:\Users\******\AppData\Local\Temp\npp.6.7.4.Installer.exe

C:\Users\******\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\******\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\******\AppData\Local\Temp\nvSCPAPISvr.exe

C:\Users\******\AppData\Local\Temp\nvStInst.exe

C:\Users\******\AppData\Local\Temp\sdanircmdc.exe

C:\Users\******\AppData\Local\Temp\sdapskill.exe

C:\Users\******\AppData\Local\Temp\sdaspwn.exe

C:\Users\******\AppData\Local\Temp\SkypeSetup.exe

C:\Users\******\AppData\Local\Temp\tmd_34015596.exe

C:\Users\******\AppData\Local\Temp\unwise.exe

C:\Users\******\AppData\Local\Temp\vlc-2.1.5-win32.exe

C:\Users\******\AppData\Local\Temp\xmlUpdater.exe

C:\Users\******\AppData\Local\Temp\_is3400.exe

C:\Users\******\AppData\Local\Temp\{98FE302D-7ADF-468E-BD7F-C22045491D76}.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-09-30 14:19
 

==================== End Of Log ============================

--- --- ---

--- --- ---

------
Das war's dann erstmal, ich hoffe da ist jetzt alles in Ordnung...

Grüße, Massenmensch

EDIT: Moment... Jetzt spuckt SecurityCheck doch was aus... Die Behauptung "Java not up to date" kann eigentlich nicht stimmen, hab gestern erst alles geupdatet...

~~~LOGS~~~

Code:

 Results of screen317's Security Check version 0.99.97  

   x64 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

Panda Free Antivirus   

Windows Defender       

 WMI entry may not exist for antivirus; attempting automatic update. 
 `````````Anti-malware/Other Utilities Check:````````` 

 Java 8 Update 40  

 Visual Studio Extensions for Windows Library for JavaScript 

 Java version 32-bit out of Date! 

  Java 64-bit 8 Update 31  

 Adobe Flash Player         16.0.0.305  

 Adobe Reader XI  

 Google Chrome (41.0.2272.101) 

 Google Chrome (41.0.2272.89) 
 ````````Process Check: objlist.exe by Laurent````````  
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 
 ````````````````````End of Log``````````````````````

------
keine Ahnung was da mein Fehler war...

Grüße, Massenmensch

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

C:\$Recycle.Bin
 

C:\Backup\download\getapk.co.1.6.93.apk
 

C:\Program Files (x86)\Free Screen To Video\Helper.dll
 

C:\Program Files (x86)\Free Screen To Video\Uninstall.exe
 

C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe
 

C:\Program Files (x86)\pandasecuritytb\dtUser.exe
 

C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
 

C:\Program Files (x86)\pandasecuritytb\pandasecuritytb.dll
 

C:\Users\******\AppData\Local\Temp\Dn9pnvxB.exe.part
 

C:\Users\******\AppData\Local\Temp\{98FE302D-7ADF-468E-BD7F-C22045491D76}.exe
 

C:\Users\******\AppData\Local\Temp\dlmCBCD.tmp\new_MVP_Downloader_Converter.exe
 

C:\Users\******\AppData\Local\Temp\DMR\dmr_72.exe
 

C:\Users\******\Downloads\-Vertretungsplan_9.2.apk
 

C:\Users\******\Downloads\HTML Editor Phase - CHIP-Installer.exe
 

C:\Users\******\Downloads\I8190XXAMA1_I8190OXAAMA1_4.1.2_rooted_by_infected_V2 - CHIP-Installer.exe
 

C:\Users\******\Downloads\ispd-Downloader (1).exe
 

C:\Users\******\Downloads\Odin3 - CHIP-Installer.exe
 

C:\Users\******\Downloads\Partition Wizard Home Edition - CHIP-Installer.exe
 

C:\Users\******\Downloads\Regin Scanner - CHIP-Installer.exe
 

C:\Users\******\Downloads\Setup-Loksim3D-2-9-1_CB-DL-Manager.exe
 

C:\Users\******\Downloads\TopStyle - CHIP-Installer.exe
 

C:\Users\******\Downloads\VirtualBox - CHIP-Installer.exe
 

C:\Users\******\Downloads\Visitenkarten in 2 Minuten - CHIP-Installer.exe

Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Noch was zu lesen:

CHIP-Installer - was ist das? - Anleitungen

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren .

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.pngAbsicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

So... Den Fix musste ich 2 mal laufen lassen, beim ersten mal habe ich vergessen, das ****** durch meinen Benutzernamen zu ersetzen :rolleyes:... Die Fehlermeldungen im folgenden Log wurden im vorherigen Fix schon beseitigt, den Log finde ich aber nicht mehr :balla:

~~~Fixlog~~~

Code:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015

Ran by ****** at 2015-03-25 20:41:55 Run:2

Running from C:\Users\******\Desktop

Loaded Profiles: ****** (Available profiles: ****** & Administrator & Gast)

Boot Mode: Normal

==============================================
 

Content of fixlist:

*****************

C:\$Recycle.Bin
 

C:\Backup\download\getapk.co.1.6.93.apk
 

C:\Program Files (x86)\Free Screen To Video\Helper.dll
 

C:\Program Files (x86)\Free Screen To Video\Uninstall.exe
 

C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe
 

C:\Program Files (x86)\pandasecuritytb\dtUser.exe
 

C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll
 

C:\Program Files (x86)\pandasecuritytb\pandasecuritytb.dll
 

C:\Users\******\AppData\Local\Temp\Dn9pnvxB.exe.part
 

C:\Users\******\AppData\Local\Temp\{98FE302D-7ADF-468E-BD7F-C22045491D76}.exe
 

C:\Users\******\AppData\Local\Temp\dlmCBCD.tmp\new_MVP_Downloader_Converter.exe
 

C:\Users\******\AppData\Local\Temp\DMR\dmr_72.exe
 

C:\Users\******\Downloads\-Vertretungsplan_9.2.apk
 

C:\Users\******\Downloads\HTML Editor Phase - CHIP-Installer.exe
 

C:\Users\******\Downloads\I8190XXAMA1_I8190OXAAMA1_4.1.2_rooted_by_infected_V2 - CHIP-Installer.exe
 

C:\Users\******\Downloads\ispd-Downloader (1).exe
 

C:\Users\******\Downloads\Odin3 - CHIP-Installer.exe
 

C:\Users\******\Downloads\Partition Wizard Home Edition - CHIP-Installer.exe
 

C:\Users\******\Downloads\Regin Scanner - CHIP-Installer.exe
 

C:\Users\******\Downloads\Setup-Loksim3D-2-9-1_CB-DL-Manager.exe
 

C:\Users\******\Downloads\TopStyle - CHIP-Installer.exe
 

C:\Users\******\Downloads\VirtualBox - CHIP-Installer.exe
 

C:\Users\******\Downloads\Visitenkarten in 2 Minuten - CHIP-Installer.exe

Emptytemp:

*****************
 

C:\$Recycle.Bin => Moved successfully.

"C:\Backup\download\getapk.co.1.6.93.apk" => File/Directory not found.

"C:\Program Files (x86)\Free Screen To Video\Helper.dll" => File/Directory not found.

"C:\Program Files (x86)\Free Screen To Video\Uninstall.exe" => File/Directory not found.

"C:\Program Files (x86)\Panda Security\Panda Security Protection\Tools\PandaSecurityTb.exe" => File/Directory not found.

"C:\Program Files (x86)\pandasecuritytb\dtUser.exe" => File/Directory not found.

"C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll" => File/Directory not found.

"C:\Program Files (x86)\pandasecuritytb\pandasecuritytb.dll" => File/Directory not found.

"C:\Users\******\AppData\Local\Temp\Dn9pnvxB.exe.part" => File/Directory not found.

"C:\Users\******\AppData\Local\Temp\{98FE302D-7ADF-468E-BD7F-C22045491D76}.exe" => File/Directory not found.

"C:\Users\******\AppData\Local\Temp\dlmCBCD.tmp\new_MVP_Downloader_Converter.exe" => File/Directory not found.

"C:\Users\******\AppData\Local\Temp\DMR\dmr_72.exe" => File/Directory not found.

C:\Users\******\Downloads\-Vertretungsplan_9.2.apk => Moved successfully.

C:\Users\******\Downloads\HTML Editor Phase - CHIP-Installer.exe => Moved successfully.

C:\Users\******\Downloads\I8190XXAMA1_I8190OXAAMA1_4.1.2_rooted_by_infected_V2 - CHIP-Installer.exe => Moved successfully.

C:\Users\******\Downloads\ispd-Downloader (1).exe => Moved successfully.

C:\Users\******\Downloads\Odin3 - CHIP-Installer.exe => Moved successfully.

C:\Users\******\Downloads\Partition Wizard Home Edition - CHIP-Installer.exe => Moved successfully.

C:\Users\******\Downloads\Regin Scanner - CHIP-Installer.exe => Moved successfully.

C:\Users\******\Downloads\Setup-Loksim3D-2-9-1_CB-DL-Manager.exe => Moved successfully.

C:\Users\******\Downloads\TopStyle - CHIP-Installer.exe => Moved successfully.

C:\Users\******\Downloads\VirtualBox - CHIP-Installer.exe => Moved successfully.

C:\Users\******\Downloads\Visitenkarten in 2 Minuten - CHIP-Installer.exe => Moved successfully.

EmptyTemp: => Removed 35 MB temporary data.
 
 

The system needed a reboot. 
 

==== End of Fixlog 20:42:22 ====

Alles sauber? Dann fange ich jetzt mal mit aufräumen an...

Es grüßt, Massenmensch ;)