Hier die geforderten Scans :)
MBAM: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 17.04.2014
Suchlauf-Zeit: 13:49:23
Logdatei: MBAM Log.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.04.17.03
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Christian
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 280142
Verstrichene Zeit: 11 Min, 20 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 0
(No malicious items detected)
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 0
(No malicious items detected)
Physische Sektoren: 0
(No malicious items detected)
(end) ADW Cleaner: Code:
# AdwCleaner v3.023 - Bericht erstellt am 17/04/2014 um 14:37:32
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Christian - FENRIR
# Gestartet von : C:\Users\Christian\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Users\Christian\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Christian\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Christian\Documents\Mobogenie
Ordner Gelöscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Conduit
Ordner Gelöscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\ConduitEngine
Ordner Gelöscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\DTToolbar@toolbarnet.com
Datei Gelöscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\searchplugins\daemon-search.xml
Datei Gelöscht : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyrixeeker
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\systweak
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\prefs.js ]
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2431245/CT2431245", "\"fd1150a7ca7a3a46650bf04e999d50091\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1061742/1057446/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1112915/1108619/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1241416/1237089/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/825452/821260/DE", "\"1-218450-73389600\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2431245", "\"1334580802\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=de-de", "xVl2ui1iX6CDJwlhoXazeQ==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=de-de", "pMJrsOAIrcWADPEnEML9WA==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=de-de", "9H/gICSaMqbmx+Gd+8W4Sg==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=de-de", "eJfMrdrGnhGHiiPiYjgAww==");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.11.0.3", "\"4ead38b3e6bcd1:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2431245", "\"d76323372b05c3748a3d6b1c93a98292\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"634325899280830000\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "634303635100000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634339976460000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/2011 6:54:06 PM", "634356118310000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2431245/CT2431245", "\"1297000401\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer_dead.gif", "\"0a8c48d3330c81:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.gif", "\"0e2106f3030c81:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif", "\"0f475394430c81:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif", "\"08d9ef44430c81:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif", "\"066e8863030c81:0\"");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"b4b81eb45fc274d059eb5aae0326460f\"");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwner", "CT2431245");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Zeile gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-de3");
Zeile gelöscht : user_pref("CommunityToolbar.IsEngineShown", false);
Zeile gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Zeile gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Hella\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\4qf4urd8.default\\conduitCommon\\modules\\3.11.0.3");
Zeile gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.11.0.3");
Zeile gelöscht : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_ext_msg_key_d99fa6d4", "356x332");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2431245");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}");
Zeile gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-de3");
Zeile gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Apr 14 2011 22:47:16 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Jun 25 2011 00:06:11 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Zeile gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 13:39:47 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Zeile gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Zeile gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Zeile gelöscht : user_pref("CommunityToolbar.alert.userId", "b8d3772a-c01b-49b9-8399-1b17b68018a6");
Zeile gelöscht : user_pref("CommunityToolbar.globalUserId", "5ec12543-3a28-42d3-8ca4-20f709642dcf");
Zeile gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Zeile gelöscht : user_pref("CommunityToolbar.killedEngine", true);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Apr 28 2012 23:03:58 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Apr 28 2012 23:04:06 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Apr 28 2012 23:03:56 GMT+0200");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Zeile gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Zeile gelöscht : user_pref("CommunityToolbar.notifications.userId", "35894dfe-e84b-4aaa-95af-540e0de6621c");
Zeile gelöscht : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue May 17 2011 07:44:11 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.BrowserCompStateIsOpen_3976808699496931956", true);
Zeile gelöscht : user_pref("ConduitEngine.BrowserCompStateIsOpen_7111503622310697342", true);
Zeile gelöscht : user_pref("ConduitEngine.BrowserCompStateIsOpen_8556964412163870795", true);
Zeile gelöscht : user_pref("ConduitEngine.CommunitiesChangesLastCheckTime", "0");
Zeile gelöscht : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Thu Apr 14 2011 22:47:14 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.FirstServerDate", "02/10/2011 21");
Zeile gelöscht : user_pref("ConduitEngine.FirstTime", true);
Zeile gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
Zeile gelöscht : user_pref("ConduitEngine.GroupingInvalidateCache", false);
Zeile gelöscht : user_pref("ConduitEngine.GroupingLastCheckTime", "0");
Zeile gelöscht : user_pref("ConduitEngine.GroupingLastServerUpdateTime", "0");
Zeile gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Zeile gelöscht : user_pref("ConduitEngine.Initialize", true);
Zeile gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Zeile gelöscht : user_pref("ConduitEngine.InstalledDate", "Thu Feb 10 2011 19:58:56 GMT+0100");
Zeile gelöscht : user_pref("ConduitEngine.InvalidateCache", false);
Zeile gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
Zeile gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Zeile gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Zeile gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Apr 17 2011 12:58:29 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sat Mar 12 2011 21:51:37 GMT+0100");
Zeile gelöscht : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sun Apr 17 2011 15:58:30 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Zeile gelöscht : user_pref("ConduitEngine.RadioLastCheckTime", "0");
Zeile gelöscht : user_pref("ConduitEngine.RadioLastUpdateIPServer", "0");
Zeile gelöscht : user_pref("ConduitEngine.RadioLastUpdateServer", "0");
Zeile gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Zeile gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Apr 17 2011 15:58:27 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.UserID", "UN98358665152075115");
Zeile gelöscht : user_pref("ConduitEngine.apps3976808699496931956", false);
Zeile gelöscht : user_pref("ConduitEngine.apps7111503622310697342", false);
Zeile gelöscht : user_pref("ConduitEngine.apps8556964412163870795", false);
Zeile gelöscht : user_pref("ConduitEngine.counterAppsAdded", 3);
Zeile gelöscht : user_pref("ConduitEngine.engineLocale", "de");
Zeile gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Apr 17 2011 12:58:27 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sun Apr 17 2011 16:58:30 GMT+0200");
Zeile gelöscht : user_pref("ConduitEngine.initDone", true);
Zeile gelöscht : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Zeile gelöscht : user_pref("ConduitEngine.usagesFlag", 2);
Zeile gelöscht : user_pref("extensions.503e3c88c9ecc.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...]
Zeile gelöscht : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6,{dc572301-7619-498c-a57d-39143191b318}:0.3.8.5,{e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2,{DDC359D1-844A-42a7-9AA1-[...]
Zeile gelöscht : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.ffxtlbr@mysearchdial.com.install-event-fired", true);
Zeile gelöscht : user_pref("extensions.quickstores@quickstores.de.install-event-fired", true);
Zeile gelöscht : user_pref("quickstores.toolbar.affid", "2017");
Zeile gelöscht : user_pref("quickstores.toolbar.guid", "{FE9EF5C3-8DD5-9635-58B2-781C1DF97460}");
*************************
AdwCleaner[R0].txt - [16916 octets] - [17/04/2014 14:33:10]
AdwCleaner[S0].txt - [16718 octets] - [17/04/2014 14:37:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16779 octets] ########## JRT: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Christian on 17.04.2014 at 14:50:03,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{32C83430-BF29-489E-9539-61EBDE013B80}
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
~~~ FireFox
Emptied folder: C:\Users\Christian\AppData\Roaming\mozilla\firefox\profiles\o87act1q.default\minidumps [198 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.04.2014 at 14:54:00,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014
Ran by Christian (administrator) on FENRIR on 17-04-2014 15:03:47
Running from C:\Users\Christian\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Microsoft Corporation) C:\windows\system32\dashost.exe
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyD.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Spotify Ltd) C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\windows\system32\wwahost.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\MsoSync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2194139580-3168181565-154953947-1001\...\Run: [Spotify Web Helper] => C:\Users\Christian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-2194139580-3168181565-154953947-1001\...\Run: [Connectify] => C:\Program Files (x86)\Connectify\Connectify.exe [4013928 2012-11-09] (Connectify)
HKU\S-1-5-21-2194139580-3168181565-154953947-1001\...\Run: [MusicManager] => C:\Users\Christian\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7382528 2014-03-03] (Google Inc.)
HKU\S-1-5-21-2194139580-3168181565-154953947-1001\...\Run: [uTorrent] => C:\Users\Christian\AppData\Roaming\uTorrent\uTorrent.exe [1614416 2014-03-23] (BitTorrent Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {32C83430-BF29-489E-9539-61EBDE013B80} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_12_ff&cd=2XzuyEtN2Y1L1Qzu0CyEzzyDtDzz0EzzzyyD0D0A0F0F0EyDtN0D0Tzu0SzztCtBtN1L2XzutBtFtCzztFyBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCzyyByB0D0A0AtG0A0CtB0AtGzy0ByC0CtG0B0C0CtDtGtA0Dzz0DtDtCzytD0FtBtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyBtD0AyB0DtC0EtGtDtCyCzytGtAyCtDzytG0EyE0D0FtGyDyEyDtB0B0EtAyE0D0A0Bzy2Q&cr=1278042411&ir=
SearchScopes: HKLM - {32C83430-BF29-489E-9539-61EBDE013B80} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=ir_14_12_ff&cd=2XzuyEtN2Y1L1Qzu0CyEzzyDtDzz0EzzzyyD0D0A0F0F0EyDtN0D0Tzu0SzztCtBtN1L2XzutBtFtCzztFyBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StAtCzyyByB0D0A0AtG0A0CtB0AtGzy0ByC0CtG0B0C0CtDtGtA0Dzz0DtDtCzytD0FtBtByC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyBtD0AyB0DtC0EtGtDtCyCzytGtAyCtDzytG0EyE0D0FtGyDyEyDtB0B0EtAyE0D0A0Bzy2Q&cr=1278042411&ir=
SearchScopes: HKLM-x32 - {32C83430-BF29-489E-9539-61EBDE013B80} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASMJS
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default
FF Homepage: google.de
FF NetworkProxy: "ftp", "54.225.154.146"
FF NetworkProxy: "ftp_port", 3129
FF NetworkProxy: "http", "54.225.154.146"
FF NetworkProxy: "http_port", 3129
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "54.225.154.146"
FF NetworkProxy: "socks_port", 3129
FF NetworkProxy: "ssl", "54.225.154.146"
FF NetworkProxy: "ssl_port", 3129
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Christian\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Christian\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Resources Downloader - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\max@subfighter.com [2013-08-18]
FF Extension: EPUBReader - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2013-12-20]
FF Extension: iMacros for Firefox - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-02-18]
FF Extension: Live HTTP Headers - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2013-08-18]
FF Extension: WOT - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Personas Plus - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\personas@christopher.beard.xpi [2013-10-25]
FF Extension: Stealthy - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\stealthyextension@gmail.com.xpi [2013-08-18]
FF Extension: Image Zoom - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}.xpi [2013-08-18]
FF Extension: Linkification - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{35106bca-6c78-48c7-ac28-56df30b51d2a}.xpi [2013-08-18]
FF Extension: Copy Links - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{76C80A11-FAD4-406c-8246-F5ED4F9367B5}.xpi [2013-08-18]
FF Extension: Destroy the Web - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{7BDB48D1-CD94-4B99-A5A4-E418B9EE6532}.xpi [2013-08-18]
FF Extension: Modify Headers - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2013-08-18]
FF Extension: Adblock Plus - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-26]
FF Extension: Download Statusbar - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-08-18]
FF Extension: Tab Mix Plus - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2014-02-22]
FF Extension: DownThemAll! - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-18]
FF Extension: Fox!Box - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2014-03-29]
FF Extension: Greasemonkey - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\o87act1q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-02-14]
FF HKCU\...\Firefox\Extensions: [lyrix@lyrixeeker.co] - C:\Program Files (x86)\LyriXeeker\128.xpi
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [65536 2012-11-09] ()
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [55120 2012-11-01] (Condusiv Technologies)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-07-31] (Motorola Mobility LLC)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2013-08-22] (The OpenVPN Project)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-18] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 cnnctfy2; C:\Windows\system32\DRIVERS\cnnctfy2.sys [31344 2013-08-30] (Connectify)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [28496 2012-11-01] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [104272 2012-11-01] (Condusiv Technologies)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-10-08] (Intel Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-10-30] (Windows (R) 2003 DDK 3790 provider)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S3 motccgpfl; \SystemRoot\System32\drivers\motccgpfl.sys [X]
S3 SBIOSIO; \??\c:\windiag\SBIOSIO64.SYS [X]
S3 TVICPORT; \??\C:\windows\system32\DRIVERS\TVICPORT.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-17 15:03 - 2014-04-17 15:03 - 00000000 ____D () C:\Users\Christian\Downloads\FRST-OlderVersion
2014-04-17 14:54 - 2014-04-17 14:54 - 00000966 _____ () C:\Users\Christian\Desktop\JRT.txt
2014-04-17 14:50 - 2014-04-17 14:50 - 00000000 ____D () C:\windows\ERUNT
2014-04-17 14:48 - 2014-04-17 14:48 - 01016261 _____ (Thisisu) C:\Users\Christian\Downloads\JRT.exe
2014-04-17 14:46 - 2014-04-17 14:46 - 00016872 _____ () C:\Users\Christian\Desktop\AdwCleaner[S0].txt
2014-04-17 14:40 - 2014-04-17 14:40 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-17 14:32 - 2014-04-17 14:37 - 00000000 ____D () C:\AdwCleaner
2014-04-17 14:32 - 2014-04-17 14:32 - 01426178 _____ () C:\Users\Christian\Downloads\adwcleaner.exe
2014-04-16 15:38 - 2014-04-16 15:38 - 00024860 _____ () C:\ComboFix.txt
2014-04-16 15:10 - 2014-04-16 15:39 - 00000000 ____D () C:\Qoobox
2014-04-16 15:10 - 2014-04-16 15:32 - 00000000 ____D () C:\windows\erdnt
2014-04-16 15:10 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe
2014-04-16 15:10 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe
2014-04-16 15:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-04-16 15:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-04-16 15:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-04-16 15:10 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2014-04-16 15:10 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe
2014-04-16 15:10 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe
2014-04-16 15:10 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe
2014-04-16 15:08 - 2014-04-16 15:08 - 05194807 ____R (Swearware) C:\Users\Christian\Desktop\ComboFix.exe
2014-04-15 22:23 - 2014-04-17 14:57 - 00003758 _____ () C:\windows\System32\Tasks\AutoKMS
2014-04-15 22:14 - 2014-04-15 22:15 - 00055633 _____ () C:\Users\Christian\Downloads\Addition.txt
2014-04-15 22:13 - 2014-04-17 15:04 - 00020775 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-04-15 22:13 - 2014-04-17 15:03 - 00000000 ____D () C:\FRST
2014-04-15 22:07 - 2014-04-17 15:03 - 02158592 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2014-04-15 22:06 - 2014-04-17 13:38 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 22:05 - 2014-04-15 22:05 - 00001128 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-15 22:05 - 2014-04-15 22:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 22:05 - 2014-04-15 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-15 22:05 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-15 22:05 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-15 22:05 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-15 22:03 - 2014-04-15 22:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Christian\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 13:09 - 2014-03-31 23:18 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-15 13:09 - 2014-03-31 23:18 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-14 18:41 - 2014-04-14 18:53 - 00039936 _____ () C:\Users\Christian\Documents\Anerkennung Auslandsleistungen Christian Rohmann 2014.xls
2014-04-14 18:17 - 2014-04-14 18:17 - 00344628 _____ () C:\Users\Christian\Downloads\Anhänge_2014414.zip
2014-04-12 20:55 - 2014-04-12 21:07 - 1067889875 _____ () C:\Users\Christian\Downloads\Suits.S03E16.720p.HDTV.x264-KILLERS.mkv
2014-04-12 13:24 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-12 13:24 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-12 13:24 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-12 13:24 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-12 13:24 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-12 13:24 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-12 13:24 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-12 13:24 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-12 13:24 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-12 13:24 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-12 13:24 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-04-12 13:24 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-04-12 13:24 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-12 13:24 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-12 13:24 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-12 13:24 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-12 13:24 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\windows\system32\NotificationUI.exe
2014-04-12 13:24 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-04-12 13:24 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2014-04-12 13:24 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 13:24 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 13:24 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-04-12 13:24 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2014-04-12 13:24 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 13:24 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-04-12 13:24 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-12 13:24 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-04-12 13:24 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-04-12 13:24 - 2014-01-27 01:17 - 00386722 _____ () C:\windows\system32\ApnDatabase.xml
2014-04-12 13:24 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
2014-04-12 13:24 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2014-04-12 13:24 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2014-04-12 13:24 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 13:24 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\windows\system32\XpsGdiConverter.dll
2014-04-12 13:24 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-04-12 13:24 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-04-12 13:24 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-12 13:24 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-12 13:24 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-04-12 13:24 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-12 13:24 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-12 13:24 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-12 13:24 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-04-12 13:24 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-12 13:24 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-04-12 13:24 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-12 13:24 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-12 13:24 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-12 13:23 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-12 13:23 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-12 13:23 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-12 13:23 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-04-12 13:23 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-11 19:38 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-11 19:38 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2014-04-11 19:38 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2014-04-11 19:38 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-11 05:48 - 2014-04-11 05:48 - 00071736 ____N () C:\Users\Christian\Downloads\Suits.S03E16.720p.HDTV.x264-KILLERS.srt
2014-04-03 13:52 - 2014-04-17 14:32 - 00015798 _____ () C:\Users\Christian\Documents\Uni Noten.xlsx
2014-04-03 11:59 - 2014-04-03 11:59 - 00015438 _____ () C:\Users\Christian\Downloads\Uni Noten.xlsx
2014-04-01 12:16 - 2014-04-01 12:16 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\DropboxMaster
2014-03-31 14:05 - 2014-03-31 14:05 - 00000000 ____D () C:\Users\Christian\Downloads\UO KLAUSUREN
2014-03-30 15:39 - 2014-03-30 15:39 - 00000000 ____D () C:\Program Files (x86)\Goat Simulator
2014-03-29 04:47 - 2014-03-29 04:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 03:23 - 2014-04-17 14:58 - 02061588 _____ () C:\windows\WindowsUpdate.log
2014-03-28 02:40 - 2014-04-16 15:42 - 00033476 _____ () C:\windows\PFRO.log
2014-03-28 02:09 - 2014-04-17 14:58 - 00005080 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for FENRIR-Christian Fenrir
2014-03-27 22:48 - 2014-03-27 23:34 - 141382430 _____ () C:\Users\Christian\Downloads\#4368#.rar
2014-03-27 17:38 - 2014-03-27 19:39 - 00000000 ____D () C:\Users\Christian\Downloads\T.H.G.CatchingFire.2013.720p.BluRay.X264-AMIABLE
2014-03-27 16:31 - 2014-03-27 16:31 - 00000000 ____D () C:\Users\Christian\Downloads\WAMPIR 2011
2014-03-24 19:51 - 2014-03-24 19:51 - 00616664 _____ ( ) C:\Users\Christian\Downloads\FreeYouTubeToMP3Converter_3.12.30.319.exe
2014-03-24 19:50 - 2014-03-24 19:50 - 14267641 _____ () C:\Users\Christian\Documents\Parkway Drive Sleepwalker FULL INSTRUMENTAL COVER_(480p).mp4
2014-03-24 19:48 - 2014-03-24 20:18 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Youtube Downloader HD
2014-03-24 19:48 - 2014-03-24 19:48 - 00000000 ____D () C:\Program Files (x86)\Youtube Downloader HD
2014-03-24 19:47 - 2014-03-24 19:47 - 09664032 _____ (YoutubeDownloaderHD.com ) C:\Users\Christian\Downloads\youtube_downloader_hd_setup.exe
2014-03-24 19:41 - 2014-03-28 22:36 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Audacity
2014-03-24 19:41 - 2014-03-24 19:41 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-03-24 19:40 - 2014-03-24 19:41 - 22180353 _____ (Audacity Team ) C:\Users\Christian\Downloads\audacity-win-2.0.5.exe
2014-03-24 15:18 - 2014-03-24 15:18 - 01750407 _____ () C:\Users\Christian\Downloads\folien.zip
2014-03-24 15:10 - 2014-03-24 15:10 - 19997371 _____ () C:\Users\Christian\Downloads\Entscheidung.zip
2014-03-23 19:58 - 2014-03-23 20:05 - 00000000 ____D () C:\Users\Christian\Downloads\Vampire 2011 LIMITED DVDRiP AC3 XViD-sC0rp
2014-03-23 18:20 - 2014-03-23 18:20 - 00000833 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-23 18:18 - 2014-03-24 17:36 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\uTorrent
2014-03-23 17:30 - 2014-03-23 18:18 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\SuperNZB
2014-03-23 17:30 - 2014-03-23 17:30 - 00000000 ____D () C:\Program Files (x86)\SuperNZB
2014-03-22 22:24 - 2014-04-01 00:52 - 00000067 _____ () C:\Users\Christian\AppData\Roaming\WB.CFG
2014-03-22 21:25 - 2014-03-22 21:25 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-03-22 21:24 - 2014-04-17 13:36 - 00000000 ____D () C:\Users\Christian\AppData\Local\JDownloader v2.0
2014-03-22 21:19 - 2014-03-22 21:20 - 00000000 ____D () C:\Users\Christian\Downloads\Cryptload
2014-03-21 17:16 - 2014-03-21 17:16 - 00481928 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-18 16:01 - 2014-03-18 17:35 - 00025796 ____H () C:\Users\Christian\Desktop\~WRL1448.tmp
2014-03-18 01:59 - 2014-03-18 02:11 - 652513981 _____ () C:\Users\Christian\Downloads\SPTSoTU-CPY.rar
==================== One Month Modified Files and Folders =======
2014-04-17 15:04 - 2014-04-15 22:13 - 00020775 _____ () C:\Users\Christian\Downloads\FRST.txt
2014-04-17 15:03 - 2014-04-17 15:03 - 00000000 ____D () C:\Users\Christian\Downloads\FRST-OlderVersion
2014-04-17 15:03 - 2014-04-15 22:13 - 00000000 ____D () C:\FRST
2014-04-17 15:03 - 2014-04-15 22:07 - 02158592 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2014-04-17 15:00 - 2012-10-12 18:55 - 00753134 _____ () C:\windows\system32\perfh007.dat
2014-04-17 15:00 - 2012-10-12 18:55 - 00155826 _____ () C:\windows\system32\perfc007.dat
2014-04-17 15:00 - 2012-10-12 03:25 - 00000000 ____D () C:\ProgramData\WinClon
2014-04-17 15:00 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\system32\sru
2014-04-17 15:00 - 2012-07-26 09:28 - 01745416 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-17 14:59 - 2013-08-25 18:23 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Dropbox
2014-04-17 14:58 - 2014-03-28 03:23 - 02061588 _____ () C:\windows\WindowsUpdate.log
2014-04-17 14:58 - 2014-03-28 02:09 - 00005080 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for FENRIR-Christian Fenrir
2014-04-17 14:58 - 2013-08-25 18:27 - 00000000 ___RD () C:\Users\Christian\Dropbox
2014-04-17 14:57 - 2014-04-15 22:23 - 00003758 _____ () C:\windows\System32\Tasks\AutoKMS
2014-04-17 14:57 - 2013-08-29 15:06 - 00001126 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-17 14:56 - 2012-07-26 09:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-17 14:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-04-17 14:54 - 2014-04-17 14:54 - 00000966 _____ () C:\Users\Christian\Desktop\JRT.txt
2014-04-17 14:54 - 2013-12-03 00:28 - 00001150 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2194139580-3168181565-154953947-1001UA.job
2014-04-17 14:50 - 2014-04-17 14:50 - 00000000 ____D () C:\windows\ERUNT
2014-04-17 14:48 - 2014-04-17 14:48 - 01016261 _____ (Thisisu) C:\Users\Christian\Downloads\JRT.exe
2014-04-17 14:46 - 2014-04-17 14:46 - 00016872 _____ () C:\Users\Christian\Desktop\AdwCleaner[S0].txt
2014-04-17 14:40 - 2014-04-17 14:40 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-04-17 14:37 - 2014-04-17 14:32 - 00000000 ____D () C:\AdwCleaner
2014-04-17 14:35 - 2012-10-12 03:29 - 00000360 _____ () C:\windows\Tasks\Xerox PhotoCafe Communicator.job
2014-04-17 14:34 - 2013-08-29 15:06 - 00001130 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-17 14:32 - 2014-04-17 14:32 - 01426178 _____ () C:\Users\Christian\Downloads\adwcleaner.exe
2014-04-17 14:32 - 2014-04-03 13:52 - 00015798 _____ () C:\Users\Christian\Documents\Uni Noten.xlsx
2014-04-17 14:32 - 2013-08-26 00:06 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Spotify
2014-04-17 14:25 - 2013-08-20 01:36 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-04-17 13:38 - 2014-04-15 22:06 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-17 13:36 - 2014-03-22 21:24 - 00000000 ____D () C:\Users\Christian\AppData\Local\JDownloader v2.0
2014-04-16 23:54 - 2013-12-03 00:28 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2194139580-3168181565-154953947-1001Core.job
2014-04-16 15:42 - 2014-03-28 02:40 - 00033476 _____ () C:\windows\PFRO.log
2014-04-16 15:39 - 2014-04-16 15:10 - 00000000 ____D () C:\Qoobox
2014-04-16 15:39 - 2012-10-12 03:31 - 00000000 ____D () C:\Users\EasySurvey
2014-04-16 15:38 - 2014-04-16 15:38 - 00024860 _____ () C:\ComboFix.txt
2014-04-16 15:32 - 2014-04-16 15:10 - 00000000 ____D () C:\windows\erdnt
2014-04-16 15:22 - 2012-07-26 07:26 - 00000215 _____ () C:\windows\system.ini
2014-04-16 15:08 - 2014-04-16 15:08 - 05194807 ____R (Swearware) C:\Users\Christian\Desktop\ComboFix.exe
2014-04-16 03:01 - 2013-12-14 21:57 - 00000000 ____D () C:\windows\rescache
2014-04-15 22:37 - 2013-08-18 16:35 - 00000000 ____D () C:\Users\Christian\AppData\Local\Adobe
2014-04-15 22:27 - 2013-08-20 01:36 - 00003772 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-04-15 22:22 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\WinStore
2014-04-15 22:15 - 2014-04-15 22:14 - 00055633 _____ () C:\Users\Christian\Downloads\Addition.txt
2014-04-15 22:05 - 2014-04-15 22:05 - 00001128 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-15 22:05 - 2014-04-15 22:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 22:05 - 2014-04-15 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-15 22:03 - 2014-04-15 22:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Christian\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-15 15:40 - 2013-08-26 00:09 - 00000000 ____D () C:\Users\Christian\AppData\Local\Spotify
2014-04-15 14:37 - 2014-03-05 21:10 - 00000000 ____D () C:\Users\Christian\Downloads\MODE Modell
2014-04-15 13:29 - 2013-10-21 11:00 - 00597504 ___SH () C:\Users\Christian\Downloads\Thumbs.db
2014-04-15 13:09 - 2013-08-17 20:19 - 00000000 ___RD () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-15 13:09 - 2013-08-17 20:19 - 00000000 ___RD () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-15 13:07 - 2012-07-26 10:12 - 00000000 ___RD () C:\windows\ToastData
2014-04-14 18:53 - 2014-04-14 18:41 - 00039936 _____ () C:\Users\Christian\Documents\Anerkennung Auslandsleistungen Christian Rohmann 2014.xls
2014-04-14 18:17 - 2014-04-14 18:17 - 00344628 _____ () C:\Users\Christian\Downloads\Anhänge_2014414.zip
2014-04-13 13:15 - 2013-09-12 22:03 - 00619008 ___SH () C:\Users\Christian\Desktop\Thumbs.db
2014-04-13 13:13 - 2013-09-03 20:11 - 00000000 ____D () C:\Users\Christian\AppData\Local\Paint.NET
2014-04-12 23:11 - 2013-08-18 19:48 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\vlc
2014-04-12 21:07 - 2014-04-12 20:55 - 1067889875 _____ () C:\Users\Christian\Downloads\Suits.S03E16.720p.HDTV.x264-KILLERS.mkv
2014-04-12 13:29 - 2013-08-20 03:48 - 00000000 ____D () C:\windows\system32\MRT
2014-04-12 13:28 - 2013-08-20 03:48 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-12 13:26 - 2014-02-20 22:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-11 19:22 - 2012-07-26 10:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-04-11 05:48 - 2014-04-11 05:48 - 00071736 ____N () C:\Users\Christian\Downloads\Suits.S03E16.720p.HDTV.x264-KILLERS.srt
2014-04-05 23:49 - 2013-12-03 00:28 - 00004104 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2194139580-3168181565-154953947-1001UA
2014-04-05 23:49 - 2013-12-03 00:28 - 00003724 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2194139580-3168181565-154953947-1001Core
2014-04-04 13:02 - 2013-08-18 04:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-04 01:41 - 2013-08-30 00:04 - 00000000 ____D () C:\Users\Christian\AppData\Local\CrashDumps
2014-04-03 11:59 - 2014-04-03 11:59 - 00015438 _____ () C:\Users\Christian\Downloads\Uni Noten.xlsx
2014-04-03 09:51 - 2014-04-15 22:05 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 22:05 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 22:05 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-02 01:29 - 2013-08-29 15:06 - 00004102 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 01:29 - 2013-08-29 15:06 - 00003866 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 12:16 - 2014-04-01 12:16 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\DropboxMaster
2014-04-01 12:16 - 2013-08-25 18:24 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-01 00:52 - 2014-03-22 22:24 - 00000067 _____ () C:\Users\Christian\AppData\Roaming\WB.CFG
2014-03-31 23:18 - 2014-04-15 13:09 - 00694232 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-04-15 13:09 - 00078296 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 14:05 - 2014-03-31 14:05 - 00000000 ____D () C:\Users\Christian\Downloads\UO KLAUSUREN
2014-03-30 15:40 - 2014-03-12 04:53 - 00000000 ____D () C:\Users\Christian\Documents\My Games
2014-03-30 15:39 - 2014-03-30 15:39 - 00000000 ____D () C:\Program Files (x86)\Goat Simulator
2014-03-29 04:47 - 2014-03-29 04:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 22:36 - 2014-03-24 19:41 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Audacity
2014-03-28 02:39 - 2013-11-08 19:12 - 00007610 _____ () C:\Users\Christian\AppData\Local\Resmon.ResmonCfg
2014-03-27 23:34 - 2014-03-27 22:48 - 141382430 _____ () C:\Users\Christian\Downloads\#4368#.rar
2014-03-27 19:39 - 2014-03-27 17:38 - 00000000 ____D () C:\Users\Christian\Downloads\T.H.G.CatchingFire.2013.720p.BluRay.X264-AMIABLE
2014-03-27 16:31 - 2014-03-27 16:31 - 00000000 ____D () C:\Users\Christian\Downloads\WAMPIR 2011
2014-03-26 00:06 - 2013-08-20 01:31 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-24 20:18 - 2014-03-24 19:48 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Youtube Downloader HD
2014-03-24 19:52 - 2013-12-08 12:42 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\DVDVideoSoft
2014-03-24 19:52 - 2013-12-08 12:42 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-03-24 19:51 - 2014-03-24 19:51 - 00616664 _____ ( ) C:\Users\Christian\Downloads\FreeYouTubeToMP3Converter_3.12.30.319.exe
2014-03-24 19:50 - 2014-03-24 19:50 - 14267641 _____ () C:\Users\Christian\Documents\Parkway Drive Sleepwalker FULL INSTRUMENTAL COVER_(480p).mp4
2014-03-24 19:48 - 2014-03-24 19:48 - 00000000 ____D () C:\Program Files (x86)\Youtube Downloader HD
2014-03-24 19:47 - 2014-03-24 19:47 - 09664032 _____ (YoutubeDownloaderHD.com ) C:\Users\Christian\Downloads\youtube_downloader_hd_setup.exe
2014-03-24 19:41 - 2014-03-24 19:41 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-03-24 19:41 - 2014-03-24 19:40 - 22180353 _____ (Audacity Team ) C:\Users\Christian\Downloads\audacity-win-2.0.5.exe
2014-03-24 17:36 - 2014-03-23 18:18 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\uTorrent
2014-03-24 15:18 - 2014-03-24 15:18 - 01750407 _____ () C:\Users\Christian\Downloads\folien.zip
2014-03-24 15:10 - 2014-03-24 15:10 - 19997371 _____ () C:\Users\Christian\Downloads\Entscheidung.zip
2014-03-23 20:05 - 2014-03-23 19:58 - 00000000 ____D () C:\Users\Christian\Downloads\Vampire 2011 LIMITED DVDRiP AC3 XViD-sC0rp
2014-03-23 18:20 - 2014-03-23 18:20 - 00000833 _____ () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-03-23 18:18 - 2014-03-23 17:30 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\SuperNZB
2014-03-23 17:30 - 2014-03-23 17:30 - 00000000 ____D () C:\Program Files (x86)\SuperNZB
2014-03-22 21:25 - 2014-03-22 21:25 - 00000000 ____D () C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-03-22 21:20 - 2014-03-22 21:19 - 00000000 ____D () C:\Users\Christian\Downloads\Cryptload
2014-03-21 17:16 - 2014-03-21 17:16 - 00481928 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-21 05:35 - 2013-08-18 04:19 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2194139580-3168181565-154953947-1001
2014-03-18 17:35 - 2014-03-18 16:01 - 00025796 ____H () C:\Users\Christian\Desktop\~WRL1448.tmp
2014-03-18 02:11 - 2014-03-18 01:59 - 652513981 _____ () C:\Users\Christian\Downloads\SPTSoTU-CPY.rar
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\avgnt.exe
C:\Users\Christian\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwfgvxj.dll
C:\Users\Christian\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-17 13:43
==================== End Of Log ============================ --- --- ---
--- --- ---
ADD: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014
Ran by Christian at 2014-04-17 15:04:12
Running from C:\Users\Christian\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.0.30660 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader X (10.1.3) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.3 - Adobe Systems Incorporated)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Connectify Hotspot (HKLM\...\Connectify) (Version: 3.7.1.25486 - Connectify)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.4421.02 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F68634D8-574F-42B2-B6D0-9B447EA9581E}) (Version: - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.25 - Dropbox, Inc.)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
EViews 7 (HKLM-x32\...\{6A5AEDA0-3B9E-4006-90A7-E78779951A43}) (Version: - )
EViews 7 (HKLM-x32\...\{B68FC32E-D58F-4B74-A838-B265BF40A445}) (Version: - )
EViews 8 (64-bit) (HKLM-x32\...\InstallShield_{8674A16F-A785-465D-9806-317F9BE6480D}) (Version: 8.00.0000 - IHS Global Inc.)
EViews 8 (64-bit) (Version: 8.00.0000 - IHS Global Inc.) Hidden
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.31.1125 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.31.1125 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.30.319 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.30.319 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Goat Simulator (HKLM-x32\...\R29hdFNpbXVsYXRvcg==_is1) (Version: 1 - )
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36702 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) PRO/Wireless Driver (Version: 16.01.5000.0577 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2817 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.01.5000.0269 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IntelliMemory (HKLM\...\{E93403C5-8A91-4940-89DB-EED69DA6E82E}) (Version: 1.0.30.0 - Condusiv Technologies)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDiskReport 1.4.0 (HKLM-x32\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
mkv2vob (HKLM-x32\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.3 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.07.3101 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.2.0 (HKLM\...\{8EC78F02-5C36-4C97-AAC4-95A3D742A285}) (Version: 6.2.0 - Motorola Inc.)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version: - Google, Inc.)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
OpenVPN 2.3.2-I003 (HKLM\...\OpenVPN) (Version: 2.3.2-I003 - )
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF24 Creator 6.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.10.0 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
SuperNZB v4.2.1 (HKLM-x32\...\SuperNZB_is1) (Version: - )
Support Center (HKLM\...\{5C20C1A9-75F9-4B6B-AAC3-9065C2AFB918}) (Version: 2.1.1106 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.11 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
UltraStar Deluxe (HKLM-x32\...\UltraStar Deluxe) (Version: 1.1 - USDX Team)
Universal Document Converter Server Edition (HKLM-x32\...\Universal Document Converter_is1) (Version: 6.2 - fCoder Group, Inc.)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0407-1000-0000000FF1CE}_Office15.PROPLUS_{47F15B72-AB15-4B81-BDB8-28B204596EB7}) (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A2275591-C3AA-4A6C-A696-F958B6C65B3E}) (Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{259F7CA1-7A87-4E60-85A9-0A55E60FF254}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8D84B988-2A7A-4DB6-A7A5-08DA7B3DE9EE}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{79469196-F138-4CF0-8681-F1889D53B56B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{526C9E5A-A734-4DC0-B829-ED1CDE793C6B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{30C13416-B124-46AB-9E44-96CEFFA893F9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{1A789784-5825-4B26-BB57-71FF7D3484CB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D97AACA3-9AEA-43FF-8CBA-93BED0443FC2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A54917FC-2C84-40F2-9525-7549BE08DE40}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B5E3E636-7913-4775-BC9B-E4B56F4ED73B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{869B93B9-E75A-44DE-8AC5-A030A7A21FDD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{50F6EF67-B93C-4B7A-A2EB-E179E3436C69}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{327EABFD-EDD3-44E7-AB47-7592DF33B719}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{50F31E04-D56A-4159-BF36-CF3CE27DB30C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6D170CB5-8D22-4D1B-A811-B899FE588946}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AFB7E303-C8CA-4A08-AD3F-44A562B3C809}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9367C385-2EF9-4BE3-8351-7D2AB0798A57}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{FE06DACB-AE2C-4DB7-B95D-97A320E59F45}) (Version: - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E9172003-60C1-447B-9569-7AA9FADE26B0}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{97183E08-6B06-40F1-80A9-585C4AEF98F1}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F9FAC8C0-20D9-4DC7-9A56-13B02BD4B724}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{3453B656-241C-443B-BDEA-8682459B3FE8}) (Version: 1.2.00 - Samsung Electronics CO., LTD.)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
Youtube Downloader HD v. 2.9.9.13 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
==================== Restore Points =========================
==================== Hosts content: ==========================
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {038CF143-B8EC-4300-BDD7-B515D4D9455E} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {064A97F9-1034-4239-9700-10FBCD100A0E} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {09148418-0FAE-45FB-9BAA-0FCAB097ABAD} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {10AF01D7-DB1E-4C0E-B152-4A6B00437065} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.)
Task: {16508067-2FA8-4C0E-8081-9427F447845F} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2014-02-21] ()
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {22755240-6027-44CB-A959-89CB67F308E0} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2013-08-23] (SEC)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {356AC9B1-9042-43B0-BA34-3FA24C6ED2C4} - System32\Tasks\Microsoft Office 15 Sync Maintenance for FENRIR-Christian Fenrir => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation)
Task: {36870FE8-83BB-4974-962C-E9D171F2C6AA} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.)
Task: {3A5B308E-5B1F-4199-B0DA-5678DB1DB4C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {4D6711FC-256E-461E-A380-1BFC9A26F203} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {851A8999-C447-4D3B-BEDC-2EAEB686C43E} - System32\Tasks\Microsoft\Windows\Setup\Windows Upgrade Notification Task => C:\windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {931AEFA5-A4D3-4500-BE49-0DF280EC4C7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {A7B1A558-E56E-4290-A141-67A1FB13729F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-15] (Adobe Systems Incorporated)
Task: {ABB1C7F1-E68E-4BCE-856C-BFF7C337517A} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-07-31] ()
Task: {ACCB171F-94E5-495B-9140-E88C3A9489EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2194139580-3168181565-154953947-1001Core => C:\Users\Christian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)
Task: {BE81EC6B-D6E3-4E44-88F8-A72E9C379940} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {BF57C764-7E42-4851-B4E9-BB4864B430E7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-06-14] (Intel Corporation)
Task: {BF5EE66F-22DC-4C17-9BC2-D3E1D2FCFE18} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {C3E8BAB7-63CC-41CA-95DE-A7BB62E9BD54} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {C90E717E-8689-457A-9DF2-F98C2D7099E8} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {D0171A3B-C900-4E91-8B33-DC1B5DB735F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2194139580-3168181565-154953947-1001UA => C:\Users\Christian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-03] (Google Inc.)
Task: {D2B075FB-3D79-452A-9B28-DB3EA0F2577B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {E88D1BE3-D4AB-40D0-AF9E-C69B63E3B902} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-29] (Google Inc.)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2194139580-3168181565-154953947-1001Core.job => C:\Users\Christian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2194139580-3168181565-154953947-1001UA.job => C:\Users\Christian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (whitelisted) =============
2013-08-30 16:01 - 2012-11-09 21:30 - 00065536 _____ () C:\Program Files (x86)\Connectify\ConnectifyService.exe
2012-09-05 09:50 - 2012-09-05 09:50 - 00085112 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-07-26 09:55 - 2012-07-26 09:53 - 00170864 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2012-08-17 11:44 - 2012-08-16 06:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-25 22:44 - 2012-07-25 22:35 - 00070144 _____ () C:\windows\system32\WinMetadata\Windows.Networking.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00022016 _____ () C:\windows\system32\WinMetadata\Windows.Foundation.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00074240 _____ () C:\windows\system32\WinMetadata\Windows.ApplicationModel.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00129024 _____ () C:\windows\system32\WinMetadata\Windows.UI.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00018432 _____ () C:\windows\system32\WinMetadata\Windows.System.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00031744 _____ () C:\windows\system32\WinMetadata\Windows.Globalization.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00080384 _____ () C:\windows\system32\WinMetadata\Windows.Storage.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00046080 _____ () C:\windows\system32\WinMetadata\Windows.Security.winmd
2012-07-25 22:44 - 2012-07-25 22:35 - 00049664 _____ () C:\windows\system32\WinMetadata\Windows.Devices.winmd
2013-10-16 18:15 - 2013-10-16 18:15 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2013-10-17 23:45 - 2013-10-10 18:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-08-30 16:01 - 2012-11-09 21:30 - 00090472 _____ () C:\Program Files (x86)\Connectify\NativeLibrary.dll
2013-08-30 16:01 - 2012-11-09 21:30 - 00035176 _____ () C:\Program Files (x86)\Connectify\DriverLib.dll
2013-08-30 16:01 - 2012-11-09 21:30 - 01068904 _____ () C:\Program Files (x86)\Connectify\ConnectifyNAT.dll
2013-08-30 16:01 - 2012-11-09 21:30 - 00185704 _____ () C:\Program Files (x86)\Connectify\LibDispatch.dll
2013-08-30 16:01 - 2012-11-09 21:30 - 00016232 _____ () C:\Program Files (x86)\Connectify\BuildProps.dll
2013-08-30 16:01 - 2012-11-09 21:30 - 00777064 _____ () C:\Program Files (x86)\Connectify\Vendors.dll
2013-06-20 23:35 - 2013-06-20 23:35 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 09:50 - 2012-09-05 09:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-04-17 14:57 - 2014-04-17 14:57 - 00041984 _____ () c:\users\christian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwfgvxj.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Christian\AppData\Roaming\Dropbox\bin\libcef.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-10-12 03:32 - 2012-07-13 17:30 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2012-10-12 03:24 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Microphone (Realtek High Definition Audio)
Description: Audioendpunkt
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 35%
Total physical RAM: 7893.53 MB
Available physical RAM: 5122.52 MB
Total Pagefile: 11893.53 MB
Available Pagefile: 9122.49 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:93.86 GB) (Free:14.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 117 GB) (Disk ID: C4259125)
Partition: GPT Partition Type.
==================== End Of Log ============================ |