Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Klick auf Scammerlink bei Steam (https://www.trojaner-board.de/161720-klick-scammerlink-steam.html)

Schokokonfek 10.12.2014 21:26
Klick auf Scammerlink bei Steam
 
Hallo Forum!
Ich habe vorhin versehentlich auf einen Steamlink geklickt, den mir ein unbekannter Nutzer sendete.
Hier ein Screenshot von der Nachricht mit Link:
hxxp://puu.sh/dpeMB/99ca14f74f.png

Die Seite selber war als .png link getarnt, war jedoch komplett durchgänging in schwarzer Farbe gekleidet und enthielt kein entsprechendes Bild. Habe sofort als ersten Schritt mein Steampasswort geändert und den Link anschließend auf Virustotal eingegeben, worauf ich folgendes Ergebnis bekam:
https://www.virustotal.com/de/url/60ddfdc8db792c1906a8d8d24d973a5e451427843c90f5526bf42a77873c0ca1/analysis/1418242335/

Die heruntergeladene Datei ist laut der Seite ein "Dropper".
Was genau bedeutet das für mich, was kann/soll ich tun?
Hoffe auf schnelle Rückmeldung.
Danke im Voraus

EDIT: Lasse gerade Avast den PC komplett durchscannen. Im Post vergessen zu erwähnen.

EDIT2:Hier FRST.txt und Addition.txt:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2014 01
Ran by Florian (administrator) on FLORIAN-PC on 10-12-2014 21:42:22
Running from C:\Users\Florian\Pictures
Loaded Profile: Florian (Available profiles: Florian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files (x86)\puush\puush.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
() C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
() C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Florian\Pictures\Defogger.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [6900024 2012-07-24] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [DeathTaker] => C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [303616 2011-10-24] ()
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe [1470464 2012-02-07] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Florian\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2013-11-24] ()
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {06ab57a7-043e-11e2-a91d-806e6f6e6963} - D:\Autorun.exe
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {10202e8f-0466-11e2-85e6-806e6f6e6963} - D:\ASRSetup.exe
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {3d97c7c8-277c-11e3-8e2b-bc5ff450884e} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {45f58c71-76f5-11e3-9352-bc5ff450884e} - F:\Startme.exe
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {87b6a489-04ac-11e2-a465-806e6f6e6963} - D:\setup.exe
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {b4f50a67-04ac-11e2-81df-bc5ff450884e} - E:\pushinst.exe
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {b4f50a68-04ac-11e2-81df-bc5ff450884e} - E:\pushinst.exe
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {c9931d1a-1eda-11e3-957b-bc5ff450884e} - F:\setup.exe
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {c9931d4e-1eda-11e3-957b-bc5ff450884e} - E:\AUTOSTARTER.EXE
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\MountPoints2: {d54128e8-f651-11e3-9ed1-806e6f6e6963} - D:\Startup.exe
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech blank Produktregistrierung.lnk
ShortcutTarget: Logitech blank Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\G35\eReg.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3345558528-265229289-3903659429-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3345558528-265229289-3903659429-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
SearchScopes: HKU\S-1-5-21-3345558528-265229289-3903659429-1000 -> {00A37D74-BB30-47cd-97D0-20A6526F8C3C} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3345558528-265229289-3903659429-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-3345558528-265229289-3903659429-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Florian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-09-22]
FF Extension: Adblock Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-22]
FF Extension: Download Statusbar - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2012-09-22]
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha4850.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4850\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home351.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home351\ff

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [hoafjijdelnfbpoielcapbfeddlkohgg] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home351\ch\MediaWatchV1home351.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-07-18] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-03] (Hi-Rez Studios) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4340664 2012-07-15] (INCA Internet Co., Ltd.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-29] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671000 2014-11-04] (Wacom Technology, Corp.)
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-12-23] (Wellbia.com Co., Ltd.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-01] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-05-12] () [File not signed]
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-19] (DT Soft Ltd)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-09-21] (FNet Co., Ltd.)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-05-12] () [File not signed]
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-18] () [File not signed]
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-10] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 21:42 - 2014-12-10 21:42 - 00000000 ____D () C:\FRST
2014-12-10 21:40 - 2014-12-10 21:40 - 00000168 _____ () C:\Users\Florian\defogger_reenable
2014-12-10 18:33 - 2014-12-10 18:33 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-09 23:44 - 2014-12-09 23:44 - 00000000 ____D () C:\ProgramData\ATI
2014-12-09 23:43 - 2014-12-09 23:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\AMD
2014-12-09 22:47 - 2014-12-09 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-12-09 22:44 - 2014-12-10 18:35 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Raptr
2014-12-09 22:44 - 2014-12-09 22:47 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-09 22:44 - 2014-12-09 22:44 - 00053736 _____ () C:\Windows\SysWOW64\CCCInstall_201412092244148767.log
2014-12-09 22:44 - 2014-12-09 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-09 22:44 - 2014-12-09 22:44 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-09 15:17 - 2014-12-09 15:18 - 00000087 _____ () C:\Users\Florian\Desktop\Neues Textdokument.txt
2014-12-09 15:11 - 2014-12-09 15:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-02 16:53 - 2014-12-02 16:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Command and Conquer 4
2014-12-02 16:53 - 2014-12-02 16:53 - 00000000 ____D () C:\Users\Florian\AppData\Local\Electronic_Arts_Inc
2014-11-30 19:07 - 2014-11-30 19:07 - 00000000 __SHD () C:\Users\Florian\AppData\Local\EmieBrowserModeList
2014-11-21 03:44 - 2014-11-21 03:44 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-11-21 03:41 - 2014-11-21 03:41 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-11-21 03:40 - 2014-11-21 03:40 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-11-21 03:33 - 2014-11-21 03:33 - 47899136 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2014-11-21 03:33 - 2014-11-21 03:33 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-11-21 03:32 - 2014-11-21 03:32 - 40987136 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-11-21 03:31 - 2014-11-21 03:31 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-21 03:31 - 2014-11-21 03:31 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-11-21 03:17 - 2014-11-21 03:17 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-11-21 03:17 - 2014-11-21 03:17 - 00631912 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-11-21 03:17 - 2014-11-21 03:17 - 00631912 _____ () C:\Windows\system32\atiapfxx.blb
2014-11-21 03:17 - 2014-11-21 03:17 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-11-21 03:17 - 2014-11-21 03:17 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-11-21 03:17 - 2014-11-21 03:17 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-11-21 03:15 - 2014-11-21 03:15 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-11-21 03:13 - 2014-11-21 03:13 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-11-21 03:13 - 2014-11-21 03:13 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-11-21 03:13 - 2014-11-21 03:13 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-11-21 03:12 - 2014-11-21 03:12 - 00774656 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-11-21 03:12 - 2014-11-21 03:12 - 00244736 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-11-21 03:12 - 2014-11-21 03:12 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-11-21 03:12 - 2014-11-21 03:12 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-11-21 03:10 - 2014-11-21 03:10 - 00843776 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-11-21 03:08 - 2014-11-21 03:08 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-11-21 03:08 - 2014-11-21 03:08 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-11-21 03:08 - 2014-11-21 03:08 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-11-20 21:36 - 2014-11-20 21:36 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-11-20 21:35 - 2014-11-20 21:35 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
2014-11-19 19:45 - 2014-11-19 19:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2014-11-19 18:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 18:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 18:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 18:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 19:27 - 2014-11-19 19:45 - 00000000 ____D () C:\Users\Florian\AppData\Local\Wacom Help
2014-11-17 18:52 - 2014-11-17 18:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\Wacom
2014-11-17 18:52 - 2014-11-17 18:52 - 00000000 ____D () C:\Users\Florian\.android
2014-11-17 16:45 - 2014-11-17 16:49 - 109911216 _____ () C:\Users\Florian\Downloads\WacomTablet_6.3.10w2.exe
2014-11-16 23:42 - 2014-11-16 23:42 - 01944956 _____ () C:\Users\Florian\Downloads\HoxHud P8.2 Self-installer.exe
2014-11-13 12:30 - 2014-12-10 00:04 - 00000000 ____D () C:\Users\Florian\Documents\Assassin's Creed Unity
2014-11-13 03:23 - 2014-11-13 03:23 - 06000640 _____ () C:\Program Files (x86)\GUT3116.tmp
2014-11-13 03:23 - 2014-11-13 03:23 - 00000000 ____D () C:\Program Files (x86)\GUM3115.tmp
2014-11-13 01:09 - 2014-11-13 01:09 - 00002136 _____ () C:\Users\Public\Desktop\Bernd Das Brot.lnk
2014-11-13 01:05 - 2014-11-13 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-11-13 01:05 - 2014-11-13 01:05 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2014-11-13 00:53 - 2014-11-13 00:53 - 10566389 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(240p_VP8-Vorbis).webm
2014-11-13 00:53 - 2014-11-13 00:53 - 07985078 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(240p_H.264-AAC).mp4
2014-11-13 00:52 - 2014-11-13 00:53 - 08282099 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(240p_H.263-MP3).flv
2014-11-13 00:52 - 2014-11-13 00:53 - 05524650 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(240p_H.264-AAC).3gp
2014-11-13 00:52 - 2014-11-13 00:52 - 01964847 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(144p_H.264-AAC).3gp
2014-11-13 00:52 - 2014-09-15 19:21 - 00004933 _____ () C:\Users\Florian\Downloads\gns-bdbu.nfo
2014-11-13 00:52 - 2014-09-15 18:35 - 1439596544 _____ () C:\Users\Florian\Downloads\gns-bdbu.iso
2014-11-13 00:51 - 2014-11-13 00:52 - 10108501 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(720p_H.264-AAC).mp4
2014-11-13 00:50 - 2014-11-13 00:51 - 04598431 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(360p_VP8-Vorbis).webm
2014-11-13 00:50 - 2014-11-13 00:50 - 03274362 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(360p_H.264-AAC).mp4
2014-11-13 00:49 - 2014-11-13 00:52 - 62822479 _____ () C:\Users\Florian\Downloads\gns-bdbu.part14.rar
2014-11-13 00:49 - 2014-11-13 00:50 - 01619860 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(240p_H.264-AAC).3gp
2014-11-13 00:49 - 2014-11-13 00:49 - 02367605 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(240p_H.263-MP3).flv
2014-11-13 00:49 - 2014-11-13 00:49 - 00584031 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(144p_H.264-AAC).3gp
2014-11-13 00:49 - 2014-11-13 00:49 - 00000765 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer subtitles (Deutsch).srt
2014-11-13 00:39 - 2014-11-13 00:49 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part13.rar
2014-11-13 00:39 - 2014-11-13 00:49 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part12.rar
2014-11-13 00:32 - 2014-11-13 00:39 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part11.rar
2014-11-13 00:32 - 2014-11-13 00:39 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part10.rar
2014-11-13 00:24 - 2014-11-13 00:32 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part09.rar
2014-11-13 00:24 - 2014-11-13 00:31 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part07.rar
2014-11-13 00:16 - 2014-11-13 00:24 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part08.rar
2014-11-12 23:19 - 2014-11-13 00:24 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part05.rar
2014-11-12 23:19 - 2014-11-13 00:21 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part06.rar
2014-11-12 23:10 - 2014-11-12 23:18 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part04.rar
2014-11-12 23:10 - 2014-11-12 23:17 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part03.rar
2014-11-12 21:07 - 2014-11-12 23:19 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part02.rar
2014-11-12 21:07 - 2014-11-12 23:19 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part01.rar
2014-11-12 17:32 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 17:32 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 17:32 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 17:32 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 17:32 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 17:32 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 17:32 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 17:32 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 17:32 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 17:32 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 17:32 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 17:32 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 17:32 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 17:32 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 17:32 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 17:32 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 17:32 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 17:32 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 17:32 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 17:32 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 17:32 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 17:32 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 17:32 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 17:32 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 17:32 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 17:32 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 17:32 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 17:32 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 17:32 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 17:32 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 17:32 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 17:32 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 17:32 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 17:32 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 17:32 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 17:32 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 17:32 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 17:32 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 17:32 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 17:32 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 17:32 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 17:32 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 17:32 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 17:32 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 17:32 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 17:32 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 17:32 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 17:32 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 17:32 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 17:32 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 17:32 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 17:32 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 17:32 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 17:32 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 17:32 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 17:32 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 17:31 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 17:31 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 17:31 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 17:31 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 17:31 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 17:31 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 17:31 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 17:31 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 17:31 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 17:31 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 17:31 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 17:31 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 17:31 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 17:31 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 17:31 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 17:31 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 17:26 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 17:26 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 17:26 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 17:26 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 17:26 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 17:26 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 17:26 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 17:26 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 17:26 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 17:26 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 17:26 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 17:26 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 17:26 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 17:26 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 17:26 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 17:26 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 17:26 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 17:01 - 2014-11-12 17:01 - 00003088 _____ () C:\Windows\System32\Tasks\{D7D5D368-F5E4-4A83-ADD2-359625E863B0}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-10 21:40 - 2012-09-22 16:30 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TS3Client
2014-12-10 21:40 - 2012-09-21 23:37 - 00000000 ____D () C:\Users\Florian
2014-12-10 21:05 - 2012-09-22 13:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-10 21:04 - 2012-12-08 14:35 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-10 21:04 - 2012-09-22 14:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-10 19:51 - 2012-09-21 23:36 - 01450213 _____ () C:\Windows\WindowsUpdate.log
2014-12-10 19:05 - 2012-09-22 13:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 19:05 - 2012-09-22 13:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 19:05 - 2012-09-22 13:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 18:40 - 2009-07-14 05:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-10 18:40 - 2009-07-14 05:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-10 18:33 - 2012-09-21 23:48 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-12-10 18:32 - 2012-12-08 14:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-10 18:30 - 2012-12-08 14:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-10 18:29 - 2012-09-21 23:52 - 01191996 _____ () C:\Windows\PFRO.log
2014-12-10 18:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-10 18:29 - 2009-07-14 05:51 - 00110006 _____ () C:\Windows\setupact.log
2014-12-10 00:43 - 2012-09-22 14:33 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Skype
2014-12-09 23:40 - 2012-09-22 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 22:44 - 2012-11-03 13:54 - 00000000 ____D () C:\ProgramData\AMD
2014-12-09 22:43 - 2014-09-12 16:27 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-12-09 22:43 - 2014-02-08 20:54 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-12-09 22:41 - 2014-02-08 20:58 - 00000000 ____D () C:\Program Files\AMD
2014-12-09 22:38 - 2012-09-22 14:10 - 00000000 ____D () C:\AMD
2014-12-03 05:08 - 2013-06-18 21:00 - 00000000 ____D () C:\ProgramData\Origin
2014-12-02 20:58 - 2012-09-29 21:43 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashDumps
2014-12-02 15:52 - 2013-06-18 21:00 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-02 05:43 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-01 21:42 - 2014-06-26 10:19 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\WTablet
2014-11-30 21:33 - 2014-08-28 13:52 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\OBS
2014-11-24 20:00 - 2014-08-28 13:52 - 00000000 ____D () C:\Program Files\OBS
2014-11-22 20:39 - 2014-03-09 15:14 - 00000000 ____D () C:\Program Files (x86)\Thief
2014-11-22 20:39 - 2014-01-17 01:58 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-11-22 20:33 - 2012-11-23 17:07 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-11-22 20:33 - 2012-09-21 23:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-21 18:46 - 2012-12-08 14:35 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 03:44 - 2013-12-06 23:04 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-11-21 03:44 - 2013-12-06 23:03 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-11-21 03:44 - 2013-12-06 23:03 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-11-21 03:44 - 2013-12-06 23:02 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-11-21 03:44 - 2013-12-06 23:01 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-11-21 03:44 - 2013-12-06 23:01 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-11-21 03:44 - 2013-12-06 23:00 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-11-21 03:44 - 2013-12-06 22:59 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-11-21 03:43 - 2013-12-06 22:59 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-11-21 03:43 - 2013-12-06 22:58 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-11-21 03:43 - 2013-12-06 22:57 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-11-21 03:43 - 2013-12-06 22:56 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-11-21 03:24 - 2013-12-06 22:16 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-11-21 03:12 - 2013-12-06 21:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-11-21 03:09 - 2013-12-06 21:22 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-11-21 03:09 - 2013-12-06 21:22 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-11-21 03:08 - 2013-12-06 21:22 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-11-19 19:44 - 2014-06-25 15:01 - 00000000 ____D () C:\Program Files\Tablet
2014-11-17 22:48 - 2014-07-09 12:41 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\DarknessII
2014-11-17 17:03 - 2014-06-25 15:02 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-11-17 17:03 - 2014-06-25 15:02 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-11-16 22:59 - 2012-12-08 14:35 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 22:59 - 2012-12-08 14:35 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 22:53 - 2009-07-14 18:58 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-11-13 22:53 - 2009-07-14 18:58 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-11-13 22:53 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 18:41 - 2014-08-18 12:40 - 00000000 ____D () C:\Users\Florian\Downloads\Gameforge Live
2014-11-13 18:41 - 2014-08-18 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-11-13 18:41 - 2014-08-18 12:40 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-11-13 15:53 - 2013-12-03 18:07 - 00000000 ____D () C:\Users\Florian\AppData\Local\Microsoft Help
2014-11-13 12:45 - 2012-09-29 15:15 - 00832836 _____ () C:\Windows\DirectX.log
2014-11-13 04:17 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 03:26 - 2009-07-14 05:45 - 05035928 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 03:23 - 2014-05-07 00:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 03:07 - 2013-12-03 18:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-13 03:05 - 2013-08-14 15:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 03:02 - 2012-10-16 19:33 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 17:01 - 2014-09-28 21:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-12 17:01 - 2012-09-22 14:33 - 00000000 ____D () C:\ProgramData\Skype
2014-11-11 16:15 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-10 17:50 - 2014-09-17 10:53 - 00000000 ____D () C:\Users\Florian\Documents\ArcheAge

Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\AcDeltree.exe
C:\Users\Florian\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\Florian\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Florian\AppData\Local\Temp\drvinst01.exe
C:\Users\Florian\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Florian\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Florian\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Florian\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Florian\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Florian\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Florian\AppData\Local\Temp\Nexus%20Mod%20Manager-0.45.7.exe
C:\Users\Florian\AppData\Local\Temp\raptrpatch.exe
C:\Users\Florian\AppData\Local\Temp\raptr_stub.exe
C:\Users\Florian\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Florian\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Florian\AppData\Local\Temp\sfextra.dll
C:\Users\Florian\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Florian\AppData\Local\Temp\sonarinst.exe
C:\Users\Florian\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Florian\AppData\Local\Temp\tmp365B.exe
C:\Users\Florian\AppData\Local\Temp\tmpF5B.exe
C:\Users\Florian\AppData\Local\Temp\ubi3F89.tmp.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 16:39

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-12-2014 01
Ran by Florian at 2014-12-10 21:44:35
Running from C:\Users\Florian\Pictures
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Archeage (HKLM-x32\...\Glyph Archeage) (Version:  - Trion Worlds, Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version:  - )
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version:  - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
Autodesk Mudbox 2014 (HKLM\...\Autodesk Mudbox 2014) (Version: 8.0.0.1010 - Autodesk)
Autodesk Mudbox 2014 (Version: 8.0.0.1010 - Autodesk) Hidden
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Bernd Das Brot (HKLM-x32\...\{DE45597F-C985-496B-A7BB-CAACADDF625D}) (Version: 1.00 - Deep Silver)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - Gaijin Games)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
Command and Conquer 4: Tiberian Twilight (HKLM-x32\...\Steam App 47700) (Version:  - EA Los Angeles)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CPUID CPU-Z 1.65.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version:  - Ninja Theory)
Dropbox (HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.02 - Ubisoft)
FORCED (HKLM-x32\...\Steam App 249990) (Version:  - BetaDwarf)
Free YouTube to MP3 Converter version 3.11.34.1015 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.34.1015 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Gaming Mouse (HKLM-x32\...\{0614BCA9-3613-4171-8128-621991A9FBF2}}_is1) (Version:  - )
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KUDOS RS Gaming Mouse (HKLM-x32\...\SPEEDLINK KUDOS) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software 8.35 (HKLM\...\Logitech Gaming Software) (Version: 8.35.18 - Logitech Inc.)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Mass Effect™ (HKLM-x32\...\{44A570EE-FD93-4086-8997-2C38DFDE0019}) (Version: 1.2.20608.0 - Electronic Arts)
Mass Effect™ 2 (HKLM-x32\...\{E19B628D-A9BC-4519-B1D4-4C8C09074F7F}) (Version: 1.2.1604.0 - Electronic Arts)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{8057481C-0CFC-43BB-8EEC-C6A0E1C82E19}) (Version: 13.0.1.0 - mental ray)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
MotioninJoy DS3 driver version 0.6.0005 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.0005 - www.motioninjoy.com)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Neighbours from Hell (HKLM-x32\...\Steam App 260750) (Version:  - JoWooD Vienna)
Neighbours from Hell 2 (HKLM-x32\...\Steam App 260770) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.45.7 - Black Tree Gaming)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - Robot Entertainment)
Orcs Must Die! Unchained (HKLM-x32\...\{8EBA33AF-48E0-4207-A4EE-96029415AD76}_is1) (Version:  - Gameforge 4D GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pokemon Online 2.0.07 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version:  - Dreambelievers)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Questpaket 4 Update 2 Deinstallation (HKLM-x32\...\G3QP231012008_is1) (Version: 4.2.0.0 - Humanforce)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Remember Me (HKLM-x32\...\Steam App 228300) (Version:  - DONTNOD Entertainment)
Reus (HKLM-x32\...\Steam App 222730) (Version:  - Abbey Games)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version:  - Ubisoft - San Francisco)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version:  - 5th Cell Media)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1970.1 - Hi-Rez Studios)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version:  - Digital Extremes)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
THX TruStudio (HKLM-x32\...\{AFB907F5-C0E6-4753-8284-DE955EF86AC2}) (Version: 1.00.01 - Creative Technology Limited)
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version:  - Black Pants Game Studio)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
Unity Web Player (HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.10w2 - Wacom Technology Corp.)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.28 - ASRock Inc.)
XIII (HKLM-x32\...\{42BC0474-6E50-464A-8183-5E3D32E41B1B}) (Version: 1.00.000 - )
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3345558528-265229289-3903659429-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3345558528-265229289-3903659429-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3345558528-265229289-3903659429-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3345558528-265229289-3903659429-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3345558528-265229289-3903659429-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

05-12-2014 15:39:44 Windows Update
09-12-2014 10:04:37 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1DE3738C-4265-4B5B-B1E8-523D7DFFDC22} - System32\Tasks\{6DA31595-BC59-4897-B177-164BE5738E95} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {3664E3C5-6B82-40DF-AC94-D85906651303} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {4990E40A-BC83-4D49-AA10-352F5F94CC02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {4C314C0F-8A73-436F-B95E-23C206AF1A71} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {58C8166A-6AF2-499F-BA90-212B595C7E22} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {7B0CF12C-71E3-47A6-9ECD-782E17926896} - System32\Tasks\{D7D5D368-F5E4-4A83-ADD2-359625E863B0} => Firefox.exe hxxp://ui.skype.com/ui/0/6.21.0.104/de/abandoninstall?page=tsProgressBar
Task: {9AB11BFA-A800-4EA6-B478-AA476EB903A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {BC24BD9E-B6B6-4603-8F3A-8369871B0812} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-01] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Florian\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-09-22 14:32 - 2011-10-26 16:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2012-09-21 23:42 - 2012-03-19 08:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-02-09 15:26 - 2012-02-09 15:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 15:26 - 2012-02-09 15:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 15:26 - 2012-02-09 15:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2013-11-21 16:16 - 2014-08-29 19:58 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-25 15:01 - 2014-11-04 19:49 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2012-01-10 14:41 - 2013-11-24 22:41 - 00567880 _____ () C:\Program Files (x86)\puush\puush.exe
2012-09-22 15:20 - 2011-10-24 15:22 - 00303616 _____ () C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
2012-02-07 00:58 - 2012-02-07 00:58 - 01470464 _____ () C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe
2014-03-14 18:34 - 2014-03-14 18:34 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-14 18:34 - 2014-03-14 18:34 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-14 18:34 - 2014-03-14 18:34 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-07-30 15:13 - 2014-08-06 19:34 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-07-30 15:13 - 2014-08-06 19:34 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-14 18:34 - 2014-03-14 18:34 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-14 18:34 - 2014-03-14 18:34 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2012-07-30 15:13 - 2014-08-06 19:34 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-09 15:49 - 2014-08-06 19:34 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-14 18:34 - 2014-03-14 18:34 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-12-10 21:38 - 2014-12-10 21:38 - 00050477 _____ () C:\Users\Florian\Pictures\Defogger.exe
2014-08-01 18:46 - 2014-08-01 18:46 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-12-09 19:05 - 2014-12-09 19:05 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14120901\algo.dll
2014-12-10 18:31 - 2014-12-10 18:31 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14121000\algo.dll
2014-12-10 20:34 - 2014-12-10 20:34 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14121001\algo.dll
2012-09-22 15:20 - 2011-09-05 08:41 - 00061440 _____ () C:\Program Files (x86)\Genius\DeathTaker\HidDevice.dll
2014-08-01 18:46 - 2014-08-01 18:46 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 01:37 - 2014-08-14 01:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 01:37 - 2014-08-14 01:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2014-12-08 20:17 - 2014-12-08 20:17 - 02519808 _____ () C:\Program Files (x86)\Raptr\ltc_host_ex.DLL
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-10-19 15:45 - 2014-10-19 15:45 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2012-09-21 23:44 - 2011-11-29 19:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-08-28 23:38 - 2014-11-11 19:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 23:38 - 2014-11-11 19:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 23:38 - 2014-11-11 19:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-23 12:08 - 2014-11-18 21:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 23:38 - 2014-11-11 19:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 23:38 - 2014-11-11 19:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-09-22 16:32 - 2014-11-18 21:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-09-22 16:32 - 2014-11-11 19:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-15 00:03 - 2014-11-11 19:48 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-12-09 15:11 - 2014-12-09 15:11 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Florian\Cookies:7KbKbd5dKO548pbPDoH02t
AlternateDataStreams: C:\Users\Florian\Lokale Einstellungen:y2Fc8sFN2We1CvDboQmgG1
AlternateDataStreams: C:\Users\Florian\AppData\Local:y2Fc8sFN2We1CvDboQmgG1
AlternateDataStreams: C:\Users\Florian\AppData\Local\Anwendungsdaten:y2Fc8sFN2We1CvDboQmgG1
AlternateDataStreams: C:\Users\Florian\AppData\Local\Temporary Internet Files:f0I2opsGaXqzd9mowWTX5dL5

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: cFosSpeedS => 2
MSCONFIG\startupfolder: C:^Users^Florian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: THX TruStudio NB Settings => "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
MSCONFIG\startupreg: THXCfg64 => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\THXCfg64.dll,RunDLLEntry THXCfg64
MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE
MSCONFIG\startupreg: XFast LAN => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe
MSCONFIG\startupreg: XFastUSB => "C:\Program Files (x86)\XFastUSB\XFastUsb.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-3345558528-265229289-3903659429-500 - Administrator - Disabled)
Florian (S-1-5-21-3345558528-265229289-3903659429-1000 - Administrator - Enabled) => C:\Users\Florian
Gast (S-1-5-21-3345558528-265229289-3903659429-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3345558528-265229289-3903659429-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/10/2014 06:36:07 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (12/10/2014 06:36:01 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (12/10/2014 06:33:01 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/09/2014 11:42:14 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/09/2014 11:00:05 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (12/09/2014 10:59:59 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (12/09/2014 10:59:10 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (12/08/2014 05:33:16 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (12/08/2014 05:33:10 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (12/08/2014 03:18:49 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


System errors:
=============
Error: (12/10/2014 06:33:03 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/10/2014 06:33:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (12/10/2014 06:32:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (12/09/2014 11:49:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (12/09/2014 11:42:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/09/2014 11:42:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (12/09/2014 11:42:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (12/09/2014 10:59:14 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/09/2014 10:59:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "lirsgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (12/09/2014 10:58:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577


Microsoft Office Sessions:
=========================
Error: (12/07/2013 10:20:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-12-10 18:33:01.415
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-10 18:33:01.228
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-10 18:32:48.295
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-10 18:32:47.874
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-09 23:42:14.567
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-09 23:42:14.333
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-09 23:42:01.744
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-09 23:42:01.354
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-09 10:59:10.421
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-09 10:59:10.312
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 42%
Total physical RAM: 8087.01 MB
Available physical RAM: 4639.29 MB
Total Pagefile: 16172.2 MB
Available Pagefile: 12397.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:65.45 GB) NTFS
Drive d: (Tablet_CD) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS
Drive e: (BDB) (CDROM) (Total:1.34 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D57D4A09)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 10.12.2014 22:36
hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Software Version Updater


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Schokokonfek 11.12.2014 00:26
Hallo schrauber!
Vielen Dank soweit für die Unterstützung.
Hier das angeforderte Logfile:
Code:
ComboFix 14-12-10.03 - Florian 11.12.2014  0:08.1.8 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.8087.4158 [GMT 1:00]
ausgeführt von:: c:\users\Florian\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\ntuser.pol
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-11-10 bis 2014-12-10  ))))))))))))))))))))))))))))))
.
.
2014-12-10 23:15 . 2014-12-10 23:15        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-12-10 23:04 . 2014-12-10 23:04        75888        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{1F1522DB-2B72-4B67-815C-EAB4B80E3692}\offreg.dll
2014-12-10 21:42 . 2014-12-10 21:42        --------        d-----w-        c:\program files (x86)\VS Revo Group
2014-12-10 20:42 . 2014-12-10 20:45        --------        d-----w-        C:\FRST
2014-12-09 22:44 . 2014-12-09 22:44        --------        d-----w-        c:\programdata\ATI
2014-12-09 22:43 . 2014-12-09 22:43        --------        d-----w-        c:\users\Florian\AppData\Roaming\AMD
2014-12-09 21:44 . 2014-12-10 21:34        --------        d-----w-        c:\users\Florian\AppData\Roaming\Raptr
2014-12-09 21:44 . 2014-12-09 21:47        --------        d-----w-        c:\program files (x86)\Raptr
2014-12-09 21:44 . 2014-12-09 21:44        --------        d-----w-        c:\program files (x86)\AMD AVT
2014-12-09 10:05 . 2014-11-02 04:20        11632448        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{1F1522DB-2B72-4B67-815C-EAB4B80E3692}\mpengine.dll
2014-12-02 15:53 . 2014-12-02 15:55        --------        d-----w-        c:\users\Florian\AppData\Roaming\Command and Conquer 4
2014-12-02 15:53 . 2014-12-02 15:53        --------        d-----w-        c:\users\Florian\AppData\Local\Electronic_Arts_Inc
2014-11-30 18:07 . 2014-11-30 18:07        --------        d-sh--w-        c:\users\Florian\AppData\Local\EmieBrowserModeList
2014-11-21 02:44 . 2014-11-21 02:44        128384        ----a-w-        c:\windows\system32\amdhcp64.dll
2014-11-21 02:44 . 2014-11-21 02:44        118096        ----a-w-        c:\windows\SysWow64\amdhcp32.dll
2014-11-21 02:44 . 2014-11-21 02:44        78432        ----a-w-        c:\windows\system32\atimpc64.dll
2014-11-21 02:44 . 2014-11-21 02:44        78432        ----a-w-        c:\windows\system32\amdpcom64.dll
2014-11-21 02:44 . 2014-11-21 02:44        71704        ----a-w-        c:\windows\SysWow64\atimpc32.dll
2014-11-21 02:44 . 2014-11-21 02:44        71704        ----a-w-        c:\windows\SysWow64\amdpcom32.dll
2014-11-21 02:41 . 2014-11-21 02:41        294600        ----a-w-        c:\windows\system32\drivers\amdacpksd.sys
2014-11-21 02:40 . 2014-11-21 02:40        18959360        ----a-w-        c:\windows\system32\drivers\atikmdag.sys
2014-11-21 02:33 . 2014-11-21 02:33        235008        ----a-w-        c:\windows\system32\clinfo.exe
2014-11-21 02:33 . 2014-11-21 02:33        98816        ----a-w-        c:\windows\system32\OpenVideo64.dll
2014-11-21 02:33 . 2014-11-21 02:33        83456        ----a-w-        c:\windows\SysWow64\OpenVideo.dll
2014-11-21 02:33 . 2014-11-21 02:33        86528        ----a-w-        c:\windows\system32\OVDecode64.dll
2014-11-21 02:33 . 2014-11-21 02:33        73216        ----a-w-        c:\windows\SysWow64\OVDecode.dll
2014-11-21 02:33 . 2014-11-21 02:33        47899136        ----a-w-        c:\windows\system32\amdocl64.dll
2014-11-21 02:32 . 2014-11-21 02:32        40987136        ----a-w-        c:\windows\SysWow64\amdocl.dll
2014-11-21 02:31 . 2014-11-21 02:31        65024        ----a-w-        c:\windows\system32\OpenCL.dll
2014-11-21 02:31 . 2014-11-21 02:31        58880        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2014-11-21 02:19 . 2014-11-21 02:19        23621632        ----a-w-        c:\windows\SysWow64\atioglxx.dll
2014-11-21 02:19 . 2014-11-21 02:19        49664        ----a-w-        c:\windows\system32\amdmmcl6.dll
2014-11-21 02:19 . 2014-11-21 02:19        38912        ----a-w-        c:\windows\SysWow64\amdmmcl.dll
2014-11-21 02:18 . 2014-11-21 02:18        127488        ----a-w-        c:\windows\system32\mantle64.dll
2014-11-21 02:18 . 2014-11-21 02:18        113664        ----a-w-        c:\windows\SysWow64\mantle32.dll
2014-11-21 02:18 . 2014-11-21 02:18        5837312        ----a-w-        c:\windows\system32\amdmantle64.dll
2014-11-21 02:17 . 2014-11-21 02:17        367104        ----a-w-        c:\windows\system32\atiapfxx.exe
2014-11-21 02:17 . 2014-11-21 02:17        62464        ----a-w-        c:\windows\system32\aticalrt64.dll
2014-11-21 02:17 . 2014-11-21 02:17        52224        ----a-w-        c:\windows\SysWow64\aticalrt.dll
2014-11-21 02:16 . 2014-11-21 02:16        55808        ----a-w-        c:\windows\system32\aticalcl64.dll
2014-11-21 02:16 . 2014-11-21 02:16        49152        ----a-w-        c:\windows\SysWow64\aticalcl.dll
2014-11-21 02:16 . 2014-11-21 02:16        15716352        ----a-w-        c:\windows\system32\aticaldd64.dll
2014-11-21 02:16 . 2014-11-21 02:16        14302208        ----a-w-        c:\windows\SysWow64\aticaldd.dll
2014-11-21 02:15 . 2014-11-21 02:15        4590592        ----a-w-        c:\windows\SysWow64\amdmantle32.dll
2014-11-21 02:13 . 2014-11-21 02:13        91648        ----a-w-        c:\windows\system32\mantleaxl64.dll
2014-11-21 02:13 . 2014-11-21 02:13        85504        ----a-w-        c:\windows\SysWow64\mantleaxl32.dll
2014-11-21 02:12 . 2014-11-21 02:12        31232        ----a-w-        c:\windows\system32\atimuixx.dll
2014-11-21 02:12 . 2014-11-21 02:12        774656        ----a-w-        c:\windows\system32\atieclxx.exe
2014-11-21 02:12 . 2014-11-21 02:12        244736        ----a-w-        c:\windows\system32\atiesrxx.exe
2014-11-21 02:12 . 2014-11-21 02:12        190976        ----a-w-        c:\windows\system32\atitmm64.dll
2014-11-21 02:10 . 2014-11-21 02:10        843776        ----a-w-        c:\windows\system32\coinst_14.50.dll
2014-11-21 02:09 . 2014-11-21 02:09        95744        ----a-w-        c:\windows\system32\amdave64.dll
2014-11-21 02:09 . 2014-11-21 02:09        90112        ----a-w-        c:\windows\SysWow64\amdave32.dll
2014-11-21 02:09 . 2014-11-21 02:09        89088        ----a-w-        c:\windows\system32\atisamu64.dll
2014-11-21 02:09 . 2014-11-21 02:09        80896        ----a-w-        c:\windows\SysWow64\atisamu32.dll
2014-11-21 02:09 . 2014-11-21 02:09        903168        ----a-w-        c:\windows\SysWow64\atiadlxy.dll
2014-11-21 02:09 . 2014-11-21 02:09        69632        ----a-w-        c:\windows\SysWow64\atiglpxx.dll
2014-11-21 02:09 . 2014-11-21 02:09        69632        ----a-w-        c:\windows\system32\atiglpxx.dll
2014-11-21 02:08 . 2014-11-21 02:08        133632        ----a-w-        c:\windows\SysWow64\atigktxx.dll
2014-11-21 02:08 . 2014-11-21 02:08        589312        ----a-w-        c:\windows\system32\drivers\atikmpag.sys
2014-11-21 02:08 . 2014-11-21 02:08        43520        ----a-w-        c:\windows\system32\drivers\ati2erec.dll
2014-11-20 20:36 . 2014-11-20 20:36        51200        ----a-w-        c:\windows\system32\kdbsdk64.dll
2014-11-20 20:35 . 2014-11-20 20:35        38912        ----a-w-        c:\windows\SysWow64\kdbsdk32.dll
2014-11-19 17:41 . 2014-11-11 03:08        241152        ----a-w-        c:\windows\system32\pku2u.dll
2014-11-19 17:41 . 2014-11-11 03:08        728064        ----a-w-        c:\windows\system32\kerberos.dll
2014-11-19 17:41 . 2014-11-11 02:44        186880        ----a-w-        c:\windows\SysWow64\pku2u.dll
2014-11-19 17:41 . 2014-11-11 02:44        550912        ----a-w-        c:\windows\SysWow64\kerberos.dll
2014-11-18 18:27 . 2014-11-19 18:45        --------        d-----w-        c:\users\Florian\AppData\Local\Wacom Help
2014-11-17 17:52 . 2014-11-17 17:52        --------        d-----w-        c:\users\Florian\.android
2014-11-17 17:52 . 2014-11-17 17:52        --------        d-----w-        c:\users\Florian\AppData\Local\Wacom
2014-11-13 02:23 . 2014-11-13 02:23        --------        d-----w-        c:\program files (x86)\GUM3115.tmp
2014-11-13 02:23 . 2014-11-13 02:23        6000640        ----a-w-        c:\program files (x86)\GUT3116.tmp
2014-11-13 00:05 . 2014-11-13 00:05        --------        d-----w-        c:\program files (x86)\Deep Silver
2014-11-12 16:31 . 2014-10-18 02:05        861696        ----a-w-        c:\windows\system32\oleaut32.dll
2014-11-12 16:26 . 2014-08-21 06:43        1882624        ----a-w-        c:\windows\system32\msxml3.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-10 18:05 . 2012-09-22 12:45        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 18:05 . 2012-09-22 12:45        701104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-10 17:33 . 2012-09-21 22:48        34752        ----a-w-        c:\windows\system32\drivers\WPRO_41_2001.sys
2014-11-21 17:46 . 2012-12-08 13:35        1041168        ----a-w-        c:\windows\system32\drivers\aswsnx.sys
2014-11-21 02:44 . 2013-12-06 22:04        144328        ----a-w-        c:\windows\system32\atiuxp64.dll
2014-11-21 02:44 . 2013-12-06 22:03        126848        ----a-w-        c:\windows\SysWow64\atiuxpag.dll
2014-11-21 02:44 . 2013-12-06 22:03        118096        ----a-w-        c:\windows\system32\atiu9p64.dll
2014-11-21 02:44 . 2013-12-06 22:02        100032        ----a-w-        c:\windows\SysWow64\atiu9pag.dll
2014-11-21 02:44 . 2013-12-06 22:01        1348928        ----a-w-        c:\windows\system32\aticfx64.dll
2014-11-21 02:44 . 2013-12-06 22:01        1127496        ----a-w-        c:\windows\SysWow64\aticfx32.dll
2014-11-21 02:44 . 2013-12-06 22:00        11076784        ----a-w-        c:\windows\system32\atidxx64.dll
2014-11-21 02:44 . 2013-12-06 21:59        9401480        ----a-w-        c:\windows\SysWow64\atidxx32.dll
2014-11-21 02:43 . 2013-12-06 21:59        7558816        ----a-w-        c:\windows\SysWow64\atiumdva.dll
2014-11-21 02:43 . 2013-12-06 21:58        7077776        ----a-w-        c:\windows\SysWow64\atiumdag.dll
2014-11-21 02:43 . 2013-12-06 21:57        8379720        ----a-w-        c:\windows\system32\atiumd6a.dll
2014-11-21 02:43 . 2013-12-06 21:56        8369408        ----a-w-        c:\windows\system32\atiumd64.dll
2014-11-21 02:24 . 2013-12-06 21:16        28354560        ----a-w-        c:\windows\system32\atio6axx.dll
2014-11-21 02:12 . 2013-12-06 20:53        442368        ----a-w-        c:\windows\system32\atidemgy.dll
2014-11-21 02:09 . 2013-12-06 20:22        1214976        ----a-w-        c:\windows\system32\atiadlxx.dll
2014-11-21 02:09 . 2013-12-06 20:22        75264        ----a-w-        c:\windows\system32\atig6pxx.dll
2014-11-21 02:08 . 2013-12-06 20:22        146944        ----a-w-        c:\windows\system32\atig6txx.dll
2014-11-13 02:02 . 2012-10-16 18:33        103374192        ----a-w-        c:\windows\system32\MRT.exe
2014-11-04 18:49 . 2014-06-25 14:01        1995544        ----a-w-        c:\windows\system32\Wacom_Tablet.dll
2014-11-04 18:49 . 2014-06-25 14:01        1988888        ----a-w-        c:\windows\system32\Wacom_Touch_Tablet.dll
2014-11-04 18:49 . 2014-06-25 14:01        1863448        ----a-w-        c:\windows\system32\Wintab32.dll
2014-11-04 18:49 . 2014-06-25 14:01        2029336        ----a-w-        c:\windows\system32\WacomMT.dll
2014-11-04 18:49 . 2014-06-25 14:01        1497368        ----a-w-        c:\windows\SysWow64\Wintab32.dll
2014-11-04 18:49 . 2014-06-25 14:01        1626392        ----a-w-        c:\windows\SysWow64\WacomMT.dll
2014-11-04 18:49 . 2014-06-25 14:01        1617176        ----a-w-        c:\windows\SysWow64\Wacom_Tablet.dll
2014-11-04 18:49 . 2014-06-25 14:01        1610008        ----a-w-        c:\windows\SysWow64\Wacom_Touch_Tablet.dll
2014-11-04 13:30 . 2012-09-22 12:46        275080        ------w-        c:\windows\system32\MpSigStub.exe
2014-10-06 23:54 . 2014-06-25 14:01        15160        ----a-w-        c:\windows\system32\drivers\wacomrouterfilter.sys
2014-10-06 23:54 . 2014-06-25 14:01        14136        ----a-w-        c:\windows\system32\drivers\hidkmdf.sys
2014-10-06 23:54 . 2014-06-25 14:01        100664        ----a-w-        c:\windows\system32\drivers\wachidrouter.sys
2014-09-25 02:08 . 2014-10-01 06:17        371712        ----a-w-        c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-01 06:17        519680        ----a-w-        c:\windows\SysWow64\qdvd.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        131248        ----a-w-        c:\users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"puush"="c:\program files (x86)\puush\puush.exe" [2013-11-24 567880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-26 291608]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"DeathTaker"="c:\program files (x86)\Genius\DeathTaker\mousehid.exe" [2011-10-24 303616]
"SPEEDLINK KUDOS"="c:\program files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe" [2012-02-06 1470464]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-01 4085896]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-12-08 55568]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfSBVMamd64.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem;c:\windows\SYSNATIVE\xsherlock.xem [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-22 18:05]
.
2014-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08 01:53]
.
2014-12-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08 01:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-01 17:46        634872        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54        164016        ----a-w-        c:\users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-22 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-22 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-22 439064]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-07-24 6900024]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = fritz.box;<local>
IE: Free YouTube to MP3 Converter - c:\users\Florian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-zASRockInstantBoot - (no file)
Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Florian\AppData\Local\Akamai\netsession_win.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
c:\users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech blank Produktregistrierung.lnk - c:\program files (x86)\Logitech\G35\eReg.exe /remind /language=DEU /WHFM="blank"
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1 - c:\program files (x86)\Pokemon Online\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\xsherlock]
"ImagePath"="c:\windows\system32\xsherlock.xem"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3345558528-265229289-3903659429-1000\Software\SecuROM\License information*]
"datasecu"=hex:98,af,30,16,71,25,34,d2,65,5a,6e,6b,77,e6,49,a2,a7,b5,6b,4f,e4,
  f1,1d,7b,32,4a,83,e1,2a,aa,5f,16,e1,0f,fb,ac,8e,05,50,f0,e4,a0,19,f9,35,cf,\
"rkeysecu"=hex:42,34,ce,9e,84,45,59,05,72,48,20,7a,f7,53,76,53
.
[HKEY_USERS\S-1-5-21-3345558528-265229289-3903659429-1000\Control Panel\Desktop*]
@Allowed: (Read) (RestrictedCode)
"WheelScrollLines"="3"
DUMPHIVE0.003 (REGF)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-12-11  00:18:06
ComboFix-quarantined-files.txt  2014-12-10 23:18
.
Vor Suchlauf: 17 Verzeichnis(se), 130.531.180.544 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 132.725.415.936 Bytes frei
.
- - End Of File - - 4E9F6E1248EEB81E0CB52FAA7CE09AC5
Muss ich mir Sorgen um meine Passwörter oder ähnliches machen?
Was genau war das denn nun für ein Virus, der mir da untergejubelt wurde?

schrauber 11.12.2014 20:19
Noch sehe ich gar nix ausser Adware. Aber Passwörter ändern ist Pflicht.


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Schokokonfek 12.12.2014 00:18
Hi,
anbei die geforderten logfiles:

MBAM:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 11.12.2014
Suchlauf-Zeit: 23:07:46
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.11.06
Rootkit Datenbank: v2014.12.08.03
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Florian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 385868
Verstrichene Zeit: 9 Min, 23 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 6
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\Updater.AmiUpd, In Quarantäne, [3a583130ff7dff37f469abb47192b64a],
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MediaViewV1alpha4850, In Quarantäne, [3d552d34e5972f077587d6b0a063e31d],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home351, In Quarantäne, [dfb38fd22953d75f65846b53ba4ac53b],
PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Updater.AmiUpd, In Quarantäne, [652ddb86e498d2642934b2adfd0626da],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, In Quarantäne, [ddb5ed74b3c98ea84f49a9c015ee9f61],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3345558528-265229289-3903659429-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT, In Quarantäne, [8c0608594636ae88908fafdfa85bd62a],

Registrierungswerte: 3
PUP.Optional.MediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaViewV1alpha4850.net, C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha4850\ff, In Quarantäne, [533f5011067659ddf20b3f4727dcb64a]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home351.net, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home351\ff, In Quarantäne, [9101a8b9d8a4a98ddf0b28960ef6e020]
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3345558528-265229289-3903659429-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SEARCHPROTECTINT|Install, 1, In Quarantäne, [8c0608594636ae88908fafdfa85bd62a]

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 4
PUP.RiskwareTool.CK, C:\Users\Florian\Desktop\amtlib.dll, In Quarantäne, [a0f20061027a63d34a5bed82ae54f40c],
VirTool.Obfuscator, C:\Program Files (x86)\Saints Row IV\steam_api.dll, In Quarantäne, [0a887be66f0dee4838f69e9ef90840c0],
PUP.Optional.OpenCandy, C:\Users\Florian\Downloads\DTLite4471-0333.exe, In Quarantäne, [1280a6bb4d2fc1755af1652c4cb901ff],
PUP.Optional.OpenCandy, C:\Users\Florian\Downloads\DAEMONToolsUltra110-0103.exe, In Quarantäne, [7c16a0c13a4290a690bb4a47ae575aa6],

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
AdwCleaner:
Code:
# AdwCleaner v4.105 - Bericht erstellt am 11/12/2014 um 23:59:10
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-08.2 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Florian - FLORIAN-PC
# Gestartet von : C:\Users\Florian\Pictures\AdwCleaner_4.105.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Users\Florian\AppData\Roaming\DeviceVM
Ordner Gelöscht : C:\Users\Florian\AppData\Roaming\dvdvideosoftiehelpers
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\foxydeal.sqlite

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MediaViewV1
Schlüssel Gelöscht : HKLM\SOFTWARE\MediaWatchV1
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


*************************

AdwCleaner[R0].txt - [1646 octets] - [11/12/2014 23:57:17]
AdwCleaner[S0].txt - [1517 octets] - [11/12/2014 23:59:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1577 octets] ##########
JRT:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Florian on 12.12.2014 at  0:04:31,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\2risl3wm.default\minidumps [464 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.12.2014 at  0:07:12,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-12-2014 01
Ran by Florian (administrator) on FLORIAN-PC on 12-12-2014 00:17:14
Running from C:\Users\Florian\Pictures
Loaded Profile: Florian (Available profiles: Florian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
() C:\Program Files (x86)\puush\puush.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
() C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
() C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [6900024 2012-07-24] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [DeathTaker] => C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [303616 2011-10-24] ()
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe [1470464 2012-02-07] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2013-11-24] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3345558528-265229289-3903659429-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3345558528-265229289-3903659429-1000 -> {00A37D74-BB30-47cd-97D0-20A6526F8C3C} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Florian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-09-22]
FF Extension: Adblock Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-22]
FF Extension: Download Statusbar - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2012-09-22]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [hoafjijdelnfbpoielcapbfeddlkohgg] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home351\ch\MediaWatchV1home351.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [244736 2014-11-21] (AMD) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2013-02-27] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680960 2014-10-03] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680960 2014-10-03] (Microsoft Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [705024 2010-11-20] (Microsoft Corporation) [File not signed]
R3 BITS; C:\Windows\system32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S4 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [187904 2014-07-07] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [143872 2014-07-07] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-03] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation) [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-07-18] (EasyAntiCheat Ltd)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed]
R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [1175552 2013-06-05] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [777728 2010-11-20] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\System32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-03] (Hi-Rez Studios) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2014-11-22] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [859648 2013-10-12] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\System32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) [File not signed]
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828416 2010-11-20] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2010-11-20] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2010-11-20] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2012-10-03] (Microsoft Corporation) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4340664 2012-07-15] (INCA Internet Co., Ltd.) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-02] (Electronic Arts)
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1389056 2010-11-20] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-29] ()
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [501248 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [209920 2012-05-01] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation) [File not signed]
R2 seclogon; C:\Windows\system32\seclogon.dll [30720 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\system32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S2 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [559104 2012-02-11] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed]
R3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2010-11-20] (Microsoft Corporation) [File not signed]
S4 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) [File not signed]
R3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [683520 2014-10-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2014-04-12] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [367104 2010-11-20] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [259584 2013-07-04] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [205824 2013-07-04] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444416 2010-11-20] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [351232 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2020352 2014-10-03] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1177088 2014-10-03] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\system32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2011-05-04] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2011-05-04] (Microsoft Corporation) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671000 2014-11-04] (Wacom Technology, Corp.)
S3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-28] (Microsoft Corporation) [File not signed]
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-12-23] (Wellbia.com Co., Ltd.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [497152 2014-05-30] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) [File not signed]
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [18959360 2014-11-21] (Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [589312 2014-11-21] (Advanced Micro Devices, Inc.) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2010-11-20] (Microsoft Corporation) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) [File not signed]
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-01] ()
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed]
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed]
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-05-12] () [File not signed]
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2011-02-23] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) [File not signed]
R4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2010-11-20] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-19] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-09-21] (FNet Co., Ltd.)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed]
S3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [753664 2010-11-20] (Microsoft Corporation) [File not signed]
S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) [File not signed]
R3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [14745600 2012-03-19] (Intel Corporation) [File not signed]
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-05] (Intel(R) Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-05-12] () [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2013-07-04] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [158208 2011-04-27] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [288768 2011-07-09] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [128000 2011-04-27] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2010-11-20] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [261632 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2010-11-20] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2010-11-20] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-17] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
R3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [467456 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [410112 2011-04-29] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2011-04-29] (Microsoft Corporation) [File not signed]
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-18] () [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [45568 2012-10-03] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-17] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [119296 2014-11-11] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [39936 2014-07-17] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [59392 2010-11-20] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109824 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [99840 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [53248 2013-11-27] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [343040 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-11-27] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\system32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2011-03-11] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-11-27] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2010-11-20] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-12] ()
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-26] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation) [File not signed]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-12 00:12 - 2014-12-12 00:12 - 00003069 _____ () C:\mbam.txt
2014-12-12 00:07 - 2014-12-12 00:07 - 00000762 _____ () C:\Users\Florian\Desktop\JRT.txt
2014-12-12 00:04 - 2014-12-12 00:04 - 00000000 ____D () C:\Windows\ERUNT
2014-12-12 00:00 - 2014-12-12 00:00 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-11 23:57 - 2014-12-11 23:59 - 00000000 ____D () C:\AdwCleaner
2014-12-11 23:06 - 2014-12-12 00:11 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-11 23:06 - 2014-12-11 23:06 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-11 23:06 - 2014-12-11 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-11 23:06 - 2014-12-11 23:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-11 23:06 - 2014-12-11 23:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-11 23:06 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-11 23:06 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-11 23:06 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-11 07:07 - 2014-12-11 07:07 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 02:28 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 02:28 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 02:28 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 02:28 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 02:28 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 02:28 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 02:28 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 02:28 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 02:28 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 02:28 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 00:18 - 2014-12-11 00:18 - 00031025 _____ () C:\ComboFix.txt
2014-12-11 00:06 - 2014-12-11 00:18 - 00000000 ____D () C:\ComboFix
2014-12-11 00:06 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-11 00:06 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-11 00:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-11 00:03 - 2014-12-11 00:18 - 00000000 ____D () C:\Qoobox
2014-12-11 00:03 - 2014-12-11 00:17 - 00000000 ____D () C:\Windows\erdnt
2014-12-10 23:36 - 2014-12-10 23:36 - 05600944 ____R (Swearware) C:\Users\Florian\Desktop\ComboFix.exe
2014-12-10 22:42 - 2014-12-10 22:42 - 00001264 _____ () C:\Users\Florian\Desktop\Revo Uninstaller.lnk
2014-12-10 22:42 - 2014-12-10 22:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-10 21:42 - 2014-12-12 00:17 - 00000000 ____D () C:\FRST
2014-12-10 21:40 - 2014-12-10 21:40 - 00000168 _____ () C:\Users\Florian\defogger_reenable
2014-12-10 18:51 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 18:51 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 18:51 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 18:51 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 18:51 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 18:51 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 18:51 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 18:51 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 18:51 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 18:51 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 18:51 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 18:51 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 18:51 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 18:51 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 18:51 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 18:51 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 18:51 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 18:51 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 18:51 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 18:51 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 18:51 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 18:51 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 18:51 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 18:51 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 18:51 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 18:51 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 18:51 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 18:51 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 18:51 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 18:51 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 18:51 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 18:51 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 18:51 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 18:51 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 18:51 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 18:51 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 18:51 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 18:51 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 18:51 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 18:51 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 18:51 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 18:51 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 18:51 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 18:51 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 18:51 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 18:51 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 18:51 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 18:51 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 18:51 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 18:51 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 18:51 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 18:51 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 18:51 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 18:51 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 18:51 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 18:51 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 18:51 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 18:51 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 18:51 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 18:51 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 18:51 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 18:51 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 18:51 - 2014-10-30 03:04 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-10 18:51 - 2014-10-30 02:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-10 18:51 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-12-10 18:51 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-12-10 18:48 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 18:48 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 18:48 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 18:48 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 18:48 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 18:48 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 18:48 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 18:48 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 18:48 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 18:48 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 18:48 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 18:48 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 18:48 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 18:48 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 23:44 - 2014-12-09 23:44 - 00000000 ____D () C:\ProgramData\ATI
2014-12-09 23:43 - 2014-12-09 23:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\AMD
2014-12-09 22:47 - 2014-12-09 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-12-09 22:44 - 2014-12-12 00:03 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Raptr
2014-12-09 22:44 - 2014-12-09 22:47 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-09 22:44 - 2014-12-09 22:44 - 00053736 _____ () C:\Windows\SysWOW64\CCCInstall_201412092244148767.log
2014-12-09 22:44 - 2014-12-09 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-09 22:44 - 2014-12-09 22:44 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-09 15:17 - 2014-12-09 15:18 - 00000087 _____ () C:\Users\Florian\Desktop\Neues Textdokument.txt
2014-12-09 15:11 - 2014-12-09 15:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-02 16:53 - 2014-12-02 16:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Command and Conquer 4
2014-12-02 16:53 - 2014-12-02 16:53 - 00000000 ____D () C:\Users\Florian\AppData\Local\Electronic_Arts_Inc
2014-11-30 19:07 - 2014-11-30 19:07 - 00000000 __SHD () C:\Users\Florian\AppData\Local\EmieBrowserModeList
2014-11-21 03:44 - 2014-11-21 03:44 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-11-21 03:41 - 2014-11-21 03:41 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-11-21 03:40 - 2014-11-21 03:40 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-11-21 03:33 - 2014-11-21 03:33 - 47899136 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2014-11-21 03:33 - 2014-11-21 03:33 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-11-21 03:32 - 2014-11-21 03:32 - 40987136 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-11-21 03:31 - 2014-11-21 03:31 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-21 03:31 - 2014-11-21 03:31 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-11-21 03:17 - 2014-11-21 03:17 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-11-21 03:17 - 2014-11-21 03:17 - 00631912 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-11-21 03:17 - 2014-11-21 03:17 - 00631912 _____ () C:\Windows\system32\atiapfxx.blb
2014-11-21 03:17 - 2014-11-21 03:17 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-11-21 03:17 - 2014-11-21 03:17 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-11-21 03:17 - 2014-11-21 03:17 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-11-21 03:15 - 2014-11-21 03:15 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-11-21 03:13 - 2014-11-21 03:13 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-11-21 03:13 - 2014-11-21 03:13 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-11-21 03:13 - 2014-11-21 03:13 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-11-21 03:12 - 2014-11-21 03:12 - 00774656 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-11-21 03:12 - 2014-11-21 03:12 - 00244736 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-11-21 03:12 - 2014-11-21 03:12 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-11-21 03:12 - 2014-11-21 03:12 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-11-21 03:10 - 2014-11-21 03:10 - 00843776 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-11-21 03:08 - 2014-11-21 03:08 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-11-21 03:08 - 2014-11-21 03:08 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-11-21 03:08 - 2014-11-21 03:08 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-11-20 21:36 - 2014-11-20 21:36 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-11-20 21:35 - 2014-11-20 21:35 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
2014-11-19 19:45 - 2014-11-19 19:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2014-11-19 18:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 18:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 18:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 18:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 19:27 - 2014-11-19 19:45 - 00000000 ____D () C:\Users\Florian\AppData\Local\Wacom Help
2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2014-11-17 18:52 - 2014-11-17 18:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\Wacom
2014-11-17 18:52 - 2014-11-17 18:52 - 00000000 ____D () C:\Users\Florian\.android
2014-11-17 16:45 - 2014-11-17 16:49 - 109911216 _____ () C:\Users\Florian\Downloads\WacomTablet_6.3.10w2.exe
2014-11-16 23:42 - 2014-11-16 23:42 - 01944956 _____ () C:\Users\Florian\Downloads\HoxHud P8.2 Self-installer.exe
2014-11-13 12:30 - 2014-12-10 00:04 - 00000000 ____D () C:\Users\Florian\Documents\Assassin's Creed Unity
2014-11-13 03:23 - 2014-11-13 03:23 - 06000640 _____ () C:\Program Files (x86)\GUT3116.tmp
2014-11-13 03:23 - 2014-11-13 03:23 - 00000000 ____D () C:\Program Files (x86)\GUM3115.tmp
2014-11-13 01:09 - 2014-11-13 01:09 - 00002136 _____ () C:\Users\Public\Desktop\Bernd Das Brot.lnk
2014-11-13 01:05 - 2014-11-13 01:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-11-13 01:05 - 2014-11-13 01:05 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2014-11-13 00:53 - 2014-11-13 00:53 - 10566389 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(240p_VP8-Vorbis).webm
2014-11-13 00:53 - 2014-11-13 00:53 - 07985078 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(240p_H.264-AAC).mp4
2014-11-13 00:52 - 2014-11-13 00:53 - 08282099 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(240p_H.263-MP3).flv
2014-11-13 00:52 - 2014-11-13 00:53 - 05524650 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(240p_H.264-AAC).3gp
2014-11-13 00:52 - 2014-11-13 00:52 - 01964847 _____ () C:\Users\Florian\Downloads\Eddy Grant - Electric Avenue(144p_H.264-AAC).3gp
2014-11-13 00:52 - 2014-09-15 19:21 - 00004933 _____ () C:\Users\Florian\Downloads\gns-bdbu.nfo
2014-11-13 00:52 - 2014-09-15 18:35 - 1439596544 _____ () C:\Users\Florian\Downloads\gns-bdbu.iso
2014-11-13 00:51 - 2014-11-13 00:52 - 10108501 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(720p_H.264-AAC).mp4
2014-11-13 00:50 - 2014-11-13 00:51 - 04598431 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(360p_VP8-Vorbis).webm
2014-11-13 00:50 - 2014-11-13 00:50 - 03274362 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(360p_H.264-AAC).mp4
2014-11-13 00:49 - 2014-11-13 00:52 - 62822479 _____ () C:\Users\Florian\Downloads\gns-bdbu.part14.rar
2014-11-13 00:49 - 2014-11-13 00:50 - 01619860 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(240p_H.264-AAC).3gp
2014-11-13 00:49 - 2014-11-13 00:49 - 02367605 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(240p_H.263-MP3).flv
2014-11-13 00:49 - 2014-11-13 00:49 - 00584031 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer(144p_H.264-AAC).3gp
2014-11-13 00:49 - 2014-11-13 00:49 - 00000765 _____ () C:\Users\Florian\Downloads\Bernd das Brot und die Unmöglichen - Point and Click Trailer subtitles (Deutsch).srt
2014-11-13 00:39 - 2014-11-13 00:49 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part13.rar
2014-11-13 00:39 - 2014-11-13 00:49 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part12.rar
2014-11-13 00:32 - 2014-11-13 00:39 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part11.rar
2014-11-13 00:32 - 2014-11-13 00:39 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part10.rar
2014-11-13 00:24 - 2014-11-13 00:32 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part09.rar
2014-11-13 00:24 - 2014-11-13 00:31 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part07.rar
2014-11-13 00:16 - 2014-11-13 00:24 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part08.rar
2014-11-12 23:19 - 2014-11-13 00:24 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part05.rar
2014-11-12 23:19 - 2014-11-13 00:21 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part06.rar
2014-11-12 23:10 - 2014-11-12 23:18 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part04.rar
2014-11-12 23:10 - 2014-11-12 23:17 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part03.rar
2014-11-12 21:07 - 2014-11-12 23:19 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part02.rar
2014-11-12 21:07 - 2014-11-12 23:19 - 105906176 _____ () C:\Users\Florian\Downloads\gns-bdbu.part01.rar
2014-11-12 17:31 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 17:31 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 17:31 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 17:31 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 17:31 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 17:31 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 17:31 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 17:31 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 17:31 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 17:31 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 17:31 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 17:31 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 17:31 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 17:26 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 17:26 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 17:26 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 17:26 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 17:26 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 17:26 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 17:26 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 17:26 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 17:26 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 17:26 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 17:26 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 17:26 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 17:26 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 17:26 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 17:26 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 17:26 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 17:26 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 17:26 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 17:26 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 17:01 - 2014-11-12 17:01 - 00003088 _____ () C:\Windows\System32\Tasks\{D7D5D368-F5E4-4A83-ADD2-359625E863B0}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-12 00:09 - 2012-09-22 16:30 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TS3Client
2014-12-12 00:09 - 2009-07-14 05:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-12 00:09 - 2009-07-14 05:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-12 00:06 - 2012-09-21 23:36 - 02061598 _____ () C:\Windows\WindowsUpdate.log
2014-12-12 00:05 - 2012-09-29 21:43 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashDumps
2014-12-12 00:05 - 2012-09-22 13:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-12 00:04 - 2012-12-08 14:35 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-12 00:00 - 2012-12-08 14:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-12 00:00 - 2012-09-21 23:52 - 01195880 _____ () C:\Windows\PFRO.log
2014-12-12 00:00 - 2012-09-21 23:48 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-12-12 00:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-12 00:00 - 2009-07-14 05:51 - 00110230 _____ () C:\Windows\setupact.log
2014-12-11 23:49 - 2012-12-08 14:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-11 23:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-12-11 23:45 - 2013-09-18 09:18 - 00000000 ____D () C:\Program Files (x86)\Saints Row IV
2014-12-11 23:45 - 2012-09-22 14:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-11 07:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-11 07:17 - 2013-06-18 21:00 - 00000000 ____D () C:\ProgramData\Origin
2014-12-11 07:17 - 2013-06-18 21:00 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-11 07:07 - 2014-05-07 00:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 07:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 07:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 02:32 - 2013-12-03 18:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 02:32 - 2013-08-14 15:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 02:29 - 2012-10-16 19:33 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 00:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-11 00:16 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-10 21:40 - 2012-09-21 23:37 - 00000000 ____D () C:\Users\Florian
2014-12-10 19:05 - 2012-09-22 13:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 19:05 - 2012-09-22 13:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 19:05 - 2012-09-22 13:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 00:43 - 2012-09-22 14:33 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Skype
2014-12-09 23:40 - 2012-09-22 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 22:44 - 2012-11-03 13:54 - 00000000 ____D () C:\ProgramData\AMD
2014-12-09 22:43 - 2014-09-12 16:27 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-12-09 22:43 - 2014-02-08 20:54 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-12-09 22:41 - 2014-02-08 20:58 - 00000000 ____D () C:\Program Files\AMD
2014-12-09 22:38 - 2012-09-22 14:10 - 00000000 ____D () C:\AMD
2014-12-02 05:43 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-01 21:42 - 2014-06-26 10:19 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\WTablet
2014-11-30 21:33 - 2014-08-28 13:52 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\OBS
2014-11-24 20:00 - 2014-08-28 13:52 - 00000000 ____D () C:\Program Files\OBS
2014-11-22 20:39 - 2014-03-09 15:14 - 00000000 ____D () C:\Program Files (x86)\Thief
2014-11-22 20:39 - 2014-01-17 01:58 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-11-22 20:33 - 2012-11-23 17:07 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-11-22 20:33 - 2012-09-21 23:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-21 18:46 - 2012-12-08 14:35 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 03:44 - 2013-12-06 23:04 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-11-21 03:44 - 2013-12-06 23:03 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-11-21 03:44 - 2013-12-06 23:03 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-11-21 03:44 - 2013-12-06 23:02 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-11-21 03:44 - 2013-12-06 23:01 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-11-21 03:44 - 2013-12-06 23:01 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-11-21 03:44 - 2013-12-06 23:00 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-11-21 03:44 - 2013-12-06 22:59 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-11-21 03:43 - 2013-12-06 22:59 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-11-21 03:43 - 2013-12-06 22:58 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-11-21 03:43 - 2013-12-06 22:57 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-11-21 03:43 - 2013-12-06 22:56 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-11-21 03:24 - 2013-12-06 22:16 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-11-21 03:12 - 2013-12-06 21:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-11-21 03:09 - 2013-12-06 21:22 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-11-21 03:09 - 2013-12-06 21:22 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-11-21 03:08 - 2013-12-06 21:22 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-11-19 19:44 - 2014-06-25 15:01 - 00000000 ____D () C:\Program Files\Tablet
2014-11-17 22:48 - 2014-07-09 12:41 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\DarknessII
2014-11-17 17:03 - 2014-06-25 15:02 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-11-17 17:03 - 2014-06-25 15:02 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-11-16 22:59 - 2012-12-08 14:35 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 22:59 - 2012-12-08 14:35 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 22:53 - 2009-07-14 18:58 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-11-13 22:53 - 2009-07-14 18:58 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-11-13 22:53 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 18:41 - 2014-08-18 12:40 - 00000000 ____D () C:\Users\Florian\Downloads\Gameforge Live
2014-11-13 18:41 - 2014-08-18 12:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-11-13 18:41 - 2014-08-18 12:40 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-11-13 15:53 - 2013-12-03 18:07 - 00000000 ____D () C:\Users\Florian\AppData\Local\Microsoft Help
2014-11-13 12:45 - 2012-09-29 15:15 - 00832836 _____ () C:\Windows\DirectX.log
2014-11-13 03:26 - 2009-07-14 05:45 - 05035928 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 17:01 - 2014-09-28 21:21 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-12 17:01 - 2012-09-22 14:33 - 00000000 ____D () C:\ProgramData\Skype

Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\Quarantine.exe
C:\Users\Florian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-05 16:39

==================== End Of Log ============================
--- --- ---


Nochmals vielen Dank soweit für die Hilfe!

schrauber 12.12.2014 20:08

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Schokokonfek 15.12.2014 16:02
Hallo :)
War über's Wochenende nicht da, daher die späte Rückmeldung.
Hier einmal die gewünschten logs:

ESET:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=aeaf432b32b7854c9b2620edaf9f0121
# engine=21554
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-15 01:07:21
# local_time=2014-12-15 02:07:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 91 928117 183069331 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 21421 170278691 0 0
# scanned=506155
# found=3
# cleaned=0
# scan_time=16521
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=91DC006B84C4F51ADCADC1BB498E3376FC40130E ft=1 fh=c3b5952672b90e6f vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=32D0341130D29E09CFE0A418B97C086177757093 ft=1 fh=691d8394ceae5e4a vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Florian\Downloads\RegCleaner Letzte Freeware Version - CHIP-Downloader.exe"
SecurityCheck:
Code:
Results of screen317's Security Check version 0.99.91 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Java 7 Update 51 
 Java version 32-bit out of Date!
 Adobe Flash Player 15.0.0.246 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (34.0.5)
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2014 01
Ran by Florian (administrator) on FLORIAN-PC on 15-12-2014 15:59:41
Running from C:\Users\Florian\Pictures
Loaded Profile: Florian (Available profiles: Florian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files (x86)\puush\puush.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
() C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe
() C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_246.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Florian\Pictures\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [6900024 2012-07-24] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [DeathTaker] => C:\Program Files (x86)\Genius\DeathTaker\mousehid.exe [303616 2011-10-24] ()
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\KUDOS RS Gaming Mouse\Gaming Mouse.exe [1470464 2012-02-07] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2013-11-24] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Florian\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3345558528-265229289-3903659429-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3345558528-265229289-3903659429-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3345558528-265229289-3903659429-1000 -> {00A37D74-BB30-47cd-97D0-20A6526F8C3C} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Florian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKU\S-1-5-21-3345558528-265229289-3903659429-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-09-22]
FF Extension: Adblock Plus - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-09-22]
FF Extension: Download Statusbar - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\2risl3wm.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2012-09-22]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [hoafjijdelnfbpoielcapbfeddlkohgg] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home351\ch\MediaWatchV1home351.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-10-19] (cFos Software GmbH)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-07-18] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-03] (Hi-Rez Studios) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4340664 2012-07-15] (INCA Internet Co., Ltd.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-12-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-29] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671000 2014-11-04] (Wacom Technology, Corp.)
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-12-23] (Wellbia.com Co., Ltd.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-01] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2013-05-12] () [File not signed]
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-09-19] (DT Soft Ltd)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-09-21] (FNet Co., Ltd.)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [61712 2009-05-28] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [376848 2009-05-28] (Logitech)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2013-05-12] () [File not signed]
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-18] () [File not signed]
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-12-15] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 09:28 - 2014-12-15 09:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-15 09:02 - 2014-12-15 09:02 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-12-12 00:12 - 2014-12-12 00:12 - 00003069 _____ () C:\mbam.txt
2014-12-12 00:07 - 2014-12-12 00:07 - 00000762 _____ () C:\Users\Florian\Desktop\JRT.txt
2014-12-12 00:04 - 2014-12-12 00:04 - 00000000 ____D () C:\Windows\ERUNT
2014-12-11 23:57 - 2014-12-11 23:59 - 00000000 ____D () C:\AdwCleaner
2014-12-11 23:06 - 2014-12-12 00:11 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-11 23:06 - 2014-12-11 23:06 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-11 23:06 - 2014-12-11 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-11 23:06 - 2014-12-11 23:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-11 23:06 - 2014-12-11 23:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-11 23:06 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-11 23:06 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-11 23:06 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-11 07:07 - 2014-12-11 07:07 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-11 02:28 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-11 02:28 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-11 02:28 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-11 02:28 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-11 02:28 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-11 02:28 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-11 02:28 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-11 02:28 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-11 02:28 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-11 02:28 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 00:18 - 2014-12-11 00:18 - 00031025 _____ () C:\ComboFix.txt
2014-12-11 00:06 - 2014-12-11 00:18 - 00000000 ____D () C:\ComboFix
2014-12-11 00:06 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-11 00:06 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-11 00:06 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-11 00:06 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-11 00:03 - 2014-12-11 00:18 - 00000000 ____D () C:\Qoobox
2014-12-11 00:03 - 2014-12-11 00:17 - 00000000 ____D () C:\Windows\erdnt
2014-12-10 23:36 - 2014-12-10 23:36 - 05600944 ____R (Swearware) C:\Users\Florian\Desktop\ComboFix.exe
2014-12-10 22:42 - 2014-12-10 22:42 - 00001264 _____ () C:\Users\Florian\Desktop\Revo Uninstaller.lnk
2014-12-10 22:42 - 2014-12-10 22:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-10 21:42 - 2014-12-15 15:59 - 00000000 ____D () C:\FRST
2014-12-10 21:40 - 2014-12-10 21:40 - 00000168 _____ () C:\Users\Florian\defogger_reenable
2014-12-10 18:51 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 18:51 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 18:51 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 18:51 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 18:51 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 18:51 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 18:51 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 18:51 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 18:51 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 18:51 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 18:51 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 18:51 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 18:51 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 18:51 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 18:51 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 18:51 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 18:51 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 18:51 - 2014-11-22 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 18:51 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 18:51 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 18:51 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 18:51 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 18:51 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 18:51 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 18:51 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 18:51 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 18:51 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 18:51 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 18:51 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 18:51 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 18:51 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 18:51 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 18:51 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 18:51 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 18:51 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 18:51 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 18:51 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 18:51 - 2014-11-22 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 18:51 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 18:51 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 18:51 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 18:51 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 18:51 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 18:51 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 18:51 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 18:51 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 18:51 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 18:51 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 18:51 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 18:51 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 18:51 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 18:51 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 18:51 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 18:51 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 18:51 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 18:51 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 18:51 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 18:51 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 18:51 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 18:51 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 18:51 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 18:51 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 18:51 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 18:48 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 18:48 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 18:48 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 18:48 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 18:48 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 18:48 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 18:48 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 18:48 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 18:48 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 18:48 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 18:48 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 18:48 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 18:48 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 18:48 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 23:44 - 2014-12-09 23:44 - 00000000 ____D () C:\ProgramData\ATI
2014-12-09 23:43 - 2014-12-09 23:43 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\AMD
2014-12-09 22:47 - 2014-12-09 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-12-09 22:44 - 2014-12-15 13:04 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Raptr
2014-12-09 22:44 - 2014-12-09 22:47 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-09 22:44 - 2014-12-09 22:44 - 00053736 _____ () C:\Windows\SysWOW64\CCCInstall_201412092244148767.log
2014-12-09 22:44 - 2014-12-09 22:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-12-09 22:44 - 2014-12-09 22:44 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-12-09 15:17 - 2014-12-09 15:18 - 00000087 _____ () C:\Users\Florian\Desktop\Neues Textdokument.txt
2014-12-09 15:11 - 2014-12-09 15:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-02 16:53 - 2014-12-02 16:55 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Command and Conquer 4
2014-12-02 16:53 - 2014-12-02 16:53 - 00000000 ____D () C:\Users\Florian\AppData\Local\Electronic_Arts_Inc
2014-11-30 19:07 - 2014-11-30 19:07 - 00000000 __SHD () C:\Users\Florian\AppData\Local\EmieBrowserModeList
2014-11-21 03:44 - 2014-11-21 03:44 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-11-21 03:44 - 2014-11-21 03:44 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-11-21 03:41 - 2014-11-21 03:41 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-11-21 03:40 - 2014-11-21 03:40 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-11-21 03:33 - 2014-11-21 03:33 - 47899136 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2014-11-21 03:33 - 2014-11-21 03:33 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-11-21 03:33 - 2014-11-21 03:33 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-11-21 03:32 - 2014-11-21 03:32 - 40987136 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-11-21 03:31 - 2014-11-21 03:31 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-11-21 03:31 - 2014-11-21 03:31 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-11-21 03:19 - 2014-11-21 03:19 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-11-21 03:18 - 2014-11-21 03:18 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-11-21 03:17 - 2014-11-21 03:17 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-11-21 03:17 - 2014-11-21 03:17 - 00631912 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-11-21 03:17 - 2014-11-21 03:17 - 00631912 _____ () C:\Windows\system32\atiapfxx.blb
2014-11-21 03:17 - 2014-11-21 03:17 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-11-21 03:17 - 2014-11-21 03:17 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-11-21 03:17 - 2014-11-21 03:17 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-11-21 03:16 - 2014-11-21 03:16 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-11-21 03:15 - 2014-11-21 03:15 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-11-21 03:13 - 2014-11-21 03:13 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-11-21 03:13 - 2014-11-21 03:13 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-11-21 03:13 - 2014-11-21 03:13 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-11-21 03:12 - 2014-11-21 03:12 - 00774656 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-11-21 03:12 - 2014-11-21 03:12 - 00244736 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-11-21 03:12 - 2014-11-21 03:12 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-11-21 03:12 - 2014-11-21 03:12 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-11-21 03:10 - 2014-11-21 03:10 - 00843776 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-11-21 03:09 - 2014-11-21 03:09 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-11-21 03:08 - 2014-11-21 03:08 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-11-21 03:08 - 2014-11-21 03:08 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-11-21 03:08 - 2014-11-21 03:08 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-11-20 21:36 - 2014-11-20 21:36 - 00051200 _____ () C:\Windows\system32\kdbsdk64.dll
2014-11-20 21:35 - 2014-11-20 21:35 - 00038912 _____ () C:\Windows\SysWOW64\kdbsdk32.dll
2014-11-19 19:45 - 2014-11-19 19:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2014-11-19 18:41 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 18:41 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 18:41 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 18:41 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 19:27 - 2014-11-19 19:45 - 00000000 ____D () C:\Users\Florian\AppData\Local\Wacom Help
2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2014-11-17 18:52 - 2014-11-17 18:52 - 00000000 ____D () C:\Users\Florian\AppData\Local\Wacom
2014-11-17 18:52 - 2014-11-17 18:52 - 00000000 ____D () C:\Users\Florian\.android
2014-11-17 16:45 - 2014-11-17 16:49 - 109911216 _____ () C:\Users\Florian\Downloads\WacomTablet_6.3.10w2.exe
2014-11-16 23:42 - 2014-11-16 23:42 - 01944956 _____ () C:\Users\Florian\Downloads\HoxHud P8.2 Self-installer.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-15 15:58 - 2012-09-22 14:33 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\Skype
2014-12-15 15:31 - 2012-09-22 16:30 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\TS3Client
2014-12-15 15:05 - 2012-09-22 13:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-15 15:04 - 2012-12-08 14:35 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-15 14:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-15 11:26 - 2012-09-22 14:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-15 10:53 - 2012-09-21 23:36 - 01093189 _____ () C:\Windows\WindowsUpdate.log
2014-12-15 09:55 - 2014-11-13 12:30 - 00000000 ____D () C:\Users\Florian\Documents\Assassin's Creed Unity
2014-12-15 09:11 - 2009-07-14 05:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-15 09:11 - 2009-07-14 05:45 - 00022432 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-15 09:03 - 2012-12-08 14:35 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-15 09:02 - 2012-09-21 23:48 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-12-15 08:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-15 08:59 - 2009-07-14 05:51 - 00110342 _____ () C:\Windows\setupact.log
2014-12-15 08:58 - 2012-09-21 23:52 - 01196548 _____ () C:\Windows\PFRO.log
2014-12-12 10:04 - 2012-12-08 14:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-12 01:24 - 2013-04-13 18:35 - 00000000 ____D () C:\Users\Florian\AppData\Local\Skyrim
2014-12-12 00:05 - 2012-09-29 21:43 - 00000000 ____D () C:\Users\Florian\AppData\Local\CrashDumps
2014-12-11 23:46 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Help
2014-12-11 23:45 - 2013-09-18 09:18 - 00000000 ____D () C:\Program Files (x86)\Saints Row IV
2014-12-11 07:17 - 2013-06-18 21:00 - 00000000 ____D () C:\ProgramData\Origin
2014-12-11 07:17 - 2013-06-18 21:00 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-11 07:07 - 2014-05-07 00:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-11 07:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-11 07:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-11 02:32 - 2013-12-03 18:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 02:32 - 2013-08-14 15:47 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 02:29 - 2012-10-16 19:33 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 00:18 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-12-11 00:16 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-10 21:40 - 2012-09-21 23:37 - 00000000 ____D () C:\Users\Florian
2014-12-10 19:05 - 2012-09-22 13:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 19:05 - 2012-09-22 13:45 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 19:05 - 2012-09-22 13:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 23:40 - 2012-09-22 13:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 22:44 - 2012-11-03 13:54 - 00000000 ____D () C:\ProgramData\AMD
2014-12-09 22:43 - 2014-09-12 16:27 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-12-09 22:43 - 2014-02-08 20:54 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-12-09 22:41 - 2014-02-08 20:58 - 00000000 ____D () C:\Program Files\AMD
2014-12-09 22:38 - 2012-09-22 14:10 - 00000000 ____D () C:\AMD
2014-12-02 05:43 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-01 21:42 - 2014-06-26 10:19 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\WTablet
2014-11-30 21:33 - 2014-08-28 13:52 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\OBS
2014-11-24 20:00 - 2014-08-28 13:52 - 00000000 ____D () C:\Program Files\OBS
2014-11-22 20:39 - 2014-03-09 15:14 - 00000000 ____D () C:\Program Files (x86)\Thief
2014-11-22 20:39 - 2014-01-17 01:58 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-11-22 20:33 - 2012-11-23 17:07 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-11-22 20:33 - 2012-09-21 23:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-21 18:46 - 2012-12-08 14:35 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-21 03:44 - 2013-12-06 23:04 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-11-21 03:44 - 2013-12-06 23:03 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-11-21 03:44 - 2013-12-06 23:03 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-11-21 03:44 - 2013-12-06 23:02 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-11-21 03:44 - 2013-12-06 23:01 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-11-21 03:44 - 2013-12-06 23:01 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-11-21 03:44 - 2013-12-06 23:00 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-11-21 03:44 - 2013-12-06 22:59 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-11-21 03:43 - 2013-12-06 22:59 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-11-21 03:43 - 2013-12-06 22:58 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-11-21 03:43 - 2013-12-06 22:57 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-11-21 03:43 - 2013-12-06 22:56 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-11-21 03:24 - 2013-12-06 22:16 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-11-21 03:12 - 2013-12-06 21:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-11-21 03:09 - 2013-12-06 21:22 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-11-21 03:09 - 2013-12-06 21:22 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-11-21 03:08 - 2013-12-06 21:22 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-11-19 19:44 - 2014-06-25 15:01 - 00000000 ____D () C:\Program Files\Tablet
2014-11-17 22:48 - 2014-07-09 12:41 - 00000000 ____D () C:\Users\Florian\AppData\Roaming\DarknessII
2014-11-17 17:03 - 2014-06-25 15:02 - 00000000 ____D () C:\Program Files\TabletPlugins
2014-11-17 17:03 - 2014-06-25 15:02 - 00000000 ____D () C:\Program Files (x86)\TabletPlugins
2014-11-16 22:59 - 2012-12-08 14:35 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 22:59 - 2012-12-08 14:35 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Florian\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Florian\AppData\Local\Temp\Quarantine.exe
C:\Users\Florian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 14:46

==================== End Of Log ============================
--- --- ---


Soweit gibt es glaube ich keine Fragen meiner seits.
Auf jeden Fall nochmal ein großes Danke für die schnelle und gute Unterstützung!

schrauber 15.12.2014 21:05
Java und ADobe updaten.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Schokokonfek 15.12.2014 23:16
Hier nochmal das angeforderte logfile:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2014 01
Ran by Florian at 2014-12-15 22:14:08 Run:1
Running from C:\Users\Florian\Pictures
Loaded Profile: Florian (Available profiles: Florian)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Emptytemp:
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
EmptyTemp: => Removed 658.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====
An der Stelle noch einmal einen Riesendank für die zielführende und schnelle Hilfe!
War sogar noch besser als mir erzählt wurde.
Werde das Forum auf jeden Fall weiterempfehlen!
Fragen gibt es keine mehr, in dem Sinne also noch einen guten Abend :)

schrauber 16.12.2014 21:23
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:55 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27