Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internet Langsam ! (https://www.trojaner-board.de/164828-internet-langsam.html)

zelfoxx 07.03.2015 19:25
Internet Langsam !
 
Ich weiß nicht ob das hier ins Forum gehört, aber mein Internet ist um einiges langsamer als früher.
Ich habe den 3Webcube, eine Netzwerkauslastung von höchstens 2% und eine Downloadgeschwindigkeit von ca. 200KB/s (früher eben 2MB/s)...
Der Speedtest sagt ich hätte eine Downloadgeschwindigkeit von 20Mbps (hxxp://www.speedtest.net/my-result/4196307058).
Am Anfang von einem Download ist es immer zuerst auf ca. 600KB/s dann geht es halt runter auf 200.

Hier FRST.txt falls das nötig ist...

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2015 01
Ran by David (administrator) on DAVID-ACER on 07-03-2015 19:24:43
Running from C:\Users\David\Desktop\Desktop\#ANTI\FRST
Loaded Profiles: UpdatusUser & David (Available profiles: UpdatusUser & David & user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Malwarebytes Corporation) C:\Users\David\Desktop\Desktop\#ANTI\mbam\mbamscheduler.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {1fd2defc-0fd9-11e3-b382-dc0ea11d82fe} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {2812e136-d586-11e2-bdb6-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {3f0b6f0b-c1fe-11e2-8ca3-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {ae06f47d-bfea-11e2-9e09-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MountPoints2: {ae06f48a-bfea-11e2-9e09-dc0ea11d82fe} - E:\AutoRun.exe
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119776&tt=gc_&babsrc=SP_ss&mntrId=8A9B64273717AA4B
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldmsd&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtCtC0DzztB0F0E0CyD0CtDtN0D0Tzu0CyCyDyBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=1421656380&ir=
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3054224013274139&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-12-02] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-12-09] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-01-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2014-11-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-03-03] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2014-08-12] (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-12-09] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-01-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-03] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-09-02] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-04-24] (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Homepage: about:home|hxxp://www.giga.de/androidnews/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-03] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-11-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-01-21] (Nexon)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-07-23] (Nullsoft, Inc.)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [2014-08-12] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3466399659-1618858318-3356278196-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\David\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-03-23] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3466399659-1618858318-3356278196-1001: RSATom.name/FBVLC -> C:\Users\David\AppData\Roaming\RSATom\FBVLC\0.1.5\npFBVLC.dll [2014-06-24] (RSATom)
FF Plugin HKU\S-1-5-21-3466399659-1618858318-3356278196-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF SearchPlugin: C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\searchplugins\google-avast.xml [2015-01-16]
FF Extension: Amazon-Icon - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\Extensions\amazon-icon@giga.de [2015-03-03]
FF Extension: Deutsch (DE) Language Pack - C:\Users\David\AppData\Roaming\Mozilla\Firefox\Profiles\3cglpxv0.default-1388087379042\Extensions\langpack-de@firefox.mozilla.org.xpi [2013-12-26]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2011-10-14]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-02-05]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-27]

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "https://www.google.at/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-30]
CHR Extension: (Angry Birds) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2015-01-22]
CHR Extension: (TooManyTabs for Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\amigcgbheognjmfkaieeeadojiibgbdp [2014-12-30]
CHR Extension: (Google Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-30]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-30]
CHR Extension: (WOT) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-01-15]
CHR Extension: (MEGA) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-01-27]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-30]
CHR Extension: (GMX MailCheck) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2014-12-30]
CHR Extension: (Adblock Plus) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-24]
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-30]
CHR Extension: (New XCommander) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dppefdlohekfhjenppnpjekkjjgndhdf [2015-01-22]
CHR Extension: (Video Downloader professional) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-12-30]
CHR Extension: (SourceApp) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\emjdoighohhleflhefimdfogegglfjac [2015-01-23]
CHR Extension: (core) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoojmkkmhoffbpikgbfljmbbhdpjjcc [2015-01-22]
CHR Extension: (Google Sheets) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-30]
CHR Extension: (Stylish) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2014-12-30]
CHR Extension: (Click&Clean) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-12-30]
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-30]
CHR Extension: (Audio EQ) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfafdlnjaliaghpjdajmlcnnblkgcefh [2014-12-30]
CHR Extension: (FVD Downloader) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-12-30]
CHR Extension: (RenameTab) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkailnbloeepkajmoblllhhhckpbbncg [2014-12-30]
CHR Extension: (Outlook.com Notifier) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkmomflkhdooajekmffpilpoenndjppk [2015-02-26]
CHR Extension: (Snake) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlijpphckdfkmcjclnimmbknefojcaol [2015-01-22]
CHR Extension: (Virus Vector) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nholabkppdbadpaompfailabppelokbp [2015-01-22]
CHR Extension: (Snake Chase) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlhkemgimhgncfjfgleaedgfnpjfblkd [2015-01-22]
CHR Extension: (MuteTab) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkbaaijgpppbokgnhhoakihofedkgcc [2014-12-30]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-30]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2015-02-25]
CHR Extension: (Flappy Bird Multiplayer) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgakgekjgecokngbbipojokipokkjho [2015-01-22]
CHR Extension: (New Free Doom Game ) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkolfeokbehjdhofgpifmiimklnnjkm [2015-01-22]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-30]
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-30]
CHR Extension: (Google Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-30]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-30]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-30]
CHR Extension: (Google Search) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-30]
CHR Extension: (Google Sheets) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-30]
CHR Extension: (Avast Online Security) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-30]
CHR Extension: (Google Wallet) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-30]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
S4 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-08-12] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-09] (Avast Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-01-20] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-13] (Microsoft Corporation)
R2 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 MBAMScheduler; C:\Users\David\Desktop\Desktop\#ANTI\mbam\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Users\David\Desktop\Desktop\#ANTI\mbam\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-04] ()
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [316416 2014-04-19] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.)
S4 Hamachi2Svc; "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-09] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-09-22] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [115472 2014-01-20] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-04-19] (DT Soft Ltd)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [71400 2014-11-13] (Zemana Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-30] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 ser2at; C:\Windows\System32\DRIVERS\ser2at64.sys [96256 2009-10-15] (ATEN)
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-19] () [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-09] (Avast Software)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\David\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-07 19:09 - 2015-03-07 19:09 - 00000197 _____ () C:\Windows\system32\2015-03-07-18-09-10.077-AvastVBoxSVC.exe-3128.log
2015-03-07 19:05 - 2015-03-07 19:05 - 00000056 _____ () C:\Windows\setupact.log
2015-03-07 19:05 - 2015-03-07 19:05 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-07 19:04 - 2015-03-07 19:06 - 05126096 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-07 19:03 - 2015-03-07 19:03 - 00005888 _____ () C:\Windows\PFRO.log
2015-03-07 18:58 - 2015-03-07 18:59 - 1038090240 _____ () C:\Users\David\Downloads\IGG-TrackMania.2.Canyon.part1.rar
2015-03-07 18:30 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-07 18:30 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-03-07 18:29 - 2015-03-07 18:29 - 02126848 _____ () C:\Users\David\Downloads\adwcleaner_4.111.exe
2015-03-07 18:22 - 2015-03-07 18:23 - 05325696 _____ (Piriform Ltd) C:\Users\David\Downloads\ccsetup503.exe
2015-03-07 18:18 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-07 18:18 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-07 18:18 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-07 18:18 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-07 18:18 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-07 18:18 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-07 18:18 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-07 18:18 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-03-07 18:18 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-07 18:18 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-07 18:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-07 18:18 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-07 18:18 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-07 18:18 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-07 18:18 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-07 18:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-07 18:18 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-07 18:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-07 18:18 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-07 18:18 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-07 18:18 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-07 18:18 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-07 18:18 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-07 18:18 - 2015-01-12 03:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-07 18:18 - 2015-01-12 03:32 - 06041088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-07 18:18 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-07 18:18 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-07 18:18 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-07 18:18 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-07 18:18 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-07 18:18 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-07 18:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-07 18:18 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-07 18:18 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-07 18:18 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-07 18:18 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-07 18:18 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-07 18:18 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-07 18:18 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-07 18:18 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-07 18:18 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-07 18:18 - 2015-01-12 02:55 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-07 18:18 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-07 18:18 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-07 18:18 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-07 18:18 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-07 18:18 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-07 18:18 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-07 18:18 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-07 18:18 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-07 18:18 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-07 18:18 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-07 18:18 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-07 18:18 - 2015-01-12 02:29 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-07 18:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-07 18:18 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-07 18:18 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-07 18:18 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-07 18:18 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-07 18:18 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-07 18:18 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-07 18:18 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-07 18:18 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-07 18:18 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-07 18:18 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-07 18:18 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-07 18:18 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-07 18:18 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-07 18:18 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-07 18:18 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-07 18:18 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-07 18:18 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-07 18:18 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-07 18:18 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-07 18:18 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-07 18:18 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-07 18:18 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-07 18:18 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-07 18:18 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-03-07 18:18 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-03-07 18:17 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-07 18:17 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-07 18:17 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-07 18:17 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-07 18:17 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-07 18:17 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-07 18:17 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-07 18:17 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-07 18:17 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-07 18:17 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-07 18:17 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-07 18:17 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-07 18:17 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-07 18:17 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-07 18:17 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-07 18:17 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-07 18:17 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-07 18:17 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-07 18:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-07 18:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-07 18:17 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-07 18:17 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-07 18:17 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-07 18:17 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-07 18:17 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-07 18:17 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-07 18:17 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-03-07 18:17 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-07 18:17 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-07 18:17 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-07 18:17 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-07 18:16 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-07 18:16 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-07 18:16 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-07 18:16 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-07 18:16 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-07 18:16 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-07 18:16 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-07 18:13 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-07 17:20 - 2015-03-07 17:20 - 00000197 _____ () C:\Windows\system32\2015-03-07-16-20-08.037-AvastVBoxSVC.exe-3304.log
2015-03-06 16:20 - 2015-03-06 16:20 - 00000197 _____ () C:\Windows\system32\2015-03-06-15-20-12.046-AvastVBoxSVC.exe-5316.log
2015-03-05 20:56 - 2015-03-05 20:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FunnyGames
2015-03-05 20:56 - 2015-03-05 20:56 - 00000000 ____D () C:\Users\David\AppData\Roaming\FunnyGames
2015-03-05 20:56 - 2015-03-05 20:56 - 00000000 ____D () C:\Users\David\AppData\Local\FunnyGames
2015-03-05 20:35 - 2015-03-05 20:35 - 00000197 _____ () C:\Windows\system32\2015-03-05-19-35-40.087-AvastVBoxSVC.exe-5292.log
2015-03-04 19:08 - 2015-03-04 19:08 - 00000197 _____ () C:\Windows\system32\2015-03-04-18-08-31.084-AvastVBoxSVC.exe-5056.log
2015-03-04 15:07 - 2015-03-04 15:07 - 00000197 _____ () C:\Windows\system32\2015-03-04-14-07-18.087-AvastVBoxSVC.exe-4376.log
2015-03-04 13:18 - 2015-03-04 13:18 - 00000197 _____ () C:\Windows\system32\2015-03-04-12-18-44.018-AvastVBoxSVC.exe-1040.log
2015-03-04 10:41 - 2015-03-04 10:41 - 00000197 _____ () C:\Windows\system32\2015-03-04-09-41-49.046-AvastVBoxSVC.exe-4488.log
2015-03-03 18:05 - 2015-03-03 18:05 - 00001897 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Goodbye New World.lnk
2015-03-03 18:03 - 2015-03-03 18:03 - 00000000 ____D () C:\UDK
2015-03-03 18:00 - 2015-03-03 18:00 - 00000000 ____D () C:\ProgramData\Sun
2015-03-03 17:13 - 2015-03-03 17:13 - 00000000 ____D () C:\Users\David\AppData\Local\Tempa66f921a445fdd3335fb31e778344da0__
2015-03-03 17:09 - 2015-03-03 17:09 - 00000000 ____D () C:\Users\David\AppData\Local\Tempa66f921a445fdd3335fb31e778344da0_
2015-03-03 16:46 - 2015-03-03 16:46 - 00000197 _____ () C:\Windows\system32\2015-03-03-15-46-55.088-AvastVBoxSVC.exe-3624.log
2015-03-03 14:32 - 2015-03-03 14:32 - 00000197 _____ () C:\Windows\system32\2015-03-03-13-32-23.024-AvastVBoxSVC.exe-2580.log
2015-03-03 08:45 - 2015-03-03 08:45 - 00000197 _____ () C:\Windows\system32\2015-03-03-07-45-04.032-AvastVBoxSVC.exe-5052.log
2015-03-02 16:32 - 2015-03-02 16:32 - 00000197 _____ () C:\Windows\system32\2015-03-02-15-32-59.080-AvastVBoxSVC.exe-3772.log
2015-03-02 15:58 - 2015-03-02 15:58 - 00000000 ____D () C:\Users\David\Documents\Freemake
2015-03-02 15:58 - 2015-03-02 15:58 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2015-03-02 15:58 - 2015-03-02 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-03-02 15:58 - 2015-03-02 15:58 - 00000000 ____D () C:\ProgramData\Freemake
2015-03-02 15:57 - 2015-03-02 15:58 - 00000000 ____D () C:\Program Files (x86)\Freemake
2015-03-02 15:57 - 2015-03-02 15:57 - 00000000 ____D () C:\Users\David\Documents\Any Video Converter
2015-03-02 15:57 - 2015-03-02 15:57 - 00000000 ____D () C:\Users\David\AppData\Roaming\Anvsoft
2015-03-02 15:52 - 2015-03-02 15:52 - 00000197 _____ () C:\Windows\system32\2015-03-02-14-52-06.065-AvastVBoxSVC.exe-5012.log
2015-03-02 13:54 - 2015-03-02 13:54 - 00000197 _____ () C:\Windows\system32\2015-03-02-12-54-29.032-AvastVBoxSVC.exe-4508.log
2015-02-27 21:15 - 2015-02-27 21:15 - 00000197 _____ () C:\Windows\system32\2015-02-27-20-15-36.078-AvastVBoxSVC.exe-6548.log
2015-02-26 18:10 - 2015-02-26 18:10 - 00000197 _____ () C:\Windows\system32\2015-02-26-17-10-32.038-AvastVBoxSVC.exe-3376.log
2015-02-26 12:05 - 2015-02-26 12:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-02-26 12:05 - 2015-02-26 12:05 - 00000000 ____D () C:\Users\David\AppData\Roaming\IrfanView
2015-02-26 12:05 - 2015-02-26 12:05 - 00000000 ____D () C:\Program Files (x86)\IrfanView
2015-02-26 11:59 - 2015-02-26 11:59 - 00000000 ____D () C:\Users\David\AppData\Local\{66EBB977-94F0-40A0-A252-B8B64DBD858E}
2015-02-26 11:46 - 2015-02-26 11:46 - 00000197 _____ () C:\Windows\system32\2015-02-26-10-46-33.048-AvastVBoxSVC.exe-4516.log
2015-02-25 19:06 - 2015-02-25 19:06 - 00000197 _____ () C:\Windows\system32\2015-02-25-18-06-51.022-AvastVBoxSVC.exe-2240.log
2015-02-24 14:59 - 2015-02-24 14:59 - 00000197 _____ () C:\Windows\system32\2015-02-24-13-59-17.052-AvastVBoxSVC.exe-5548.log
2015-02-22 18:50 - 2015-02-22 18:50 - 00000197 _____ () C:\Windows\system32\2015-02-22-17-50-38.006-AvastVBoxSVC.exe-3296.log
2015-02-22 12:39 - 2015-02-22 12:39 - 00000000 ____D () C:\Program Files (x86)\PDF Image Extraction Wizard 1.2
2015-02-22 12:13 - 2015-03-02 15:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft
2015-02-22 12:13 - 2015-03-02 15:57 - 00000000 ____D () C:\Program Files (x86)\AnvSoft
2015-02-22 12:13 - 2015-02-22 12:13 - 00000000 ____D () C:\Users\David\Documents\Anvsoft
2015-02-22 12:13 - 2015-02-22 12:13 - 00000000 ____D () C:\Users\David\AppData\Roaming\AnvsoftPdfTools
2015-02-22 11:53 - 2015-02-22 11:54 - 00000000 ____D () C:\Users\David\AppData\Local\GrowHome
2015-02-22 11:36 - 2015-02-22 11:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FM Software Studio
2015-02-22 11:36 - 2015-02-22 11:36 - 00000000 ____D () C:\Program Files (x86)\FM Software Studio
2015-02-22 10:54 - 2015-02-22 10:54 - 00000000 ____D () C:\Program Files (x86)\Continue 9876543210
2015-02-22 10:42 - 2015-02-22 10:43 - 00000197 _____ () C:\Windows\system32\2015-02-22-09-42-34.031-AvastVBoxSVC.exe-4976.log
2015-02-13 13:38 - 2015-02-13 13:38 - 00000197 _____ () C:\Windows\system32\2015-02-13-12-38-10.010-AvastVBoxSVC.exe-5208.log
2015-02-12 20:33 - 2015-02-12 20:33 - 00000000 ____D () C:\Users\David\AppData\Local\2K Games
2015-02-12 20:23 - 2015-02-12 20:23 - 00000197 _____ () C:\Windows\system32\2015-02-12-19-23-19.080-AvastVBoxSVC.exe-5548.log
2015-02-12 11:37 - 2015-02-12 11:37 - 00000197 _____ () C:\Windows\system32\2015-02-12-10-37-04.089-AvastVBoxSVC.exe-2660.log
2015-02-11 17:30 - 2015-02-11 17:30 - 00000197 _____ () C:\Windows\system32\2015-02-11-16-30-37.002-AvastVBoxSVC.exe-3760.log
2015-02-11 16:57 - 2015-02-11 16:57 - 00000197 _____ () C:\Windows\system32\2015-02-11-15-57-25.082-AvastVBoxSVC.exe-4448.log
2015-02-11 16:48 - 2015-03-07 19:02 - 00000000 ____D () C:\AdwCleaner
2015-02-11 16:27 - 2015-02-11 16:27 - 00000197 _____ () C:\Windows\system32\2015-02-11-15-27-00.035-AvastVBoxSVC.exe-7036.log
2015-02-11 15:20 - 2015-02-11 15:22 - 00000000 ____D () C:\Users\David\Documents\maya
2015-02-11 15:06 - 2015-02-11 15:06 - 00000197 _____ () C:\Windows\system32\2015-02-11-14-06-46.067-AvastVBoxSVC.exe-5444.log
2015-02-10 18:44 - 2015-02-10 18:44 - 00000000 ____D () C:\Users\David\AppData\Local\{2C67D7B0-F8C0-4BB1-A40E-9D142CBBBFD0}
2015-02-10 18:23 - 2015-02-10 18:23 - 00000247 _____ () C:\Windows\system32\2015-02-10-17-23-05.015-aswFe.exe-3544.log
2015-02-10 18:14 - 2015-02-10 18:14 - 00000000 ____D () C:\Users\David\AppData\Local\open3mod
2015-02-10 18:14 - 2015-02-10 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open3mod
2015-02-10 18:14 - 2015-02-10 18:14 - 00000000 ____D () C:\Program Files (x86)\open3mod
2015-02-10 18:04 - 2015-02-10 18:22 - 00000247 _____ () C:\Windows\system32\2015-02-10-17-04-00.016-aswFe.exe-7088.log
2015-02-10 18:03 - 2015-02-10 18:03 - 00000197 _____ () C:\Windows\system32\2015-02-10-17-03-22.086-AvastVBoxSVC.exe-6228.log
2015-02-10 17:49 - 2015-02-10 17:50 - 00000197 _____ () C:\Windows\system32\2015-02-10-16-49-43.063-AvastVBoxSVC.exe-3460.log
2015-02-07 18:05 - 2015-02-07 18:05 - 00000000 ____D () C:\Users\David\AppData\Local\Campbell Wild
2015-02-07 18:05 - 2015-02-07 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ADRIFT
2015-02-07 18:05 - 2015-02-07 18:05 - 00000000 ____D () C:\Program Files (x86)\ADRIFT
2015-02-07 17:29 - 2015-02-07 17:29 - 00000000 ____D () C:\Program Files (x86)\Black_Box
2015-02-07 13:50 - 2015-02-07 13:50 - 00000000 ____D () C:\Users\David\Downloads\Neuer Ordner
2015-02-07 12:53 - 2015-02-07 12:53 - 00000197 _____ () C:\Windows\system32\2015-02-07-11-53-48.078-AvastVBoxSVC.exe-3496.log
2015-02-05 19:58 - 2015-02-05 19:58 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-02-05 19:55 - 2015-02-05 19:55 - 00000000 ____D () C:\Program Files\Autodesk
2015-02-05 19:52 - 2015-02-11 15:20 - 00000000 ____D () C:\Users\David\AppData\Local\Autodesk
2015-02-05 19:52 - 2015-02-05 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-02-05 19:52 - 2015-02-05 19:55 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-02-05 19:52 - 2015-02-05 19:52 - 00000000 ____D () C:\Users\David\Documents\Autodesk Application Manager
2015-02-05 19:45 - 2015-02-11 15:20 - 00000000 ____D () C:\Users\David\AppData\Roaming\Autodesk
2015-02-05 19:45 - 2015-02-11 15:20 - 00000000 ____D () C:\ProgramData\Autodesk
2015-02-05 19:37 - 2015-02-05 19:37 - 00000000 ____D () C:\Users\David\Documents\BeamNG.drive
2015-02-05 18:12 - 2015-02-05 18:12 - 00000000 ____D () C:\Users\David\Documents\makehuman
2015-02-05 17:52 - 2015-02-05 17:52 - 00000197 _____ () C:\Windows\system32\2015-02-05-16-52-00.087-AvastVBoxSVC.exe-3560.log
2015-02-05 11:29 - 2015-02-05 11:29 - 00000197 _____ () C:\Windows\system32\2015-02-05-10-29-13.068-AvastVBoxSVC.exe-4940.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-07 19:24 - 2015-01-10 10:56 - 00000000 ____D () C:\FRST
2015-03-07 19:15 - 2013-09-04 16:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-07 19:15 - 2012-07-24 15:06 - 00000000 ____D () C:\ProgramData\clear.fi
2015-03-07 19:14 - 2013-09-04 16:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-07 19:12 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-07 19:12 - 2009-07-14 05:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-07 19:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-07 19:03 - 2015-01-15 22:07 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-07 19:03 - 2014-09-16 19:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-07 19:02 - 2014-06-04 18:09 - 01561734 _____ () C:\Windows\WindowsUpdate.log
2015-03-07 18:52 - 2014-03-16 17:05 - 00000000 ____D () C:\Users\David\Documents\TrackMania
2015-03-07 18:43 - 2014-03-16 17:14 - 00000000 ____D () C:\ProgramData\TrackMania
2015-03-07 18:35 - 2014-12-08 17:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-07 18:29 - 2012-07-23 15:20 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-07 18:27 - 2014-07-09 16:56 - 00000000 ____D () C:\Users\David\AppData\Local\CrashDumps
2015-03-07 18:26 - 2013-02-05 20:18 - 00003624 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart 5510 series
2015-03-07 18:23 - 2013-09-04 16:21 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-07 18:00 - 2015-01-19 20:08 - 00000492 _____ () C:\Windows\Tasks\SpeedyPC Registration3.job
2015-03-04 19:07 - 2014-05-27 17:19 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-03 18:00 - 2014-07-27 10:31 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-03 17:59 - 2012-08-27 18:07 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-03 17:09 - 2015-01-11 17:20 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-03-02 16:47 - 2014-09-27 15:49 - 00366592 ___SH () C:\Users\David\Desktop\Thumbs.db
2015-03-02 16:43 - 2012-08-27 18:16 - 00000000 ____D () C:\Users\David\AppData\Roaming\vlc
2015-03-02 15:53 - 2014-06-10 06:39 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-03-02 14:23 - 2011-12-16 13:26 - 00701576 _____ () C:\Windows\system32\perfh007.dat
2015-03-02 14:23 - 2011-12-16 13:26 - 00150444 _____ () C:\Windows\system32\perfc007.dat
2015-03-02 14:23 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-26 19:15 - 2014-11-11 12:11 - 00000000 ____D () C:\Program Files (x86)\osu!
2015-02-26 11:46 - 2014-09-02 14:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-02-24 19:10 - 2013-10-12 17:31 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-24 19:10 - 2013-05-21 11:23 - 00000000 ____D () C:\Users\David\AppData\Roaming\uTorrent
2015-02-24 19:10 - 2013-05-19 14:34 - 00000000 ____D () C:\Users\David\AppData\Roaming\TS3Client
2015-02-24 15:02 - 2014-06-10 06:39 - 00003856 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1402378750
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-22 11:54 - 2012-07-23 15:48 - 00000000 ____D () C:\Users\David\AppData\Roaming\Adobe
2015-02-22 10:55 - 2012-07-27 06:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-02-13 14:30 - 2015-01-24 11:37 - 00000000 ____D () C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D
2015-02-13 13:43 - 2015-01-24 11:49 - 00000000 ____D () C:\Users\Public\Documents\My DAZ 3D Library
2015-02-12 20:34 - 2014-04-19 20:34 - 00000000 ____D () C:\Users\David\AppData\Local\SKIDROW
2015-02-12 20:33 - 2012-09-14 14:46 - 00000000 ____D () C:\Users\David\AppData\Roaming\Skype
2015-02-11 17:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-11 17:04 - 2015-01-25 16:31 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2015-02-11 15:20 - 2011-12-16 04:57 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-02-10 18:13 - 2012-08-27 17:45 - 00000000 ____D () C:\Users\David\AppData\Local\Downloaded Installations
2015-02-10 18:04 - 2014-09-02 15:41 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 14:12 - 2014-04-11 17:18 - 00007597 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg
2015-02-09 12:50 - 2014-04-19 19:16 - 00000000 ____D () C:\Users\David\AppData\Roaming\DAEMON Tools Pro
2015-02-07 18:30 - 2014-06-04 18:19 - 00000000 ____D () C:\ProgramData\Origin
2015-02-07 17:24 - 2014-06-04 18:19 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-07 13:10 - 2013-09-04 16:44 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 13:10 - 2013-09-04 16:44 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-05 19:35 - 2014-12-08 17:43 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 19:35 - 2014-12-08 17:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-05 19:35 - 2014-12-08 17:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 18:02 - 2015-01-25 16:50 - 00000000 ____D () C:\Program Files\Synfig
2015-02-05 13:56 - 2014-12-08 07:58 - 00000000 ____D () C:\Users\David\AppData\Local\qbqbqb

==================== Files in the root of some directories =======

2013-09-13 13:02 - 2013-09-13 13:02 - 0000132 _____ () C:\Users\David\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
2013-11-23 15:56 - 2013-12-30 15:42 - 0000627 _____ () C:\Users\David\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-09-07 09:22 - 2014-09-07 09:23 - 1177208 _____ () C:\Users\David\AppData\Roaming\AndyCleanupTool.exe
2014-09-07 09:23 - 2014-09-07 09:23 - 1176696 _____ () C:\Users\David\AppData\Roaming\AndyCleanVM.exe
2015-01-19 20:08 - 2015-01-19 20:23 - 0000115 _____ () C:\Users\David\AppData\Roaming\LogFile.txt
2012-12-18 19:50 - 2012-12-18 19:50 - 0042496 ___SH () C:\Users\David\AppData\Roaming\Thumbs.db
2013-05-04 10:50 - 2013-05-04 10:50 - 0117613 _____ () C:\Users\David\AppData\Local\recently-used.xbel
2014-04-11 17:18 - 2015-02-09 14:12 - 0007597 _____ () C:\Users\David\AppData\Local\Resmon.ResmonCfg
2015-01-10 18:54 - 2015-01-25 16:28 - 0000091 _____ () C:\Users\David\AppData\Local\Temppenciltemp.png
2013-09-13 14:13 - 2013-09-13 14:13 - 0000003 _____ () C:\Users\David\AppData\Local\updater.log
2013-09-13 14:13 - 2014-03-07 19:50 - 0000441 _____ () C:\Users\David\AppData\Local\UserProducts.xml
2014-06-28 12:14 - 2014-06-28 12:14 - 0000000 _____ () C:\Users\David\AppData\Local\{3CB6AA18-F971-4847-A6DC-51A8FF2798E7}
2014-02-22 16:25 - 2014-02-22 16:25 - 0000000 _____ () C:\Users\David\AppData\Local\{4F6931E0-1B2A-4417-A3CC-911F67A7ADBF}
2014-02-21 18:42 - 2014-02-21 18:42 - 0000000 _____ () C:\Users\David\AppData\Local\{D0692611-B564-4C43-BA1C-C143A2FCD933}
2013-02-05 20:16 - 2013-02-05 20:16 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-12-16 05:01 - 2011-12-16 05:03 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log
2014-11-25 17:03 - 2014-11-25 17:03 - 0000032 _____ () C:\ProgramData\Temp.log

Files to move or delete:
====================
C:\Users\Dxtory2.0\DxtoryVideo.dll


Some content of TEMP:
====================
C:\Users\David\AppData\Local\Temp\Quarantine.exe
C:\Users\David\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-22 14:15

==================== End Of Log ============================
--- --- ---

--- --- ---


Bitte um Hilfe !

schrauber 07.03.2015 21:17
hi,

Addition.txt fehlt noch.

zelfoxx 08.03.2015 12:30
Addition:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 01
Ran by David at 2015-03-08 12:29:23
Running from C:\Users\David\Desktop\Desktop\#ANTI\FRST
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

"Tropico 4" (HKLM-x32\...\{C276D408-F88A-4E69-9CE3-B785CFA276BD}_is1) (Version:  - )
«Cabela's Big Game Hunter Pro Hunts» (HKLM-x32\...\{77B9D608-84EC-4F26-9541-D92F1C223851}_is1) (Version: 1.0 - © R.G. Revenants)
µTorrent (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
7 Days to Die - Alpha version 0.9.1 (HKLM-x32\...\{967E55B4-6DDD-4A2F-BFC7-07F1E327971E}_is1) (Version: 0.9.1 - The Fun Pimps LLC)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2904.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2904.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3504 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0913.2011 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
ADRIFT 5 (HKLM-x32\...\{11978B01-779C-43AB-8609-BAA7B81B47FE}) (Version: 5.0.32.1 - Campbell Wild)
Advanced Archive Password Recovery (HKLM-x32\...\{01011662-76A8-41E8-B1A8-4F8821570AC5}) (Version: 4.54.48.1338 - Elcomsoft Co. Ltd.)
AirMech (HKLM-x32\...\Steam App 206500) (Version:  - Carbon Games)
Akamai NetSession Interface (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
ANDY OS (HKLM\...\ANDY OS) (Version: 1.1 - andyroid.net)
AntiLogger Free version 1.8.2.16 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.16 - Zemana Ltd.)
Any Video Converter 5.7.8 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk Maya LT 2015 (HKLM\...\Autodesk Maya LT 2015) (Version: 15.10.373.0 - Autodesk)
Autodesk Maya LT 2015 (Version: 15.10.373.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
BigRigs over the road Racing (HKLM-x32\...\BigRigs over the road Racing_is1) (Version:  - Stellar Stone Group)
Blender (HKLM\...\Blender) (Version: 2.64a-release - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{783DCCCB-FBD0-4D1D-928D-7075DA8015E6}) (Version: 0.8.5.3042 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 14.8.2.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation)
Capsized (HKLM-x32\...\Capsized_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Continue 9876543210 (HKLM-x32\...\Continue 9876543210v1.4) (Version: v1.4 - Jason Oda)
Costume Quest 2 (HKLM-x32\...\Costume Quest 2_is1) (Version: 1.0 - PLAZA)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro Advanced (HKLM-x32\...\DAEMON Tools Pro Advanced) (Version:  - )
DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.28) (Version: 1.1.0.28 - DAZ 3D)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.7 - Dolby Laboratories Inc)
Duke Nukem 3D Megaton Edition version 1.00 (HKLM-x32\...\Duke Nukem 3D Megaton Edition_is1) (Version: 1.00 - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FBVLC (HKLM-x32\...\{FDFD2D0E-1CC4-446A-8E36-65298CE711D5}) (Version: 0.1.5 - RSATom)
File-Extensions.org Search (HKLM\...\File-Extensions.org Search) (Version:  - Digidy, s.r.o.)
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlashOffliner 1.0 (HKLM-x32\...\FlashOffliner) (Version: 1.0 - Dead'Soul)
FM PDF To JPG Converter Pro 2.0 (HKLM-x32\...\FM PDF To JPG Converter Pro_is1) (Version: 2.0 - )
FMS (HKLM-x32\...\FMS) (Version:  - )
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free PDF To JPG Converter 3.2 (HKLM-x32\...\Free PDF To JPG Converter_is1) (Version: 3.2 - )
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
FunnyGames - The Impossible Quiz Book (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\FunnyGames - the_impossible_quiz_book) (Version: 1 - FunnyGames)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GeoGebra 4.4 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\GeoGebra 4.4) (Version: 4.4.43.0 - International GeoGebra Institute)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.24.0 - International GeoGebra Institute)
Geometry Wars 3 Dimensions (HKLM-x32\...\Geometry Wars 3 Dimensions_is1) (Version:  - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Goodbye New World (HKLM\...\UDK-8b59c797-22f4-49e9-85f6-5e87a6ed89d9) (Version:  - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gunpoint Exclusive Edition 1.0 (HKLM-x32\...\Gunpoint Exclusive Edition 1.0) (Version: 1.0 - Focus Home Interactive)
Gunpoint version v1.1 (HKLM-x32\...\{B33EDF25-91DF-40FC-B2F7-FA19E3F0489F}}_is1) (Version: v1.1 - )
Haunt 1.1 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\Haunt 1.1) (Version:  - )
Haunt 1.1 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Haunt 1.1) (Version:  - )
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Adhesive Games)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{5409411D-CD72-432D-B823-1B520B24BD3C}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Igneous (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Igneous) (Version:  - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Isoplex version 1.0.4 (HKLM-x32\...\{D7777196-0C77-4FA8-A02E-37A6E295657A}_is1) (Version: 1.0.4 - Isoplex, Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Joystick 2 Mouse 3 (HKLM-x32\...\Joystick 2 Mouse 3) (Version:  - )
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kill The Bad Guy (HKLM-x32\...\Kill The Bad Guy_is1) (Version:  - )
Killer is Dead (HKLM-x32\...\Killer is Dead_is1) (Version:  - )
Knight Rider PC Demo (HKLM-x32\...\Knight Rider PC Demo) (Version:  - Davilex Games B.V.)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{74E85F31-573F-45BF-8939-4D2BCDCC2083}) (Version: 1.17.770 - LEGO)
LibreOffice 3.5 Help Pack (German) (HKLM-x32\...\{63DAF1E5-2FE9-4CE1-871F-BBE6E5630E12}) (Version: 3.5.5.3 - The Document Foundation)
LibreOffice 4.2.7.2 (HKLM-x32\...\{A313C39F-79A7-408B-97EE-8F958407D694}) (Version: 4.2.7.2 - The Document Foundation)
LIMBO (HKLM-x32\...\LIMBO) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.166 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.166 - LogMeIn, Inc.) Hidden
Mafia II version 1.0 (HKLM-x32\...\{4F5FB47E-14DE-45B4-85E3-11CD5E497KA3}_is1) (Version: 1.0 - 2K Games)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Max Payne 2 (HKLM-x32\...\Max Payne 2) (Version:  - )
MegaDownloader 0.82 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 0.82 - Andres_age)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Online Services-Anmeldeassistent (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 - de-de (HKLM\...\SPDRetail - de-de) (Version: 15.0.4693.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MirrorMoonEP (HKLM-x32\...\MirrorMoonEP_is1) (Version: MirrorMoonEP - Ó÷åíèê_77_[RG Games])
Mirror's Edge (HKLM-x32\...\Mirror's Edge_is1) (Version:  - )
Mixamo Fuse version 1.3.0 (HKLM-x32\...\{CF744422-9FA0-44E9-86E4-B4FCF1A0D56A}_is1) (Version: 1.3.0 - Mixamo)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.21.75 - Huawei Technologies Co.,Ltd)
Monaco What's Yours Is Mine (HKLM-x32\...\Monaco What's Yours Is Mine_is1) (Version: Monaco What's Yours Is Mine - )
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Mutant Factions v0.92 (HKLM-x32\...\{192DCFA4-5AD8-44B2-B08E-38D7BC8980C6}_is1) (Version:  - Ben Johnson)
My Game Long Name (HKLM\...\UDK-3bfcf0c9-bee6-4f15-a2d5-d6191a9a3695) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-e40e093f-8cca-4bae-b236-c4c49ce4598f) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-fa558830-5bb0-41aa-b74c-0e62877dd866) (Version:  - Epic Games, Inc.)
MyFreeCodec (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\MyFreeCodec) (Version:  - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
NaissanceE (HKLM-x32\...\TmFpc3NhbmNlRQ==_is1) (Version: 1 - )
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
NirSoft Volumouse (HKLM-x32\...\Volumouse) (Version:  - )
Nitronic Rush (2012-12-21 .2) version 20121221.1 (HKLM-x32\...\{9B55759D-424F-4CB1-B84E-AAE83CC1D20A}_is1) (Version: 20121221.1 - DigiPen)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 285.64 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.64 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4693.1002 - Microsoft Corporation) Hidden
One Button Bob (HKLM-x32\...\{00F0982D-CBB7-47FE-BAA1-4C0589D43A8A}_is1) (Version:  - ePlaybus.com)
Open 3D Model Viewer (HKLM-x32\...\{2881DB80-EB93-4E22-A49F-0B407691935E}) (Version: 1.00.0000 - Alexander Gessler)
Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{58152609-fc38-4925-8ef4-c2548453c6fb}) (Version: latest - ppy Pty Ltd)
osu! (HKLM-x32\...\{e2eadd0d-7e2d-4ed3-808b-921824a1913a}) (Version: latest - ppy Pty Ltd)
Outland (HKLM-x32\...\Outland_is1) (Version: 1.0 - PLAZA)
PDF Image Extraction Wizard 1.2 (HKLM-x32\...\PDF Image Extraction Wizard 1.2_is1) (Version:  - RL Vision)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.3 - Frank Heindörfer, Philip Chinery)
PDFMate PDF Converter Professional 1.7.4 (HKLM-x32\...\PDFMate PDF Converter Professional_is1) (Version:  - pdfmate.com)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
phase-6 2.3.3 (HKLM-x32\...\phase-6) (Version: 2.3.3 - phase-6)
PhotoFiltre 7 (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\PhotoFiltre 7) (Version:  - )
Planetary Annihilation (HKLM-x32\...\Planetary Annihilation_is1) (Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Poker Night 2 (HKLM-x32\...\Poker Night 2_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Portal (HKLM-x32\...\Portal) (Version:  - )
Portal 2 version 1.16 (HKLM-x32\...\{2ED84EF7-0C8D-3P20-BIO2-7B42A5D4E0EB}_is1) (Version: 1.16 - Black Box)
Poser Pro 2014 (HKLM\...\Poser Pro 2014 English_is1) (Version: 10.0.0 - Smith Micro Software, Inc.)
PoserContent2014 (HKLM\...\Poser Pro 2014_is1) (Version: 10.0.0 - Smith Micro Software, Inc.)
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Postal 2 Complete (HKLM-x32\...\Postal 2 Complete_is1) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.6 - Power Software Ltd)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QbQbQb version 1.1.0 (HKLM-x32\...\{6AC0001C-30BB-4582-959E-6BF89172AB09}_is1) (Version: 1.1.0 - Rezoner)
Queue Manager 2014 (HKLM\...\Queue Manager 2014_is1) (Version: 10.0.0 - Smith Micro Software, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Randal's Monday (HKLM-x32\...\Randal's Monday_is1) (Version:  - Daedalic Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
RegHunter (HKLM\...\{F94A63D7-9A61-403B-8F6F-90B1BF77211A}) (Version: 1.3.3.1613 - Enigma Software Group USA, LLC)
Remo Repair RAR (HKLM-x32\...\{665680CE-EABF-4678-94AA-F3253AD70B0A}_is1) (Version: 2.0.0.17 - Remo Software)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.0.0.5 - GOG.com)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Southpark Stick of Truth (HKLM-x32\...\U291dGhwYXJrU3RpY2tvZlRydXRo_is1) (Version: 1 - )
Spelunky HD 1.0 (HKLM-x32\...\Spelunky HD 1.0) (Version: 1.0 - Cat-A-Cat)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC)
Studie zur Verbesserung von HP Photosmart 5510 series Produkten (HKLM\...\{EDBC8AED-78A3-424E-ADB6-C7B1424FFAFD}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
SWF & FLV Player 3.0 (build 3.0.33.5106) (HKLM-x32\...\SWF & FLV Player_is1) (Version: 3.0.33.5106 - Eltima Software)
SWFPlayer 2.6.2.0 (HKLM-x32\...\SWFPlayer_is1) (Version: 2.6.2.0 - Michael Faust, Alpha Interactive)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synfig Studio (HKLM-x32\...\synfigstudio) (Version: 0.64.3 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.13989 - TeamViewer)
The Room (HKLM-x32\...\The Room_is1) (Version:  - Fireproof Games)
The Walking Dead: Season 2 Episode 3 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version:  - Hi-Rez Studios)
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version:  - )
Tupi version 0.2-4 (HKLM-x32\...\Tupi_is1) (Version: 0.2-4 - )
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.078 - Aten International Co., Ltd.)
Unity Web Player (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1A75F4F-9C9F-11E2-8FCB-F04DA23A5C58}) (Version: 12.0.563 - Sony)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.)
Warsow 1.02 (HKLM-x32\...\{24508D50-EB8F-4FE6-B69D-B4935D8745EF}_is1) (Version: 1.02 - Chasseur de bots)
WebcamMax (HKLM-x32\...\WebcamMax) (Version: 7.0.9.8.MultiLanguage - )
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3466399659-1618858318-3356278196-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinRAR 5.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
XIII (HKLM-x32\...\{ABABD935-23F8-4149-8D3D-2DA1CAD6A7D4}_is1) (Version: 1.0 - Ubisoft)
XSplit Broadcaster (HKLM-x32\...\{4BC33FAB-4249-44D7-88A3-22682C577EE3}) (Version: 1.3.1310.1103 - SplitMediaLabs)
Yet Another Zombie Defense (HKLM-x32\...\WWV0QW5vdGhlclpvbWJpZURlZmVuc2U=_is1) (Version: 1 - )
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001_Classes\CLSID\{01E9FAE9-3819-4dd9-B1D9-998A1C62D1F8}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3466399659-1618858318-3356278196-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

07-02-2015 18:04:31 Installed ADRIFT 5.
10-02-2015 18:04:08 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
10-02-2015 18:14:06 Installed Open 3D Model Viewer.
11-02-2015 16:59:12 Revo Uninstaller's restore point - SpeedyPC Pro
11-02-2015 17:02:15 Revo Uninstaller's restore point - NirSoft BlueScreenView
11-02-2015 17:03:45 Revo Uninstaller's restore point - FormatFactory 3.5.0.0
22-02-2015 14:22:27 Geplanter Prüfpunkt
03-03-2015 18:03:45 DirectX wurde installiert
07-03-2015 18:18:56 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-20 19:30 - 00518369 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 atlas.aamedia.ro
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 ads.ad2games.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08E7991B-1383-4377-BEDA-14D0F26A7409} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {0C3CB652-4410-4852-A2B5-C433841839BC} - System32\Tasks\{B960A761-DB7D-441F-B492-F36E2AD2345F} => C:\Users\David\Desktop\IGG-The.Escapists.0.792\Neuer Ordner\The Escapists\TheEscapists.exe
Task: {146CAF2E-F175-4178-80AD-DC4D5C036812} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-06] (Microsoft Corporation)
Task: {15F2A646-5DE5-485A-9213-E4A7D2670688} - System32\Tasks\{848CE327-C827-4159-A571-79A8981EFB54} => pcalua.exe -a "C:\Program Files (x86)\Portal\Portal.exe" -d "C:\Program Files (x86)\Portal\portal\sound\weapons\rocket"
Task: {177D876B-F170-4499-A814-BAF6AD943E35} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {1DAA2393-F7FE-40DC-A291-FC977EB52FD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {2CF4A184-DFBF-43E1-AF67-51A887F04F49} - System32\Tasks\{0A7E012B-4D8E-48BB-A719-4A57FD4D2C28} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm\bin\addoninstaller.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm" -c /register
Task: {2D1E89ED-BF8E-4919-874C-2A3A070F535E} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {31B454B7-8A78-4193-8B39-D962AD5311E5} - System32\Tasks\{2E1BC973-FB55-475C-AB91-7E2AF64512AA} => pcalua.exe -a E:\Redist\vcredist_x86.exe -d E:\Redist
Task: {3817BD51-2743-4031-BAE8-66415FA67768} - System32\Tasks\{C70F2032-FF8C-4D1C-A97B-C8186CB7C12A} => pcalua.exe -a C:\Users\David\Desktop\serioussam.exe -d C:\Users\David\Desktop
Task: {39FC84F7-631F-48DD-98D9-2A1E0E55A17D} - System32\Tasks\{868495F6-ECBD-4925-81F3-720A2EE1E54A} => pcalua.exe -a C:\Users\David\Downloads\dxwebsetup(1).exe -d C:\Users\David\Downloads
Task: {3D54FDA0-7CEB-4C84-A745-BBE4CCB90B86} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {3F572DED-F780-4880-B653-DEA49C7D78CF} - System32\Tasks\Launch 19578 => C:\Program Files (x86)\YTDownloader\YTDownloader.exe
Task: {4244BFD1-7259-4908-873E-EE86BC202A69} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {477F45F8-5B79-4B1D-BEFC-08AD95E39AC1} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {48E03EE0-4458-48A3-8EAD-2347B10EA7C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {4D47168B-2802-4D1E-B252-0D1E997C5766} - System32\Tasks\{065B4F65-EC5A-406A-B1BF-51665159EE90} => pcalua.exe -a "C:\Program Files (x86)\Alientrap Games Inc\Capsized\Dependencies\dotnetfx35.exe" -d "C:\Program Files (x86)\Alientrap Games Inc\Capsized\Dependencies"
Task: {52096399-6CB7-4D23-8447-7BB4A6E198BA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {526BBCEA-16B6-43E9-81CC-A3B42891661C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {556A8282-344D-475C-AC3C-9C3A62004FE7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {601C76F1-93F4-4124-ABDF-DEEE85043577} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-09] (AVAST Software)
Task: {6123D7BC-566B-4139-BADC-3708F2E3A518} - System32\Tasks\{288BC829-65DF-41F5-ADCF-1A8F3FC8E57C} => pcalua.exe -a C:\Users\David\Downloads\swfsetup26.exe -d C:\Users\David\Downloads
Task: {627E8FFE-7031-4602-8F2C-F015FE178703} - System32\Tasks\SpeedyPC Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\UUS3.dll" RunUns <==== ATTENTION
Task: {66DBEAE5-CE4D-4310-B480-2E2DE6D1EB06} - System32\Tasks\{E185E58D-45E6-484E-9487-A57A3278B40F} => E:\Install.exe
Task: {68B169C3-1246-48A2-9217-64F8B58ED286} - System32\Tasks\{EA2934C7-4D43-4F47-8E36-9314EFB5FA20} => pcalua.exe -a "C:\Users\David\Desktop\Desktop\Bioshock\IGG-Bioshock.1\Bioshock\#README#\DirectX 9c (2007)\DXSETUP.exe" -d "C:\Users\David\Desktop\Desktop\Bioshock\IGG-Bioshock.1\Bioshock\#README#\DirectX 9c (2007)"
Task: {69E2DEA5-63B2-460A-9855-B92AD52005D0} - System32\Tasks\{A36C69E5-17AC-4B1D-A6D6-FE418062131A} => pcalua.exe -a C:\Users\David\Desktop\uc232a_win7_xp_vista_v1.0.075-alternativ\UC232A_Windows_Setup_V1.0.075.exe -d C:\Users\David\Desktop\uc232a_win7_xp_vista_v1.0.075-alternativ
Task: {6A276532-1B42-412E-9F2B-1E58474A60A9} - System32\Tasks\{4D6378C9-1B39-4645-82D6-B50B2003D818} => pcalua.exe -a C:\Users\David\Desktop\IGG-Return.to.Blockland\IGG-Return.to.Blockland\RTB1045full.exe -d C:\Users\David\Desktop\IGG-Return.to.Blockland\IGG-Return.to.Blockland
Task: {6BBDBD42-4139-4F50-B00E-2C2D9987B4A6} - System32\Tasks\{32EA14EE-1B21-4161-9767-0E05A2B92C30} => pcalua.exe -a C:\Users\David\Desktop\UC232A_Windows_Setup_V1.0.075.exe -d C:\Users\David\Desktop
Task: {6D192E25-7783-4387-A04E-B0279B611274} - System32\Tasks\{FC85E084-C44F-41A8-96F7-9210F9904A27} => pcalua.exe -a "C:\Program Files (x86)\Capcom\Street Fighter X Tekken\GDFInstall.exe" -d "C:\Program Files (x86)\Capcom\Street Fighter X Tekken"
Task: {7A5CEB00-1B27-4B83-9D16-EE48E67BD9F3} - System32\Tasks\{4BA1C9B7-C196-4EA4-83DE-BB4F70D02D3D} => pcalua.exe -a C:\Users\David\Downloads\setup_de.exe -d C:\Users\David\Downloads
Task: {7DB7F350-87A1-4893-AF89-B1DF72707EC0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-06] (Microsoft Corporation)
Task: {7F91E39F-D3BE-4CF2-AF69-3C0E560EB10E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-14] (Microsoft Corporation)
Task: {840C639B-8A0F-4F1B-A47D-DB6FCF263613} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8484DA0B-2ED9-49DB-8389-08EFD65C0FF2} - System32\Tasks\Opera scheduled Autoupdate 1402378750 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-23] (Opera Software)
Task: {8E14E3F8-2F52-4F82-AE5B-EBEFABB5C164} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {90FA3741-5BE2-4C4D-8EDD-BF24C662DA32} - System32\Tasks\{4B9F3708-561A-4736-9DA8-62AE7BDC499D} => pcalua.exe -a "C:\Users\David\Downloads\uc232a_windows_setup_v1.0.078 (1)\UC232A_Windows_Setup.exe" -d "C:\Users\David\Downloads\uc232a_windows_setup_v1.0.078 (1)"
Task: {927EAAA0-F2E1-4579-AA90-FB15E55C699E} - System32\Tasks\{4DC151BF-6976-44B0-9444-E099F0FA40AA} => E:\Install.exe
Task: {9D94C784-9300-4910-A888-240AC43B9CC9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-12-30] (Microsoft Corporation)
Task: {A078D10B-62C5-4164-8F15-0F1C8D4B5FF2} - System32\Tasks\{AFF2F52F-EF43-4E4B-B7C3-AF306358CAFF} => pcalua.exe -a C:\Users\David\Desktop\desktop\igneous_setup\igneous_setup.exe -d C:\Users\David\Desktop\desktop\igneous_setup
Task: {A6055463-7302-474B-B41F-97B6DCFE80A3} - System32\Tasks\{30B6B71D-360A-4990-A89F-CDD344DC9335} => E:\Install.exe
Task: {A6502404-9038-4665-B2D8-8B18A07BDA5F} - System32\Tasks\{3798E432-BD79-4B0C-B9C8-6302DA50E04B} => pcalua.exe -a E:\Downloads\dotnetfx2.exe -d E:\Downloads
Task: {B01CD576-E006-4C2D-8B6A-2098664AAEBE} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {B18DF795-9544-4CC8-B4C2-58513749B5C5} - System32\Tasks\{A7DB6150-3B52-4F49-9F91-FBC0624BFD61} => C:\Program Files (x86)\Black Box\Portal 2\portal2.exe [2012-02-21] ()
Task: {B954B984-0A79-473C-9A00-EFB479BF2BC2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {C3C95896-ADFC-454C-AE05-C23335A93F78} - System32\Tasks\{508081F0-5FC7-4271-8CDC-1E61763ECB6A} => pcalua.exe -a "C:\Users\David\Desktop\Desktop\CD\emedia 1\games\Erotik\Bustout\bo3dinst.exe" -d "C:\Users\David\Desktop\Desktop\CD\emedia 1\games\Erotik\Bustout"
Task: {CBB4A1C4-B70A-4BE3-86FD-D58C1F7DE5B1} - System32\Tasks\{860E53FE-8F1F-45E9-BA57-D276414F06DB} => pcalua.exe -a C:\Users\David\Downloads\vcredist_x86.exe -d C:\Users\David\Downloads
Task: {CCEF0C18-19F2-49F5-8EC2-85CAB08653AE} - System32\Tasks\{5C16AEF4-46C9-49A6-9611-1E112B28285F} => E:\Install.exe
Task: {D817B95F-878F-403C-9983-AF7E963D183D} - System32\Tasks\{0C44E482-14D5-44D4-BED0-95F68DAA076B} => E:\Install.exe
Task: {E0974176-D160-47A1-A820-923295320CC2} - System32\Tasks\{E2709E61-FC50-47E8-B8E6-B63C51EF9AAA} => pcalua.exe -a C:\Users\David\Downloads\dxwebsetup(2).exe -d C:\Users\David\Downloads
Task: {E0D99CE9-E454-40D0-BC5F-63DFFECC6D23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {E9B2832A-8D63-4EF9-B5F2-8A3F4F46CEF7} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {F565E689-75FD-466B-A601-2D52FBFFFBB3} - System32\Tasks\{6C8B5439-577B-46BA-8421-3D94A2A0E99A} => pcalua.exe -a C:\Users\David\Desktop\Joy2Mouse3.exe -d C:\Users\David\Desktop
Task: {FCAB90B4-8FD1-4020-A4CC-62C286707DEC} - System32\Tasks\Open Chrome => Chrome.exe --new-window hxxp://toolbar.avg.com/almost-done?pid=avg&amp;lang=de
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files (x86)\Google\Chrome\Application\chrome.exe@--new-window http:/toolbar.avg.com/
Task: C:\Windows\Tasks\SpeedyPC Registration3.job => C:\Windows\system32\rundll32.exeMC:\Program Files (x86)\Common Files\SpeedyPC Software\UUS3\UUS3.dll <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2014-12-29 14:43 - 2013-06-06 03:09 - 01185048 ____N () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-09-02 14:40 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-24 11:37 - 2011-05-05 21:36 - 00022528 _____ () C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
2015-01-24 11:37 - 2011-05-05 21:36 - 01479680 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_x64.dll
2015-01-24 11:37 - 2011-05-05 21:36 - 00977408 _____ () C:\Program Files\DAZ 3D\Content Management Service\VServer_x64.dll
2015-01-24 11:37 - 2011-05-05 21:36 - 01053696 _____ () C:\Program Files\DAZ 3D\Content Management Service\ace_ssl_x64.dll
2015-01-24 11:37 - 2011-05-05 21:36 - 00155136 _____ () C:\Program Files\DAZ 3D\Content Management Service\asnmp_x64.dll
2011-10-14 04:57 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-04 18:59 - 2014-09-04 08:55 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-12-09 19:42 - 2014-12-09 19:42 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-09 19:42 - 2014-12-09 19:42 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-03-07 17:20 - 2015-03-07 17:20 - 02919424 _____ () C:\Program Files\AVAST Software\Avast\defs\15030700\algo.dll
2014-12-09 19:42 - 2014-12-09 19:43 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-03-08 12:25 - 2015-03-08 12:25 - 02919424 _____ () C:\Program Files\AVAST Software\Avast\defs\15030800\algo.dll
2015-02-05 19:51 - 2014-12-05 03:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-02-05 19:51 - 2014-12-05 03:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2014-12-09 19:43 - 2014-12-09 19:43 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2013-03-08 06:17 - 2013-03-08 06:17 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2015-02-22 11:18 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-22 11:18 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-22 11:18 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3466399659-1618858318-3356278196-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: ArcService => 3
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BackupStack => 2
MSCONFIG\Services: BBSvc => 3
MSCONFIG\Services: BBUpdate => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: CryptSvc => 2
MSCONFIG\Services: DsiWMIService => 2
MSCONFIG\Services: EgisTec Ticket Service => 3
MSCONFIG\Services: ePowerSvc => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GREGService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: Live Updater Service => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: savesenselive => 2
MSCONFIG\Services: savesenselivem => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SmdmFService => 2
MSCONFIG\Services: SrvUpdater => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: vToolbarUpdater18.1.9 => 2
MSCONFIG\Services: Wpm => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BumpTop.lnk => C:\Windows\pss\BumpTop.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BumpTop.lnk => C:\Windows\pss\BumpTop.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk => C:\Windows\pss\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Andy => C:\Program Files\Andy\HandyAndy.exe
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe" -autorun
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Users\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IntelTBRunOnce => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LightShot => C:\Users\David\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\David\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SearchProtect => C:\Users\David\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WebcamMaxAutoRun => "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a
MSCONFIG\startupreg: Yontoo Desktop => "C:\Users\David\AppData\Roaming\Yontoo\YontooDesktop.exe"
MSCONFIG\startupreg: ZALFree => "C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe" /MINIMIZED

==================== Accounts: =============================

Administrator (S-1-5-21-3466399659-1618858318-3356278196-500 - Administrator - Disabled)
David (S-1-5-21-3466399659-1618858318-3356278196-1001 - Administrator - Enabled) => C:\Users\David
Gast (S-1-5-21-3466399659-1618858318-3356278196-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3466399659-1618858318-3356278196-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3466399659-1618858318-3356278196-1000 - Limited - Enabled) => C:\Users\UpdatusUser
user (S-1-5-21-3466399659-1618858318-3356278196-1006 - Limited - Enabled) => C:\Users\user

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2015 00:22:43 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/08/2015 00:22:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 07:06:46 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/07/2015 07:06:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 05:18:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 05:18:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 04:17:19 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 04:17:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2015 08:33:49 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/05/2015 08:33:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/08/2015 00:22:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (03/08/2015 00:22:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064

Error: (03/08/2015 00:22:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/07/2015 07:07:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (03/07/2015 07:06:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet:
%%1064

Error: (03/07/2015 07:06:25 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\tandpl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/07/2015 07:02:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Microsoft Online Services Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109

Error: (03/07/2015 07:02:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (03/07/2015 07:02:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (03/07/2015 07:02:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll


Microsoft Office Sessions:
=========================
Error: (03/08/2015 00:22:43 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/08/2015 00:22:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 07:06:46 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/07/2015 07:06:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 05:18:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/07/2015 05:18:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 04:17:19 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/06/2015 04:17:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2015 08:33:49 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
  bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/05/2015 08:33:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-12-22 15:18:34.027
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-22 15:18:33.903
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 33%
Total physical RAM: 8043.86 MB
Available physical RAM: 5310.02 MB
Total Pagefile: 16085.91 MB
Available Pagefile: 13240.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (DAVID-Acer) (Fixed) (Total:913.41 GB) (Free:279.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9A7C392E)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 08.03.2015 19:04
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

zelfoxx 06.05.2015 19:49
Ich hatte dieses Thema leider völlig vergessen und habe deshalb nicht geantwortet.
Mein Problem hat sich jetzt zumindest von selbst gelöst...
Trotzdem danke für die angebotene Hilfe !!

Lg

schrauber 07.05.2015 07:53
ok :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:01 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55