Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   ad.360yield - vom Cookie zum Plagegeist - hat delete geblockt (und mehr) (https://www.trojaner-board.de/164864-ad-360yield-cookie-plagegeist-hat-delete-geblockt-mehr.html)

Amaya 08.03.2015 18:27
ad.360yield - vom Cookie zum Plagegeist - hat delete geblockt (und mehr)
 
Hallo ich hab nen sehr kompliziertes Problem und ich hoffe einfach, dass es noch zu lösen ist.

Beschreibung:
Wenn ich den Knopf Entf/Delete auf meiner Tastatur drücke öffnet sich das Windows Start Menue. Das kann man wieder schließen.

Nach einigem Delay spring die Auswahl (wie wenn man etwas per klickt oder Tastenbewegung ausgewählt hat) durch die Gegend.

Wäre man in einer Suchzeile, wie das auf Start ja der fall ist würde folgendes passieren.
Es würde dann von selbst geschrieben werden:

"http:" - anschließen würde es wie mit Rückgängig (Taste) gelöscht werden, dann wird folgendes geschrieben: "ad.360yi" oder "ad.360yieeeeeeeeeeeeee" das e geht immer so weiter.. und weiter...

wnn man in keiner suchzeile ist.. springt es wie gesagt durch die gegend.. ordner öffnen kann es sogar auch.. aber irgendwann bleibt es über etwas hängen und blockiert? - es wirkt als würde man eine taste pressen und gedrückt halten - das windowsgeräuch für überforderung hört man auch ^^

wenn man anschließend "Esc" drückt hört ALLES auf.

Interessant: Ohne Tastatur bricht auch alles ab.


Wann ist das ganze aufgetreten:
Das ganze hat ca. vor 2 Wochen angefangen.
Zudem Zeitpunkt habe ich im Waterfox 64bit Version des Firefox das Cookie ad.360yield.com blockiert. yeay.. warum? - -.- ich hatte früher schonmal Probleme mit dem Ad.yieldmanger, allerdings auf einem anderen System.

Das Cookie selbst ist als Trojaner bekannt und was ich beobachten konnte, es hat zwar dank adblock nicht wirklich irgendetwas gezeigt - jedoch wurde ich mit cookies so zugemüllt das ich nicht mehr wollte... (so ab 100 Einträgen verliert man dann gerne mal die Geduld)

Weiteres vorgehen:
Zudem Zeitpunkt hatte ich bereist den Iobit Malware Fighter installiert.. da der nichts gemacht hat bin ich auf Panda Security umgestiegen.
Nach so und so vielen Programmen .. ist mein System ziemlich sauber geworden.. dennoch blieb das Problem bestehen.

Da hat man zum Beispiel die LInkury Smartbar gefunden.. und wenige fremde DLL.. zu denen nix bekannt war.. (ob ich die Logs noch finde ist zu bezweifeln)

Nach ein paar Trojanern wenigern und was auch immer ebenfalls nicht auf das System gehörte.. steh ich nun hier und finde immer noch nicht den Grund warum der Mist ... immer noch existiert.

Taskmangaer ist immer noch zugänglich - strg+umstell+esc

Nur in den Verwaltungsbildschirm von Windows kommen ich nicht mehr. Da "Entf/Delete" geblockt ist. strg und alt funktionieren einwandfrei.

....

Ich wünsche mir Hilfe..

1. Defogger - done
2. FRST64.exe -done
3. Gmer lauf angaben -done
4. versucht alle logs die ich so finden konnte, und noch da waren mit rein zu schmeißen.
alt - 2 - (neue log files haben weder alt noch 2 an sich kleben)
kann man noch nach datum und uhrzeit trennen.
5. Zip


Scans mit Panda Security, Anvira Anti Vir, Avira Eu Cleaner, Kaspersky de Cleaner, Hitman Pro, Malwarebytes (hat gar nix gefunden so weit ich das noch beurteilen kann), RKILL, TDSSR Killer (hat nix gefunden, IEXplorer (nothing happened), Iobit Anti Mal3, CCleaner, Advances System Care 8, Adwcleaner 4.111, aswMBR, ESET Onlinescanner, HIjackThis, Spybot S&D, Super Anti Spy, USB Fix,

Von Allen Programmen Originale Installer vorhanden.. :/

Leider kommt das Neuaufsetzen nicht infrage.. das System zerschießen tut es mir ja nicht.
Aber weil die CD verloren ging und ich leider auch keine CD/DVDs brennen kann.

ich wundere mich das die ganzen logs weg sind :/
mal file recovery verwenden..

schrauber 08.03.2015 18:44
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Amaya 09.03.2015 02:03
LOGS
 
Huff Puff.. hm.. schau ich mir doch mal an wie sich die 10 oder so logs hier machen..
ich werde sie in chronologischer Reinfolge posten Achtung: Wenn Hijack this am Anfang steht - hat das nur etwas damit zu tun, dass mir andere Logs fehlen und ich es in zeitlich korrekter Reinfolge poste (könnt es ja ansonsten einfach überspringen)

Hijack This:
Code:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:54:05, on 05.03.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\PC\Desktop\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\PC\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Spotify] "C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: WSAllMyTubechrome - (no CLSID) - (no file)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Gerneral Update Service (GaUpdateService) - Unknown owner - C:\ProgramData\gaupdt\service\0\gaupsvc.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: JetDrive WindowsClosingService - Unknown owner - (no file)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9303 bytes

CBS ?ich weiß nicht mehr was das war.
Code:
2015-03-05 20:43:03, Info                  CBS    Starting TrustedInstaller initialization.
2015-03-05 20:43:03, Info                  CBS    Loaded Servicing Stack v6.1.7601.17592 with Core: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\cbscore.dll
2015-03-05 20:43:05, Info                  CSI    00000001@2015/3/5:19:43:05.546 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fedbb3f0ad @0x7fee9489849 @0x7fee94534e3 @0xff18e97c @0xff18d799 @0xff18db2f)
2015-03-05 20:43:05, Info                  CSI    00000002@2015/3/5:19:43:05.568 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fedbb3f0ad @0x7fee94d6816 @0x7fee94a2aac @0x7fee94535b9 @0xff18e97c @0xff18d799)
2015-03-05 20:43:05, Info                  CSI    00000003@2015/3/5:19:43:05.571 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fedbb3f0ad @0x7fef9dc8738 @0x7fef9dc8866 @0xff18e474 @0xff18d7de @0xff18db2f)
2015-03-05 20:43:05, Info                  CBS    Ending TrustedInstaller initialization.
2015-03-05 20:43:05, Info                  CBS    Starting the TrustedInstaller main loop.
2015-03-05 20:43:05, Info                  CBS    TrustedInstaller service starts successfully.
2015-03-05 20:43:05, Info                  CBS    SQM: Initializing online with Windows opt-in: False
2015-03-05 20:43:05, Info                  CBS    SQM: Cleaning up report files older than 10 days.
2015-03-05 20:43:05, Info                  CBS    SQM: Requesting upload of all unsent reports.
2015-03-05 20:43:05, Info                  CBS    SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm\*_std.sqm, flags: 0x2 [HRESULT = 0x80004005 - E_FAIL]
2015-03-05 20:43:05, Info                  CBS    SQM: Failed to start standard sample upload. [HRESULT = 0x80004005 - E_FAIL]
2015-03-05 20:43:05, Info                  CBS    SQM: Queued 0 file(s) for upload with pattern: C:\Windows\servicing\sqm\*_all.sqm, flags: 0x6
2015-03-05 20:43:05, Info                  CBS    SQM: Warning: Failed to upload all unsent reports. [HRESULT = 0x80004005 - E_FAIL]
2015-03-05 20:43:05, Info                  CBS    No startup processing required, TrustedInstaller service was not set as autostart, or else a reboot is still pending.
2015-03-05 20:43:05, Info                  CBS    NonStart: Checking to ensure startup processing was not required.
2015-03-05 20:43:05, Info                  CSI    00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0x10afc40
2015-03-05 20:43:05, Info                  CSI    00000005 Creating NT transaction (seq 1), objectname [6]"(null)"
2015-03-05 20:43:05, Info                  CSI    00000006 Created NT transaction (seq 1) result 0x00000000, handle @0x214
2015-03-05 20:43:05, Info                  CSI    00000007@2015/3/5:19:43:05.596 CSI perf trace:
CSIPERF:TXCOMMIT;404
2015-03-05 20:43:05, Info                  CBS    NonStart: Success, startup processing not required as expected.
2015-03-05 20:43:05, Info                  CBS    Startup processing thread terminated normally
2015-03-05 20:43:05, Info                  CSI    00000008 CSI Store 4450912 (0x000000000043ea60) initialized
2015-03-05 20:43:05, Info                  CBS    Session: 30431100_2574884796 initialized by client WinMgmt.
2015-03-05 20:43:10, Info                  CBS    Session: 30431100_2574884796 finalized. Reboot required: no [HRESULT = 0x00000000 - S_OK]
2015-03-05 20:43:15, Info                  CBS    Archived backup log: C:\Windows\Logs\CBS\CbsPersist_20150305194303.cab.
2015-03-05 20:53:11, Info                  CBS    Reboot mark refs incremented to: 1
2015-03-05 20:53:11, Info                  CBS    Scavenge: Starts
2015-03-05 20:53:11, Info                  CSI    00000009@2015/3/5:19:53:11.141 CSI Transaction @0x441010 initialized for deployment engine {d16d444c-56d8-11d5-882d-0080c847b195} with flags 00000002 and client id [10]"TI6.0_0:0/"

2015-03-05 20:53:11, Info                  CBS    Scavenge: Begin CSI Store
2015-03-05 20:53:31, Info                  CSI    0000000a Performing 1 operations; 1 are not lock/unlock and follow:
  Scavenge (8): flags: 00000017
2015-03-05 20:53:31, Info                  CSI    0000000b Store coherency cookie matches last scavenge cookie, skipping scavenge.
2015-03-05 20:53:37, Info                  CSI    0000000c ICSITransaction::Commit calling IStorePendingTransaction::Apply - coldpatching=FALSE applyflags=7
2015-03-05 20:53:37, Info                  CSI    0000000d Creating NT transaction (seq 2), objectname [6]"(null)"
2015-03-05 20:53:37, Info                  CSI    0000000e Created NT transaction (seq 2) result 0x00000000, handle @0xdc
2015-03-05 20:53:38, Info                  CSI    0000000f@2015/3/5:19:53:38.153 CSI perf trace:
CSIPERF:TXCOMMIT;835973
2015-03-05 20:53:38, Info                  CBS    Scavenge: Completed, disposition: 0X1
2015-03-05 20:53:38, Info                  CSI    00000010@2015/3/5:19:53:38.154 CSI Transaction @0x441010 destroyed
2015-03-05 20:53:38, Info                  CBS    Reboot mark refs: 0
2015-03-05 20:53:38, Info                  CBS    Idle processing thread terminated normally
2015-03-05 20:53:38, Info                  CBS    Ending the TrustedInstaller main loop.
2015-03-05 20:53:38, Info                  CBS    Starting TrustedInstaller finalization.
2015-03-05 20:53:38, Info                  CBS    Ending TrustedInstaller finalization.
2015-03-05 21:05:09, Info                  CBS    Starting TrustedInstaller initialization.
2015-03-05 21:05:09, Info                  CBS    Loaded Servicing Stack v6.1.7601.17592 with Core: C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\cbscore.dll
2015-03-05 21:05:10, Info                  CSI    00000001@2015/3/5:20:05:10.825 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fedb91f0ad @0x7fedbcf9849 @0x7fedbcc34e3 @0xffd0e97c @0xffd0d799 @0xffd0db2f)
2015-03-05 21:05:10, Info                  CSI    00000002@2015/3/5:20:05:10.967 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fedb91f0ad @0x7fedbd46816 @0x7fedbd12aac @0x7fedbcc35b9 @0xffd0e97c @0xffd0d799)
2015-03-05 21:05:10, Info                  CSI    00000003@2015/3/5:20:05:10.989 WcpInitialize (wcp.dll version 0.0.0.6) called (stack @0x7fedb91f0ad @0x7fefa348738 @0x7fefa348866 @0xffd0e474 @0xffd0d7de @0xffd0db2f)
2015-03-05 21:05:11, Info                  CBS    Ending TrustedInstaller initialization.
2015-03-05 21:05:11, Info                  CBS    Starting the TrustedInstaller main loop.
2015-03-05 21:05:11, Info                  CBS    TrustedInstaller service starts successfully.
2015-03-05 21:05:11, Info                  CBS    SQM: Initializing online with Windows opt-in: False
2015-03-05 21:05:11, Info                  CBS    SQM: Cleaning up report files older than 10 days.
2015-03-05 21:05:11, Info                  CBS    SQM: Requesting upload of all unsent reports.
2015-03-05 21:05:11, Info                  CBS    SQM: Failed to start upload with file pattern: C:\Windows\servicing\sqm\*_std.sqm, flags: 0x2 [HRESULT = 0x80004005 - E_FAIL]
2015-03-05 21:05:11, Info                  CBS    SQM: Failed to start standard sample upload. [HRESULT = 0x80004005 - E_FAIL]
2015-03-05 21:05:11, Info                  CBS    SQM: Queued 0 file(s) for upload with pattern: C:\Windows\servicing\sqm\*_all.sqm, flags: 0x6
2015-03-05 21:05:11, Info                  CBS    SQM: Warning: Failed to upload all unsent reports. [HRESULT = 0x80004005 - E_FAIL]
2015-03-05 21:05:11, Info                  CBS    No startup processing required, TrustedInstaller service was not set as autostart, or else a reboot is still pending.
2015-03-05 21:05:11, Info                  CBS    NonStart: Checking to ensure startup processing was not required.
2015-03-05 21:05:11, Info                  CSI    00000004 IAdvancedInstallerAwareStore_ResolvePendingTransactions (call 1) (flags = 00000004, progress = NULL, phase = 0, pdwDisposition = @0xd3fca0
2015-03-05 21:05:11, Info                  CSI    00000005 Creating NT transaction (seq 1), objectname [6]"(null)"
2015-03-05 21:05:11, Info                  CSI    00000006 Created NT transaction (seq 1) result 0x00000000, handle @0x200
2015-03-05 21:05:11, Info                  CSI    00000007@2015/3/5:20:05:11.153 CSI perf trace:
CSIPERF:TXCOMMIT;8211
2015-03-05 21:05:11, Info                  CBS    NonStart: Success, startup processing not required as expected.
2015-03-05 21:05:11, Info                  CBS    Startup processing thread terminated normally
2015-03-05 21:05:11, Info                  CSI    00000008 CSI Store 3774528 (0x0000000000399840) initialized
2015-03-05 21:05:11, Info                  CBS    Session: 30431103_2945991108 initialized by client WinMgmt.
2015-03-05 21:05:37, Info                  CBS    Session: 30431103_2945991108 finalized. Reboot required: no [HRESULT = 0x00000000 - S_OK]
2015-03-05 21:15:37, Info                  CBS    Reboot mark refs incremented to: 1
2015-03-05 21:15:37, Info                  CBS    Scavenge: Starts
2015-03-05 21:15:37, Info                  CSI    00000009@2015/3/5:20:15:37.585 CSI Transaction @0x3cfd90 initialized for deployment engine {d16d444c-56d8-11d5-882d-0080c847b195} with flags 00000002 and client id [10]"TI6.0_0:0/"

2015-03-05 21:15:37, Info                  CBS    Scavenge: Begin CSI Store
2015-03-05 21:15:38, Info                  CSI    0000000a Performing 1 operations; 1 are not lock/unlock and follow:
  Scavenge (8): flags: 00000017
2015-03-05 21:15:38, Info                  CSI    0000000b Store coherency cookie matches last scavenge cookie, skipping scavenge.
2015-03-05 21:15:38, Info                  CSI    0000000c ICSITransaction::Commit calling IStorePendingTransaction::Apply - coldpatching=FALSE applyflags=7
2015-03-05 21:15:38, Info                  CSI    0000000d Creating NT transaction (seq 2), objectname [6]"(null)"
2015-03-05 21:15:38, Info                  CSI    0000000e Created NT transaction (seq 2) result 0x00000000, handle @0x230
2015-03-05 21:15:38, Info                  CSI    0000000f@2015/3/5:20:15:38.377 CSI perf trace:
CSIPERF:TXCOMMIT;434380
2015-03-05 21:15:38, Info                  CBS    Scavenge: Completed, disposition: 0X1
2015-03-05 21:15:38, Info                  CSI    00000010@2015/3/5:20:15:38.378 CSI Transaction @0x3cfd90 destroyed
2015-03-05 21:15:38, Info                  CBS    Reboot mark refs: 0
2015-03-05 21:15:38, Info                  CBS    Idle processing thread terminated normally
2015-03-05 21:15:38, Info                  CBS    Ending the TrustedInstaller main loop.
2015-03-05 21:15:38, Info                  CBS    Starting TrustedInstaller finalization.
2015-03-05 21:15:38, Info                  CBS    Ending TrustedInstaller finalization.

RKill 1rst Log
Code:
Rkill 2.7.0 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 hxxp://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/05/2015 11:41:09 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  DisallowRun [HKCU]

Backup Registry file created at:
 C:\Users\PC\Desktop\rkill\rkill-03-05-2015-11-41-10.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * COM+-Ereignissystem (EventSystem) is not Running.
  Startup Type set to: Automatic

 * Sicherheitscenter (wscsvc) is not Running.
  Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
  Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 03/05/2015 11:42:51 PM
Execution time: 0 hours(s), 1 minute(s), and 42 seconds(s)

RKill 2nd log
Code:
Rkill 2.7.0 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 hxxp://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/06/2015 12:11:53 AM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * COM+-Ereignissystem (EventSystem) is not Running.
  Startup Type set to: Automatic

 * Sicherheitscenter (wscsvc) is not Running.
  Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
  Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 03/06/2015 12:11:59 AM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)

JRT First log
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Ultimate x64
Ran by PC on 06.03.2015 at 15:01:08,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted the following from C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\8v3y2dml.default\prefs.js

user_pref("browser.search.searchengine.alias", "");
user_pref("browser.search.searchengine.iconURL", "hxxp://www.google.com/favicon.ico");
user_pref("browser.search.searchengine.name", "Google ");
user_pref("browser.search.searchengine.ref", "");
user_pref("browser.search.searchengine.ts", "");
user_pref("browser.search.searchengine.type", "");
user_pref("browser.search.searchengine.uid", "samsungxhd103uj_s13pjdwqb10218");
user_pref("browser.search.searchengine.url", "hxxp://www.google.com/search?q={searchTerms}");
user_pref("extensions.xpiState", "{\"app-profile\":{\"iobitascsurfingprotection@iobit.com\":{\"d\":\"C:\\\\Users\\\\PC\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\
Emptied folder: C:\Users\PC\AppData\Roaming\mozilla\firefox\profiles\8v3y2dml.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.03.2015 at 15:04:55,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

RKreport
Code:
RogueKiller V10.5.1.0 (x64) [Mar  5 2015] by Adlice Software
Mail : hxxp://www.adlice.com/contact/
Feedback : hxxp://forum.adlice.com
Website : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
gestarted in : normaler Modus
User : PC [Administrator]
Started from : C:\Users\PC\Desktop\Neuer Ordner (4)\RogueKillerX64.exe
Modus : Löschen -- Datum : 03/06/2015  16:40:21

¤¤¤ Prozesse : 2 ¤¤¤
[Suspicious.Path] gaupsvc.exe(2200) -- C:\ProgramData\gaupdt\service\0\gaupsvc.exe[7] -> beendet [TermProc]
[Proc.Injected] PSANHost.exe(2964) -- C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe[7] -> beendet [TermThr]

¤¤¤ Registry : 11 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1318200210-3521828580-4078792253-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify : "C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart  -> Nicht ausgewählt
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1318200210-3521828580-4078792253-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify Web Helper : "C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"  -> Nicht ausgewählt
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1318200210-3521828580-4078792253-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify : "C:\Users\PC\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart  -> Nicht ausgewählt
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1318200210-3521828580-4078792253-1001\Software\Microsoft\Windows\CurrentVersion\Run | Spotify Web Helper : "C:\Users\PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"  -> Nicht ausgewählt
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\GaUpdateService ("C:\ProgramData\gaupdt\service\0\gaupsvc.exe") -> Nicht ausgewählt
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GaUpdateService ("C:\ProgramData\gaupdt\service\0\gaupsvc.exe") -> Nicht ausgewählt
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\GaUpdateService ("C:\ProgramData\gaupdt\service\0\gaupsvc.exe") -> Nicht ausgewählt
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> ersetzt (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> ersetzt (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> ersetzt (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> ersetzt (0)

¤¤¤ Aufgaben : 0 ¤¤¤

¤¤¤ Dateien : 0 ¤¤¤

¤¤¤ Host Dateien : 0 ¤¤¤

¤¤¤ Antirootkit : 7 (Driver: geladen) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CREATE[0] : Unknown @ 0xc75d2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_CLOSE[2] : Unknown @ 0xc75d2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0xc75d2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0xc75d2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_POWER[22] : Unknown @ 0xc75d2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0xc75d2c0
[IRP:Addr(Hook.IRP)] \SystemRoot\system32\drivers\winhv.sys - IRP_MJ_PNP[27] : Unknown @ 0xc75d2c0

¤¤¤ Web Browser : 0 ¤¤¤

¤¤¤ MBR Überprüfung : ¤¤¤
+++++ PhysicalDrive1: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] 1d9324282688e1978be81671a34233f7
[BSP] 559998d9edbdc7fae9daf2a9e4125f9f : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953766 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] 6851833f265836f568c4bd0e85c09d72
[BSP] 3983487df0e70991a0dafe8b36db8586 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_03062015_160636.log

RKill 3rd Log

Code:
Rkill 2.7.0 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 hxxp://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/06/2015 06:44:17 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * Basisfiltermodul (BFE) is not Running.
  Startup Type set to: Automatic

 * DHCP-Client (Dhcp) is not Running.
  Startup Type set to: Automatic

 * DNS-Client (Dnscache) is not Running.
  Startup Type set to: Automatic

 * COM+-Ereignissystem (EventSystem) is not Running.
  Startup Type set to: Automatic

 * Windows-Firewall (MpsSvc) is not Running.
  Startup Type set to: Automatic

 * Netzwerkverbindungen (Netman) is not Running.
  Startup Type set to: Manual

 * Netzwerkspeicher-Schnittstellendienst (nsi) is not Running.
  Startup Type set to: Automatic

 * Sicherheitscenter (wscsvc) is not Running.
  Startup Type set to: Automatic (Delayed Start)

 * Windows Update (wuauserv) is not Running.
  Startup Type set to: Manual

 * Ancillary Function Driver for Winsock (AFD) is not Running.
  Startup Type set to: System

 * Windows-Firewallautorisierungstreiber (mpsdrv) is not Running.
  Startup Type set to: Manual

 * NetBT (NetBT) is not Running.
  Startup Type set to: System

 * NSI proxy service driver. (nsiproxy) is not Running.
  Startup Type set to: System

 * NetIO-Legacy-TDI-Supporttreiber (tdx) is not Running.
  Startup Type set to: System

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1      localhost
  ::1      localhost

Program finished at: 03/06/2015 06:46:13 PM
Execution time: 0 hours(s), 1 minute(s), and 56 seconds(s)
Hitman Pro (testversion)
Code:

       
Code:

       
HitmanPro 3.7.9.238
www.hitmanpro.com

   Computer name . . . . : LAURENTH
   Windows . . . . . . . : 6.1.1.7601.X64/8
   Safe Mode Boot  . . . : MINIMAL
   User name . . . . . . : LAURENTH\PC
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Trial (29 days left)

   Scan date . . . . . . : 2015-03-06 18:49:42
   Scan mode . . . . . . : EWS
   Scan duration . . . . : 15m 34s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : No connection
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 11

   Objects scanned . . . : 2.075.240
   Files scanned . . . . : 103.608
   Remnants scanned  . . : 849.964 files / 1.121.668 keys

Suspicious files ____________________________________________________________

   C:\Users\PC\AppData\Local\Ankama\Dofus2\app\Adobe AIR\Versions\1.0\Adobe AIR.dll
      Size . . . . . . . : 15.677.856 bytes
      Age  . . . . . . . : 251.0 days (2014-06-28 19:14:24)
      Entropy  . . . . . : 7.0
      SHA-256  . . . . . : 9C5C247B63078E24570CAA8EFF5D20F9B5B1F53E42CF8D7BC953910CE83D2649
      Product  . . . . . : Adobe AIR
      Publisher  . . . . : Adobe Systems Inc.
      Description  . . . : Adobe AIR
      Version  . . . . . : 3.4.0.2540
      Copyright  . . . . : Copyright 2012, Adobe Systems Inc.
      RSA Key Size . . . : 1024
      LanguageID . . . . : 1033
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 22.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

   C:\Users\PC\AppData\Local\PunkBuster\BF2\pb\pbcl.dll
      Size . . . . . . . : 958.292 bytes
      Age  . . . . . . . : 304.8 days (2014-05-05 23:54:05)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : CA527E6BEC756E0A8920D13184946E0822CC8061ACC0C4D77592CB22DF501E6A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\PC\AppData\Local\PunkBuster\BF2\pb\pbcls.dll
      Size . . . . . . . : 958.292 bytes
      Age  . . . . . . . : 304.8 days (2014-05-05 23:54:05)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : CA527E6BEC756E0A8920D13184946E0822CC8061ACC0C4D77592CB22DF501E6A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\PC\AppData\Local\PunkBuster\BLR\pb\pbcl.dll
      Size . . . . . . . : 949.190 bytes
      Age  . . . . . . . : 728.8 days (2013-03-08 00:24:59)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : DAF43E93528BEEECC015FA98D6EE6D6FD6D19A049321E47A65665144E4511F41
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\PC\AppData\Local\PunkBuster\BLR\pb\PnkBstrK.sys
      Size . . . . . . . : 140.360 bytes
      Age  . . . . . . . : 728.8 days (2013-03-08 00:25:25)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 0F41B3843E2D2D1BB1ACF8B7CAA293309CC1CF8CF478B1AC86DD6BB214928DC4
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\PC\Downloads\FRST64.exe
      Size . . . . . . . : 2.092.544 bytes
      Age  . . . . . . . : 0.8 days (2015-03-06 00:30:18)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : A2BA42B17CF0F4D148539A6BBFEE63A27957655E58C46E592EA024FD25F3BDCF
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\PC\Downloads\FRST64.exe
          0.0s C:\Users\PC\Downloads\FRST64.exe

   C:\Users\Public\Documents\WinDS PRO Apps\windsproapps\app\Project64K7E_131\Plugin\Aristotle's Mudlord and Rice Video 6.1.9.dll
      Size . . . . . . . : 348.672 bytes
      Age  . . . . . . . : 112.3 days (2014-11-14 12:46:40)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : B9EAD4D60D18069153D8BD86E0124C8022673369FE44BF0825C17DDDB84FD100
      Fuzzy  . . . . . . : 22.0
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         The Entry Point of this file lies in a resource section. This is an indication of malware infection.
         The .rsrc (resources) section in this program is set to executable. This is an indication of malware infection.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Public\Documents\WinDS PRO Apps\windsproapps\app\Project64K7E_131\Plugin\NRage_DInput8 1.6.dll
      Size . . . . . . . : 37.888 bytes
      Age  . . . . . . . : 112.3 days (2014-11-14 12:46:40)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : BF02E5287D7371437C4889A9B7D3A5878CBFFC1682989AC7710D8ED60E8126CC
      Product  . . . . . : NRage DirectInput-Plugin
      Publisher  . . . . : Rage Software Inc
      Description  . . . : NRage_DInput8
      Version  . . . . . : 1.61
      LanguageID . . . . : 3079
      Fuzzy  . . . . . . : 24.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         The .rsrc (resources) section in this program is set to executable. This is an indication of malware infection.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Windows\SysWOW64\GameMon.des
      Size . . . . . . . : 3.975.544 bytes
      Age  . . . . . . . : 824.2 days (2012-12-02 13:27:03)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 750001935A5C5541C47A5F5C7A57228CB663DFA35A4E50BD7D368F36A732660C
      Product  . . . . . : nProtect Game Monitor
      Publisher  . . . . : INCA Internet Co., Ltd.
      Description  . . . : nProtect Game Monitor Rev 1865
      Version  . . . . . : 2012.5.3.1
      Service  . . . . . : npggsvc
      LanguageID . . . . : 1042
      Fuzzy  . . . . . . : 34.0
         The file name extension of this program is not common.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Starts automatically as a service during system bootup.
         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\npggsvc\

   C:\Windows\SysWOW64\mfc45.dat
      Size . . . . . . . : 74.703 bytes
      Age  . . . . . . . : 453.0 days (2013-12-08 19:58:10)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 916C44DD88BF4EDEA7C9F616812098920EFE1458633BA56D9BCDB436BE9655AA
      Fuzzy  . . . . . . : 22.0
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         The file name extension of this program is not common.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.

USB Fix
Code:
############################## | UsbFix V 7.902 | [Clean]

User: PC (Administrator) # LAURENTH
Updated 07/03/2015 by El Desaparecido - SosVirus
Started at 18:13:27 | 07/03/2015

Website : UsbFix - Official Website
Changelog : Changelog Archives ? UsbFix
Support : SosVirus
Live detection : How To Remove ? ? Clean your PC for free!
Contact : Contact El Desaparecido, UsbFix author

################## | System information |

MB: Gigabyte Technology Co., Ltd. (P55A-UD3)
CPU: Intel(R) Core(TM) i7 CPU        860  @ 2.80GHz
GC: NVIDIA GeForce GTX 580
RAM -> [Total : 16379 Mo | Free : 13595 Mo]
Bios: Award Software International, Inc.
Boot: Normal boot

OS: Microsoft™ Windows 7 Ultimate (6.1.7601 64-Bit) Service Pack 1
WB: Internet Explorer : 11.00.9600.16428

################## | Security Information |

AV: Panda Free Antivirus [Enabled |Updated]
AS: Panda Free Antivirus [Enabled |Updated]
AS: Windows Defender [Enabled |Updated]
AS: IObit Malware Fighter [(!) Disabled |Updated]
FW: Panda Firewall [(!) Disabled]
AS: Malwarebytes Anti-Malware : 2.0.4.1028
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

################## | Disk Information |

C:\ (%SystemDrive%) -> Fixed disk # 931 Gb (711 Gb free - 76%) [] # NTFS
D:\ -> CD-ROM # 4 Gb (0 Mb free - 0%) [Titan Quest] # UDF
E:\ -> Fixed disk # 932 Gb (733 Gb free - 79%) [Volume] # NTFS

################## | Generic Research |

Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\01-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\02-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\03-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\04-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\05-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\06-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\07-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\08-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\09-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\10-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\11-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\12-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\12-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\13-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\13-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\14-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\14-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\15-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\16-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\17-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\17-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\18-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\18-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\19-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\19-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\20-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\20-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\21-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\21-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\22-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\22-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\23-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\23-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\24-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\24-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\25-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\25-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\26-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\26-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\27-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\27-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\28-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\28-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\29-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\29-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\30-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\30-04-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\31-03-2014
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3\ak.tmp
Deleted! C:\Users\PC\AppData\Roaming\64C64AC3
Deleted! C:\Users\PC\AppData\Local\Temp\temp

(!) Temporary files deleted. (842.51305103302 MB)

################## | Registry |


################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\Windows\SysWOW64\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\SysWOW64\userinit.exe,
04 - HKCU\..\Run : [Akamai NetSession Interface] "C:\Users\PC\AppData\Local\Akamai\netsession_win.exe"
04 - HKCU\..\Run : [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKCU\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
04 - HKLM\..\Run : [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
04 - HKLM\..\Run : [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
04 - HKLM\..\Run : [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
04 - HKLM\..\Run : [SL-6481 Gaming Keyboard] "C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.exe"
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - [x64] HKLM\..\Run : [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
04 - HKU\S-1-5-20\..\Run : [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
04 - HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\..\Run : [Akamai NetSession Interface] "C:\Users\PC\AppData\Local\Akamai\netsession_win.exe"
04 - HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\..\Run : [Advanced SystemCare 8] "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
04 - HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\..\Run : [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

################## | UsbFix - Information |

UsbFix has detected on your computer, an infection which a Keylogger function.
After cleaning with UsbFix, please modify all your passwords.
If you made purchases on Internet,
please contact your bank to enviseager an opposition on your bank card.

Info : How to remove shortcut virus on flash disk (Video)
Info : Shortcut virus on flash disk, What is it ?

################## | Hijack |


################## | C:\ %SystemDrive% - Fixed drive (NTFS) |

[05/03/2015 - 23:28:10 | A | 219 Ko] - C:\TDSSKiller.3.0.0.44_05.03.2015_23.26.04_log.txt
[05/03/2015 - 23:46:54 | A | 215 Ko] - C:\TDSSKiller.3.0.0.44_05.03.2015_23.44.39_log.txt
[06/03/2015 - 18:34:14 | A | 5 Ko] - C:\TDSSKiller.3.0.0.44_06.03.2015_18.34.02_log.txt
[07/03/2015 - 08:06:51 | ASH | 12579448 Ko] - C:\hiberfil.sys
[07/03/2015 - 08:06:52 | ASH | 2072576 Ko] - C:\pagefile.sys
[05/02/2013 - 13:03:52 | SHD] - C:\$Recycle.Bin
[14/07/2009 - 06:08:56 | SHD] - C:\Documents and Settings
[23/09/2012 - 07:01:19 | D] - C:\Programme
[23/09/2012 - 07:01:19 | D] - C:\Dokumente und Einstellungen
[23/09/2012 - 07:01:19 | SHD] - C:\Recovery
[09/10/2012 - 16:55:42 | D] - C:\computec
[24/11/2012 - 01:38:29 | D] - C:\ts3overlay_hook_win64
[13/08/2013 - 21:19:41 | D] - C:\NvidiaLogging
[05/10/2013 - 17:35:31 | D] - C:\ArcTemp
[06/03/2015 - 18:14:01 | D] - C:\FRST
[06/03/2015 - 19:39:15 | D] - C:\AdwCleaner
[06/03/2015 - 21:16:41 | D] - C:\Spacekace
[06/03/2015 - 21:18:28 | RD] - C:\Users
[06/03/2015 - 23:13:28 | HD] - C:\ProgramData
[07/03/2015 - 05:16:41 | RD] - C:\Program Files (x86)
[07/03/2015 - 05:50:31 | RD] - C:\Program Files
[07/03/2015 - 08:17:10 | D] - C:\Windows
[07/03/2015 - 18:11:11 | D] - C:\UsbFix

################## | E:\ - Fixed drive (NTFS) |

[07/03/2015 - 08:06:53 | ASH | 2072576 Ko] - E:\pagefile.sys
[02/03/2015 - 18:17:26 | D] - E:\DAEMON Tools Pro Advanced 5.0.0316.0317 (2012) [MULTi][WwW.ZoNaTorrent.CoM]
[02/08/2013 - 13:43:56 | SHD] - E:\$RECYCLE.BIN
[23/12/2012 - 04:49:39 | D] - E:\Schriftenbibliothek
[28/06/2014 - 22:39:50 | D] - E:\GhostX UltimateGameKiss
[28/06/2014 - 22:45:16 | D] - E:\GKLauncher
[30/08/2014 - 13:51:03 | D] - E:\Spiele
[11/09/2014 - 22:51:01 | D] - E:\diablo III
[30/10/2014 - 21:35:13 | D] - E:\OGSweet
[11/11/2014 - 13:30:55 | D] - E:\Games
[28/11/2014 - 14:21:10 | D] - E:\programme
[28/11/2014 - 14:22:42 | D] - E:\Neuer Ordner
[11/12/2014 - 00:39:15 | D] - E:\AllMyTube Downloaded
[11/12/2014 - 00:39:16 | D] - E:\AllMyTube Converted
[06/03/2015 - 17:28:21 | D] - E:\Desktop
[07/03/2015 - 05:39:39 | D] - E:\wtfx

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
E:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | SosVirus ? SosVirus | UsbFix - Official Website |

JRT second log

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Ultimate x64
Ran by PC on 08.03.2015 at  5:20:02,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1318200210-3521828580-4078792253-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.03.2015 at  5:22:19,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gmer log 8.3 5 Uhr morgens.

Code:
GMER 2.1.19357 - hxxp://www.gmer.net
3rd party scan 2015-03-08 05:32:46
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdePort1 SAMSUNG_HD103UJ rev.1AA01113 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\PC\AppData\Local\Temp\uxrcapob.sys


---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk1\DR1                                        unknown MBR code

---- Devices - GMER 2.1 ----

Device  \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-8                  fffffa800d0f32c0
Device  \Driver\atapi \Device\Ide\IdePort4                            fffffa800d0f32c0
Device  \Driver\atapi \Device\Ide\IdePort0                            fffffa800d0f32c0
Device  \Driver\atapi \Device\Ide\IdePort5                            fffffa800d0f32c0
Device  \Driver\atapi \Device\Ide\IdeDeviceP4T0L0-0                  fffffa800d0f32c0
Device  \Driver\atapi \Device\Ide\IdePort1                            fffffa800d0f32c0
Device  \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-7                  fffffa800d0f32c0
Device  \Driver\atapi \Device\Ide\IdePort2                            fffffa800d0f32c0
Device  \Driver\atapi \Device\Ide\IdePort3                            fffffa800d0f32c0
Device  \Driver\a20nso6e \Device\Scsi\a20nso6e1                      fffffa800e9ca2c0
Device  \Driver\mv91xx \Device\Scsi\mv91xx1                          fffffa800d0f52c0
Device  \Driver\mv91xx \Device\Scsi\mv91xx1Port6Path0Target7Lun0      fffffa800d0f52c0
Device  \Driver\a20nso6e \Device\Scsi\a20nso6e1Port7Path0Target0Lun0  fffffa800e9ca2c0
Device  \FileSystem\Ntfs \Ntfs                                        fffffa800d0f92c0

---- Modules - GMER 2.1 ----

Module  \SystemRoot\System32\Drivers\a20nso6e.SYS                    fffff88004600000-fffff8800464c000 (311296 bytes)

---- EOF - GMER 2.1 ----
Ja ehm.. der zweite Teil der Logfiles.. ist nen bisschen.. ehm.. verloren gegangen, weil das Forum es nicht gepostet hat.. ehm.. also ich mach das morgen. danke. (oder bis dahin wurde die Zip geöffnet - einfach nach Datum ordnen und die letzten vier - das was ich gemacht hab, nach dem ich die Einleitung hier gelesen hab)

schrauber 09.03.2015 16:14
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Amaya 13.03.2015 00:24
Da bin ich wieder.

Hier der Log zum FRST !64!


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by PC (administrator) on LAURENTH on 12-03-2015 14:22:28
Running from C:\Users\PC\Downloads
Loaded Profiles: PC (Available profiles: PC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "E:\wtfx\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) E:\hmchi\hamachi-2.exe
(LogMeIn, Inc.) E:\hmchi\LMIGuardianSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Akamai Technologies, Inc.) C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Waterfox) E:\wtfx\waterfox.exe
(Mozilla Corporation) E:\wtfx\plugin-container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Farbar) C:\Users\PC\Downloads\FRST64(1).exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\hmchi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Run: [Akamai NetSession Interface] => C:\Users\PC\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\MountPoints2: {44dbe384-04d2-11e2-847c-806e6f6e6963} - D:\menue.exe
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\MountPoints2: {c05ae8cf-f9d7-11e2-a6ca-6cf049e6c4ea} - H:\BvsC_Setup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - No CLSID Value
Handler: WSAllMyTubechrome - No CLSID Value
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-07-17] (DivX, LLC)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2013-05-22] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\npArcPluginFF.dll [2014-11-24] (Perfect World Entertainment Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1318200210-3521828580-4078792253-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-21] ()
FF Extension: Avira Browser Safety - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default\Extensions\abs@avira.com [2015-03-09]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default\Extensions\iobitascsurfingprotection@iobit.com [2015-03-05]
FF Extension: Adblock Plus - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com
FF Extension: Wondershare AllMyTube - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com [2014-12-11]
FF HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
S4 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-11-24] (Perfect World Entertainment Inc)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 GaUpdateService; C:\ProgramData\gaupdt\service\0\gaupsvc.exe [1558032 2013-03-19] ()
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 Hamachi2Svc; E:\hmchi\hamachi-2.exe [2490216 2015-02-17] (LogMeIn Inc.)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3975544 2012-05-09] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-29] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-05-29] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 LMIGuardianSvc; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-02-25] (Avira Operations GmbH & Co. KG)
S3 EagleX64; No ImagePath
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-24] (REALiX(tm))
S2 LMIInfo; No ImagePath
S4 LMIRfsClientNP; No ImagePath
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-12-04] (Audials AG)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128856 2013-06-05] (Razer USA Ltd)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-24] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-09-23] (Duplex Secure Ltd.)
S3 X6va008; No ImagePath
S3 X6va012; No ImagePath
S3 X6va021; No ImagePath
S3 X6va028; No ImagePath
S3 xhunter1; No ImagePath
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-12 14:20 - 2015-03-12 14:20 - 02095616 _____ (Farbar) C:\Users\PC\Downloads\FRST64(1).exe
2015-03-11 18:45 - 2015-03-11 18:45 - 00000028 _____ () C:\Users\PC\Desktop\ftb erze.txt
2015-03-11 18:23 - 2015-03-11 18:23 - 00000013 _____ () C:\Users\PC\Desktop\test.txt
2015-03-11 13:26 - 2015-03-11 13:26 - 00001086 _____ () C:\Windows\PFRO.log
2015-03-11 01:42 - 2015-03-12 07:10 - 00001456 _____ () C:\Windows\setupact.log
2015-03-11 01:42 - 2015-03-11 01:42 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-10 23:03 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-10 23:03 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-10 23:03 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-10 23:03 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-10 23:03 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-10 23:03 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-10 23:03 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-10 23:03 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-10 23:03 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-10 23:03 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-10 23:03 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-10 23:03 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-10 23:03 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-10 23:03 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-10 23:03 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-10 23:03 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-10 23:03 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-10 23:03 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-10 23:03 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-10 23:03 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-10 23:03 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-10 23:03 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-10 23:03 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-10 23:03 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-10 23:03 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-10 23:03 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-10 23:03 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-10 23:03 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-10 23:03 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-10 23:03 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-10 23:03 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-10 23:03 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-10 23:03 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-10 23:03 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-10 23:03 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-10 23:03 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-10 23:03 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-10 23:03 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-10 23:03 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-10 23:03 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-10 23:03 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-10 23:03 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-10 23:03 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-10 23:03 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-10 23:03 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-10 23:03 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-10 23:03 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-10 23:03 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-10 23:03 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-10 23:03 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-10 23:03 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-10 23:03 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-10 23:03 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-10 23:03 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-10 23:03 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-10 23:02 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-10 23:02 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-10 23:02 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-10 23:02 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-10 23:02 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-10 23:02 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-10 23:02 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-10 23:02 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-10 23:02 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-10 23:02 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-10 23:02 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-10 23:02 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-10 23:02 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-10 23:02 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-10 23:02 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-10 23:02 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-10 23:02 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-10 23:02 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-10 23:02 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-10 23:02 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-10 23:02 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-10 23:02 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-10 23:02 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-10 23:02 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-10 23:02 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-10 23:02 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-10 23:02 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-10 23:02 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 23:02 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-10 23:02 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-10 23:02 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-10 23:02 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-10 23:02 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-10 23:02 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-10 23:02 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-10 23:02 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-10 23:02 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-10 23:02 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-10 23:02 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-10 23:02 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-10 23:02 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-10 23:02 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-10 23:02 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-10 23:02 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-10 23:02 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-10 23:02 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-10 23:02 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-10 23:02 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-10 23:02 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-10 23:02 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-10 23:02 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-10 23:02 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-10 23:02 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-10 23:02 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-10 23:02 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-10 23:02 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-10 23:02 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-10 23:02 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-10 23:02 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 23:02 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-10 23:02 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-10 22:43 - 2015-03-10 22:43 - 34103034 _____ () C:\Users\PC\Downloads\Ultimate_Server.zip
2015-03-10 22:32 - 2015-03-11 15:33 - 00000000 ____D () C:\ftb
2015-03-10 22:30 - 2015-03-11 15:38 - 00000000 ____D () C:\Users\PC\AppData\Local\ftblauncher
2015-03-10 22:30 - 2015-03-10 22:32 - 00000000 ____D () C:\Users\PC\AppData\Roaming\ftblauncher
2015-03-10 22:30 - 2015-03-10 22:30 - 06623853 _____ () C:\Users\PC\Downloads\FTB_Launcher.exe
2015-03-10 22:30 - 2015-03-10 22:30 - 06591597 _____ () C:\Users\PC\Downloads\FTB_Launcher.jar
2015-03-10 20:08 - 2015-03-10 20:09 - 437581680 _____ () C:\Users\PC\Downloads\Die Beschenkte(2).wma
2015-03-10 20:03 - 2015-03-10 20:05 - 437581680 _____ () C:\Users\PC\Downloads\Die Beschenkte(1).wma
2015-03-10 00:34 - 2015-03-10 00:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\java
2015-03-09 18:36 - 2015-03-12 00:07 - 00000000 ____D () C:\Users\PC\AppData\Local\LogMeIn Hamachi
2015-03-09 18:36 - 2015-03-09 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-09 18:33 - 2015-03-09 18:33 - 08548352 _____ () C:\Users\PC\Downloads\hamachi.msi
2015-03-09 13:27 - 2015-03-09 13:27 - 00000000 ____D () C:\Users\PC\AppData\Local\Steam
2015-03-08 18:42 - 2015-03-11 13:27 - 00276968 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-08 18:41 - 2015-03-08 18:41 - 73826304 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag
2015-03-08 18:28 - 2015-03-08 18:31 - 00000000 ____D () C:\Program Files (x86)\Convar
2015-03-08 18:28 - 2015-03-08 18:28 - 03462033 _____ () C:\Users\PC\Downloads\pci_4filerecovery.exe
2015-03-08 18:18 - 2015-03-08 18:18 - 00062496 _____ () C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-08 18:07 - 2015-03-08 18:15 - 00045452 _____ () C:\Users\PC\Desktop\Logfiles.zip
2015-03-08 17:55 - 2015-03-08 17:55 - 00002337 _____ () C:\Users\PC\Desktop\Neues Textdokument (4).txt
2015-03-08 17:29 - 2015-03-08 17:29 - 02095104 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-03-08 17:29 - 2015-03-08 17:29 - 00000000 ____D () C:\Users\PC\Desktop\FRST-OlderVersion
2015-03-08 17:19 - 2015-03-08 17:19 - 00000576 _____ () C:\Users\PC\Desktop\defogger_disable.log
2015-03-08 17:19 - 2015-03-08 17:19 - 00000020 _____ () C:\Users\PC\defogger_reenable
2015-03-08 17:17 - 2015-03-08 17:17 - 00050477 _____ () C:\Users\PC\Desktop\Defogger.exe
2015-03-08 17:13 - 2015-03-08 17:13 - 00000000 ____D () C:\Users\PC\AppData\Local\AnVir
2015-03-08 16:58 - 2015-03-08 16:58 - 00000000 _____ () C:\Users\PC\Desktop\Fbars.txt
2015-03-08 16:29 - 2015-03-08 16:32 - 00000076 _____ () C:\Users\PC\Desktop\Neues Textdokument (3).txt
2015-03-08 10:17 - 2015-03-08 15:26 - 10995632 _____ (SurfRight B.V.) C:\Users\PC\Downloads\hitmanpro_x64.exe
2015-03-08 10:17 - 2015-03-08 10:17 - 02209056 _____ () C:\Users\PC\Downloads\avira-eu-cleaner_de.exe
2015-03-08 10:16 - 2015-03-08 10:16 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-08 10:14 - 2015-03-08 10:14 - 00005651 _____ () C:\Users\PC\Desktop\UsbFix_Report.txt
2015-03-08 09:54 - 2015-03-08 09:54 - 20268032 _____ (Microsoft Corporation) C:\Users\PC\Downloads\imageres.dll
2015-03-08 09:40 - 2015-03-08 09:40 - 12184357 _____ () C:\Users\PC\Downloads\imageres.zip
2015-03-08 08:23 - 2015-03-08 08:23 - 06870552 _____ (ParetoLogic, Inc.) C:\Users\PC\Downloads\RegCureProSetup.exe
2015-03-08 07:51 - 2015-03-08 07:51 - 00030973 _____ () C:\Users\PC\Desktop\w1.txt
2015-03-08 05:19 - 2015-03-08 05:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2015-03-08 05:19 - 2015-03-08 05:19 - 00000000 ____D () C:\Program Files (x86)\FileASSASSIN
2015-03-08 04:20 - 2015-03-08 04:20 - 00000240 _____ () C:\Users\PC\Desktop\leg.reg
2015-03-08 03:49 - 2015-03-08 03:48 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-08 03:28 - 2015-03-08 03:28 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Avira
2015-03-08 03:20 - 2015-02-25 17:53 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-08 03:20 - 2015-02-25 17:53 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-08 03:20 - 2015-02-25 17:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-03-08 03:19 - 2015-03-08 03:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-08 03:19 - 2015-03-08 03:20 - 00000000 ____D () C:\ProgramData\Avira
2015-03-08 03:19 - 2015-03-08 03:20 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-08 03:19 - 2015-03-08 03:19 - 00001211 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-03-07 23:32 - 2010-03-10 16:31 - 00000000 ____D () C:\Users\PC\Desktop\Double Driver
2015-03-07 23:31 - 2015-03-07 23:31 - 02165485 _____ () C:\Users\PC\Downloads\double_driver_4.1.0_portable.zip
2015-03-07 22:41 - 2015-03-07 22:41 - 01663104 _____ () C:\Users\PC\Downloads\PANDAIS15.exe
2015-03-07 21:55 - 2015-03-07 21:55 - 05297736 _____ (SuperEasy Software GmbH & Co. KG ) C:\Users\PC\Desktop\driverupdater.exe
2015-03-07 20:13 - 2015-03-07 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrar Registry Manager
2015-03-07 20:13 - 2015-03-07 20:13 - 00000000 ____D () C:\Program Files\Registrar Registry Manager
2015-03-07 19:57 - 2015-03-07 20:07 - 00008552 _____ () C:\Users\PC\Desktop\FarBars Recover Anleitung.txt
2015-03-07 19:51 - 2015-03-08 18:10 - 00000000 ____D () C:\Users\PC\Desktop\AnVir
2015-03-07 17:32 - 2015-03-08 10:14 - 00000000 ____D () C:\UsbFix
2015-03-07 08:20 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-07 08:20 - 2014-08-30 03:10 - 06583296 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-07 08:20 - 2014-08-30 02:50 - 05702656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-07 07:57 - 2015-03-07 07:57 - 00003051 _____ () C:\Users\PC\AppData\Local\Temp6.html
2015-03-07 07:57 - 2015-03-07 07:57 - 00001293 _____ () C:\Users\PC\AppData\Local\Temp1.html
2015-03-07 06:11 - 2015-03-07 06:11 - 00000000 _____ () C:\Users\PC\Desktop\Neues Textdokument (2).txt
2015-03-07 05:50 - 2015-03-07 05:50 - 00000821 _____ () C:\Users\PC\Desktop\SanityCheck.lnk
2015-03-07 05:50 - 2015-03-07 05:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanityCheck
2015-03-07 05:50 - 2015-03-07 05:50 - 00000000 ____D () C:\Program Files\SanityCheck
2015-03-07 05:44 - 2015-03-07 05:44 - 02957424 _____ () C:\Users\PC\Desktop\funk.reg
2015-03-07 05:39 - 2015-03-07 05:39 - 00000596 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk
2015-03-07 05:07 - 2015-03-07 05:07 - 00006568 _____ () C:\Users\PC\Documents\cc_20150307_050726.reg
2015-03-07 04:53 - 2015-03-07 04:53 - 01092680 _____ (Smart PC Solutions ) C:\Users\PC\Downloads\fixregistry27.exe
2015-03-07 04:48 - 2015-03-07 04:48 - 00005216 _____ () C:\Users\PC\Downloads\tessss.txt
2015-03-07 04:14 - 2015-03-07 04:16 - 00013075 _____ () C:\Users\PC\Desktop\bookmarks_07.03.15.html
2015-03-07 04:05 - 2015-03-08 17:37 - 00000000 ____D () C:\Users\PC\AppData\Local\CrashDumps
2015-03-06 23:42 - 2015-03-06 23:42 - 00000000 ___RD () C:\Users\PC\Desktop\TEAMGEIST
2015-03-06 23:14 - 2015-03-06 23:14 - 00000000 ____D () C:\Users\PC\Tracing
2015-03-06 23:13 - 2015-03-06 23:13 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-06 23:13 - 2015-03-06 23:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-06 23:13 - 2015-03-06 23:13 - 00000000 ____D () C:\ProgramData\Skype
2015-03-06 23:13 - 2015-03-06 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-06 23:12 - 2015-03-06 23:12 - 00003152 _____ () C:\Windows\System32\Tasks\{75A5D437-EAD1-4FF1-BCFA-D23C47968FD7}
2015-03-06 22:47 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-03-06 22:47 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-03-06 22:47 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-03-06 22:47 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-03-06 22:47 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-03-06 22:47 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-03-06 22:47 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-03-06 22:47 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-03-06 22:47 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-03-06 22:47 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-03-06 22:47 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-03-06 22:47 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-03-06 22:47 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-03-06 22:47 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-03-06 22:47 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-03-06 22:29 - 2015-03-06 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-06 21:47 - 2015-03-06 21:47 - 00431144 _____ () C:\Users\PC\Downloads\Mediakey.zip
2015-03-06 21:42 - 2015-03-06 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown Device Identifier 8.02
2015-03-06 21:42 - 2015-03-06 21:42 - 00000000 ____D () C:\Program Files\Unknown Device Identifier
2015-03-06 21:41 - 2015-03-06 21:41 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-06 21:38 - 2015-03-06 18:10 - 00000872 _____ () C:\Windows\system32\Drivers\etc\hosts.20150306-213833.backup
2015-03-06 21:18 - 2015-03-06 21:18 - 00000000 ____D () C:\Users\nsk1051.tmp
2015-03-06 21:16 - 2015-03-06 21:16 - 00000000 ____D () C:\Spacekace
2015-03-06 19:03 - 2015-03-06 19:20 - 00000021 _____ () C:\Users\PC\Desktop\Neues Textdokument.txt
2015-03-06 18:47 - 2015-03-06 18:47 - 00000000 ____D () C:\Users\PC\Desktop\backups
2015-03-06 18:43 - 2015-03-06 18:43 - 00000000 ____D () C:\Users\PC\Desktop\Neuer Ordner (2)
2015-03-06 18:32 - 2015-03-06 18:46 - 00004586 _____ () C:\Users\PC\Desktop\Rkill.txt
2015-03-06 18:31 - 2015-03-06 18:31 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-06 18:31 - 2015-03-06 18:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-06 18:31 - 2015-03-06 18:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-06 18:31 - 2015-03-06 18:31 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-06 18:29 - 2015-03-06 18:29 - 00159578 _____ () C:\Users\PC\Downloads\JavaRa-2.6.zip
2015-03-06 18:29 - 2015-03-06 18:29 - 00159578 _____ () C:\Users\PC\Downloads\JavaRa-2.6 (1).zip
2015-03-06 18:28 - 2015-03-06 18:28 - 00000000 _____ () C:\Windows\SysWOW64\REN7BCA.tmp
2015-03-06 17:33 - 2015-03-06 17:33 - 00013330 _____ () C:\Users\PC\Desktop\KBDRU1.DLL - Verknüpfung.lnk
2015-03-06 17:05 - 2015-03-07 07:53 - 00000000 ____D () C:\Users\PC\Desktop\Procmon
2015-03-06 16:41 - 2015-03-06 16:41 - 00004894 _____ () C:\Users\PC\Desktop\RKreport_DEL_03062015_164021.log
2015-03-06 16:12 - 2015-03-06 16:28 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-06 15:59 - 2015-03-06 16:41 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-06 15:59 - 2015-03-06 15:59 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-06 15:11 - 2015-03-06 15:11 - 13787245 _____ () C:\Users\PC\Downloads\SL-6481-BK_Driver_V1.3.zip
2015-03-06 15:03 - 2015-03-06 15:25 - 00000000 ____D () C:\Users\PC\Documents\ProcAlyzer Dumps
2015-03-06 03:18 - 2015-03-06 03:18 - 00000476 __RSH () C:\Users\PC\ntuser.pol
2015-03-06 03:00 - 2015-03-07 05:01 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-06 03:00 - 2015-03-06 21:41 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-06 03:00 - 2015-03-06 03:00 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-06 01:58 - 2015-03-06 01:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
2015-03-06 01:58 - 2015-03-06 01:58 - 00000000 ____D () C:\Program Files (x86)\Hex-Editor MX
2015-03-06 00:39 - 2015-03-06 00:39 - 00086858 _____ () C:\Users\PC\Downloads\Shortcut.txt
2015-03-06 00:38 - 2015-03-06 00:39 - 00042522 _____ () C:\Users\PC\Downloads\Addition.txt
2015-03-06 00:37 - 2015-03-12 14:22 - 00015171 _____ () C:\Users\PC\Downloads\FRST.txt
2015-03-06 00:34 - 2015-03-12 14:22 - 00000000 ____D () C:\FRST
2015-03-06 00:30 - 2015-03-06 00:30 - 02092544 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2015-03-05 23:56 - 2015-03-05 23:56 - 00156624 _____ () C:\Users\PC\Downloads\RkU3.7.300.501.zip
2015-03-05 23:55 - 2015-03-05 23:55 - 00916072 _____ (F-Secure Corporation) C:\Users\PC\Downloads\fsbl1067.exe
2015-03-05 23:41 - 2015-03-05 23:42 - 00002764 _____ () C:\Users\PC\Desktop\Rkill (2).txt
2015-03-05 23:41 - 2015-03-05 23:41 - 00000000 ____D () C:\Users\PC\Desktop\rkill
2015-03-05 23:11 - 2015-03-08 17:25 - 00000000 ____D () C:\Users\PC\Desktop\Anti Spy
2015-03-05 23:09 - 2015-03-05 23:09 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\PC\Desktop\iExplore.exe
2015-03-05 20:32 - 2015-03-05 20:54 - 00009304 _____ () C:\Users\PC\Desktop\hijackthis.log
2015-03-05 20:20 - 2015-03-05 20:20 - 00000000 __SHD () C:\Users\PC\AppData\Local\EmieBrowserModeList
2015-03-05 20:14 - 2015-03-05 20:14 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2015-03-05 19:54 - 2015-03-05 19:54 - 01686759 _____ () C:\Users\PC\Downloads\PSTools.zip
2015-03-05 18:59 - 2015-03-06 19:21 - 00001178 _____ () C:\Windows\SysWOW64\BroomData.bit
2015-03-05 18:59 - 2013-04-08 15:30 - 00022752 _____ () C:\Windows\system32\PCloudBroom64.exe
2015-03-05 18:08 - 2015-03-05 18:08 - 00943832 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-03-05 18:08 - 2015-03-05 18:08 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-03-05 18:04 - 2015-03-06 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-05 17:57 - 2015-03-05 17:57 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-05 17:57 - 2015-03-05 17:57 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-03-05 17:57 - 2015-03-05 17:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-05 17:40 - 2015-03-09 18:34 - 00002898 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_PC
2015-03-05 17:34 - 2015-03-05 17:34 - 00001174 _____ () C:\Users\PC\Desktop\IObit Uninstaller.lnk
2015-03-05 17:10 - 2015-03-05 17:11 - 60205784 _____ () C:\Users\PC\Downloads\Waterfox_36.0_Setup (1).exe
2015-03-05 17:05 - 2015-03-05 17:05 - 00004884 _____ () C:\Users\PC\Documents\links.txt
2015-03-05 16:10 - 2015-03-05 16:10 - 00008507 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2015-03-03 19:31 - 2015-03-03 19:31 - 00000000 ____D () C:\Users\PC\.thumbnails
2015-03-03 15:27 - 2015-03-05 17:12 - 00000000 ____D () C:\Users\PC\.gimp-2.8
2015-03-03 15:27 - 2015-03-03 15:27 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-03-03 15:26 - 2015-03-03 15:27 - 00000000 ____D () C:\Program Files\GIMP 2
2015-03-03 15:24 - 2015-03-03 15:25 - 00000000 ____D () C:\Users\PC\Downloads\Divergent
2015-03-03 07:01 - 2015-03-03 07:03 - 58384493 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 7 - Frame Sets.zip
2015-03-03 07:01 - 2015-03-03 07:01 - 01686393 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 5 - Medieval Architecture.zip
2015-03-03 07:01 - 2015-03-03 07:01 - 00590854 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 2 - Metal & Stone.zip
2015-03-03 07:00 - 2015-03-03 07:01 - 00687738 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 3 - Crystal & Liquid.zip
2015-03-03 07:00 - 2015-03-03 07:00 - 00537139 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 1 - Floor & Wall.zip
2015-03-03 06:59 - 2015-03-03 07:00 - 09840461 _____ (Spiral Graphics Inc.) C:\Users\PC\Downloads\Genetica Viewer 3.5 Setup.exe
2015-03-03 06:59 - 2015-03-03 06:59 - 04645910 _____ (Spiral Graphics Inc. ) C:\Users\PC\Downloads\Wood_Workshop_1,01_Setup.exe
2015-03-03 06:04 - 2015-03-05 23:10 - 00000000 ____D () C:\Users\PC\Desktop\Eigenes Texture Pack light
2015-03-03 05:03 - 2015-03-03 05:03 - 02809041 _____ () C:\Users\PC\Downloads\abstaria.zip
2015-03-03 05:02 - 2015-03-03 05:02 - 07753333 _____ () C:\Users\PC\Downloads\Okami Texture Pack_x64_1.6.2.zip
2015-03-03 05:00 - 2015-03-03 05:00 - 48264336 _____ () C:\Users\PC\Downloads\The Next Big Thing 2013 1.7.2.zip
2015-03-03 04:50 - 2015-03-03 04:51 - 39792674 _____ () C:\Users\PC\Downloads\HerrSommer Dye - 1.8 - v2.zip
2015-03-03 04:45 - 2015-03-03 04:46 - 65669183 _____ () C:\Users\PC\Downloads\HD Realism (Light).zip
2015-03-03 04:39 - 2015-03-03 04:39 - 05488685 _____ () C:\Users\PC\Downloads\Pebbles 32x32 v.0.95.zip
2015-03-03 04:38 - 2015-03-03 04:39 - 50065163 _____ () C:\Users\PC\Downloads\1.7.2 64x Scaramandos Halloween(2).zip
2015-03-03 04:30 - 2015-03-03 04:30 - 38532761 _____ () C:\Users\PC\Downloads\Moartex HD_1.6.1.zip
2015-03-03 04:25 - 2015-03-03 04:25 - 25141775 _____ () C:\Users\PC\Downloads\Wolion64.zip
2015-03-03 04:20 - 2015-03-03 04:20 - 21181489 _____ () C:\Users\PC\Downloads\Evolutrium Craft 64x [1.7.4].zip
2015-03-03 04:20 - 2015-03-03 04:20 - 09206747 _____ () C:\Users\PC\Downloads\Battlefield 3 resource pack 1.7.x.zip
2015-03-03 04:14 - 2015-03-03 04:15 - 42740954 _____ () C:\Users\PC\Downloads\HerrSommer  Medieval - 1.8 - v2-3 wip.zip
2015-03-03 04:13 - 2015-03-03 04:13 - 40517657 _____ () C:\Users\PC\Downloads\HerrSommer - 1.8 - v2.zip
2015-03-03 04:11 - 2015-03-03 04:11 - 34633116 _____ () C:\Users\PC\Downloads\[64]outdated version search for v8.zip
2015-03-03 04:08 - 2015-03-03 04:09 - 06905541 _____ () C:\Users\PC\Downloads\[1.8] Arcility [HD - 64x] 11914.zip
2015-03-03 04:08 - 2015-03-03 04:08 - 05175548 _____ () C:\Users\PC\Downloads\Finlandia 1.8.zip
2015-03-03 04:02 - 2015-03-03 04:02 - 55852704 _____ () C:\Users\PC\Downloads\64 x 64 Hyperion HD Texture Pack (new).zip
2015-03-03 04:02 - 2015-03-03 04:02 - 00748598 _____ () C:\Users\PC\Downloads\Serinity HD [1.8.1].zip
2015-03-03 03:56 - 2015-03-03 03:56 - 11338545 _____ () C:\Users\PC\Downloads\willpack4.zip
2015-03-03 03:54 - 2015-03-03 03:54 - 00777106 _____ () C:\Users\PC\Downloads\Lithos Luminous.zip
2015-03-03 03:53 - 2015-03-03 03:53 - 06259465 _____ () C:\Users\PC\Downloads\ProZeth 1.8 v2.7.zip
2015-03-03 03:53 - 2015-03-03 03:53 - 00048048 _____ () C:\Users\PC\Downloads\_Lithos_HD_Font_Add-on.zip
2015-03-03 03:52 - 2015-03-03 03:52 - 11301346 _____ () C:\Users\PC\Downloads\SummerFields_1.8.X.zip
2015-03-03 03:44 - 2015-03-03 03:44 - 01619803 _____ () C:\Users\PC\Downloads\Nagareru - 1.0.zip
2015-03-03 03:42 - 2015-03-03 03:42 - 13724372 _____ () C:\Users\PC\Downloads\Wuggi-Craft_Fantasia v.102.zip
2015-03-03 03:42 - 2015-03-03 03:42 - 04042384 _____ () C:\Users\PC\Downloads\Romecraft GERMANIA 14.5.zip
2015-03-03 03:39 - 2015-03-03 03:41 - 221112346 _____ () C:\Users\PC\Downloads\CCCode-dokustash-d9d644b6c5ed.zip
2015-03-03 03:38 - 2015-03-03 03:38 - 23534658 _____ () C:\Users\PC\Downloads\1.7-MegaDoku-TSC-Light.zip
2015-03-03 03:38 - 2015-03-03 03:38 - 01181511 _____ () C:\Users\PC\Downloads\Thaumcraft-lV-Dokucraft-1.7.10.zip
2015-03-03 03:35 - 2015-03-03 03:35 - 23914948 _____ () C:\Users\PC\Downloads\WesterosCraft Survival.zip
2015-03-03 03:33 - 2015-03-03 03:34 - 54364655 _____ () C:\Users\PC\Downloads\1.8.1 -Dokucraft_Dwarven_v67.zip
2015-03-03 03:30 - 2015-03-03 03:30 - 03284713 _____ () C:\Users\PC\Downloads\Wayukian_pack_v6.1.zip
2015-03-03 01:36 - 2015-03-07 05:30 - 00000000 ____D () C:\Users\PC\Desktop\512
2015-03-03 00:23 - 2015-03-07 05:13 - 00000000 ____D () C:\Users\PC\AppData\Roaming\inkscape
2015-03-03 00:18 - 2015-03-03 00:19 - 43314243 _____ (inkscape.org) C:\Users\PC\Downloads\Inkscape-0.91-1.exe
2015-03-03 00:17 - 2015-03-03 00:17 - 06528454 _____ () C:\Users\PC\Downloads\paint.net.4.0.5.install.zip
2015-03-02 22:41 - 2015-03-06 15:24 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Spotify
2015-03-02 22:41 - 2015-03-02 22:41 - 00001776 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-02 20:53 - 2015-03-08 17:12 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2015-03-02 20:32 - 2015-03-02 20:32 - 00005584 _____ () C:\Users\PC\Documents\cc_20150302_203208.reg
2015-03-02 12:20 - 2015-03-07 22:27 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Panda Security
2015-03-02 12:19 - 2015-03-07 22:28 - 00000000 ____D () C:\ProgramData\Panda Security
2015-03-02 04:24 - 2015-03-08 15:26 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-03-02 03:44 - 2015-03-02 03:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-02 02:52 - 2015-03-02 03:33 - 00000000 ____D () C:\Windows\system32\log
2015-03-01 19:10 - 2015-03-01 19:18 - 174466376 _____ () C:\Users\PC\Downloads\KoP 1.8 V9 eXtrem Part1.zip
2015-02-28 14:15 - 2015-02-28 14:16 - 00000000 ____D () C:\Program Files (x86)\Minecraft
2015-02-28 14:15 - 2015-02-28 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-02-27 00:21 - 2015-02-27 00:21 - 00000000 ____D () C:\Users\PC\Documents\PDF Files
2015-02-24 00:32 - 2015-02-24 00:34 - 437581680 _____ () C:\Users\PC\Downloads\Die Beschenkte.wma
2015-02-24 00:30 - 2015-02-24 00:32 - 451398198 _____ () C:\Users\PC\Downloads\Wild Cards_01.wma
2015-02-17 15:19 - 2015-02-17 15:25 - 451505806 _____ () C:\Users\PC\Downloads\Die Flammen der Dämmerung_02.wma
2015-02-17 13:26 - 2015-02-05 18:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-17 13:25 - 2015-02-05 22:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-17 13:25 - 2015-02-05 22:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-17 03:56 - 2015-02-17 04:01 - 448183150 _____ () C:\Users\PC\Downloads\Die Flammen der Dämmerung_01(2).wma
2015-02-16 16:56 - 2015-02-16 16:56 - 08544256 _____ () C:\Users\PC\Downloads\hamachi_install_2.2.0.303.msi
2015-02-16 16:20 - 2015-02-16 16:20 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2015-02-16 14:34 - 2015-02-16 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-02-16 14:32 - 2006-09-20 16:58 - 00040960 _____ () C:\Windows\SysWOW64\psfind.dll
2015-02-16 14:29 - 2015-02-16 14:29 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-02-15 21:06 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-15 21:06 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-12 00:09 - 2012-10-14 14:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\TS3Client
2015-03-11 20:28 - 2013-08-13 23:38 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{02AECB88-615E-4C17-8DEF-93C5E174B3CD}
2015-03-11 14:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-11 13:38 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-11 13:38 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-11 13:34 - 2014-12-23 00:18 - 00002848 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (PC)
2015-03-11 13:32 - 2015-02-09 23:57 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-03-11 13:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-11 13:31 - 2012-11-08 13:53 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-11 13:27 - 2012-09-22 18:25 - 00000000 ____D () C:\Windows\Panther
2015-03-11 13:23 - 2012-09-22 17:29 - 01841538 _____ () C:\Windows\WindowsUpdate.log
2015-03-11 13:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 13:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 13:05 - 2013-07-23 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 13:01 - 2012-09-23 07:22 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 02:20 - 2012-09-26 17:48 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype
2015-03-10 23:40 - 2014-04-23 02:17 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.minecraft
2015-03-10 23:39 - 2014-04-25 21:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-08 18:41 - 2015-02-09 19:50 - 73826304 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-03-08 18:41 - 2015-02-09 19:50 - 05705728 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-03-08 18:41 - 2015-02-09 19:50 - 00036864 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-03-08 18:41 - 2015-02-09 19:50 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-03-08 18:37 - 2012-09-23 17:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BitTorrent
2015-03-08 17:19 - 2012-09-23 07:04 - 00000000 ____D () C:\Users\PC
2015-03-08 17:10 - 2013-11-10 03:27 - 00000000 ____D () C:\Users\PC\Downloads\Dreamhunter (The Dreamhunter Duet, #1) - Elizabeth Knox
2015-03-08 17:05 - 2014-11-30 18:42 - 00000000 ____D () C:\Users\PC\Downloads\Rune Factory Tides of Destiny [wii][NTSC][Scrubbed]-TLS
2015-03-08 17:03 - 2015-01-17 15:09 - 00000000 ____D () C:\Users\PC\Downloads\James Dashner - The Rule of Thoughts (2014)
2015-03-08 17:02 - 2012-12-24 00:58 - 00000000 ____D () C:\Users\PC\AppData\Roaming\IObit
2015-03-08 17:02 - 2012-12-24 00:58 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-08 16:41 - 2014-10-30 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OGPlanet
2015-03-08 16:39 - 2013-01-01 22:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-08 15:54 - 2013-12-10 20:25 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-08 09:34 - 2012-11-23 21:25 - 00007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2015-03-08 05:04 - 2014-12-24 02:12 - 00000000 ____D () C:\AdwCleaner
2015-03-08 03:19 - 2014-03-03 21:54 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-08 00:10 - 2013-06-27 16:39 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-03-07 19:43 - 2012-12-02 20:05 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-07 05:30 - 2014-07-16 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
2015-03-07 05:16 - 2014-10-05 15:51 - 00000000 ____D () C:\ProgramData\HappyCloud
2015-03-07 05:13 - 2014-05-09 20:29 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-07 05:12 - 2012-11-15 18:09 - 00000000 ____D () C:\Users\PC\AppData\Local\Google
2015-03-07 05:03 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-06 22:42 - 2012-10-04 16:36 - 01625086 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-06 22:42 - 2009-07-14 18:58 - 00710500 _____ () C:\Windows\system32\perfh007.dat
2015-03-06 22:42 - 2009-07-14 18:58 - 00154830 _____ () C:\Windows\system32\perfc007.dat
2015-03-06 22:42 - 2009-07-14 06:13 - 01625086 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-06 18:31 - 2014-12-24 14:42 - 00000000 ____D () C:\Program Files\Java
2015-03-06 18:28 - 2013-10-22 17:30 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-06 18:28 - 2013-03-05 18:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-06 18:14 - 2013-10-05 17:15 - 00000000 ____D () C:\Program Files (x86)\Domination
2015-03-06 18:14 - 2013-08-03 19:40 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-03-06 18:14 - 2013-08-02 20:21 - 00000000 ____D () C:\Program Files (x86)\DOSBox-0.63
2015-03-06 18:14 - 2012-11-03 13:56 - 00000000 ____D () C:\Program Files\DivX
2015-03-06 18:14 - 2012-09-25 15:07 - 00000000 ____D () C:\Program Files (x86)\Otherland
2015-03-06 18:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-06 18:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-03-06 18:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-06 16:22 - 2012-09-23 13:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job.bak
2015-03-06 15:21 - 2015-01-05 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDLINK
2015-03-06 15:20 - 2012-09-23 16:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-06 15:13 - 2015-01-05 16:35 - 00000000 ____D () C:\Program Files (x86)\SPEEDLINK
2015-03-06 12:36 - 2012-12-23 14:08 - 00000000 ____D () C:\Users\PC\AppData\Roaming\QuickScan
2015-03-06 12:18 - 2012-11-26 19:03 - 00000000 ____D () C:\Users\PC\AppData\Local\Spotify
2015-03-06 02:41 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-05 20:25 - 2014-08-28 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Entropia Universe
2015-03-05 20:25 - 2013-01-22 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox
2015-03-05 19:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-05 18:08 - 2014-12-24 14:50 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-03-05 17:33 - 2014-12-04 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-03-05 17:21 - 2014-12-04 18:33 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-05 17:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2015-03-02 20:32 - 2013-03-03 20:44 - 00000000 ____D () C:\Windows\pss
2015-03-02 02:42 - 2014-12-24 16:51 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Steganos
2015-03-02 02:36 - 2013-08-03 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nobilis
2015-03-02 02:36 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-01 16:36 - 2014-09-08 13:38 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2015-02-26 22:10 - 2014-12-24 16:51 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Steganos VPN
2015-02-24 03:17 - 2012-09-23 07:23 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-18 04:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-17 13:27 - 2012-11-15 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-16 16:20 - 2012-10-30 17:26 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-16 14:34 - 2012-12-14 11:27 - 00000000 ____D () C:\Users\PC\Documents\My Games

==================== Files in the root of some directories =======

2014-06-28 19:33 - 2014-07-08 13:37 - 0000113 _____ () C:\Users\PC\AppData\Roaming\D2Info0
2014-06-28 19:33 - 2014-06-28 22:13 - 0000008 _____ () C:\Users\PC\AppData\Roaming\DofusAppId0_1
2014-07-08 13:37 - 2014-07-08 17:46 - 0000008 _____ () C:\Users\PC\AppData\Roaming\DofusAppId0_2
2013-07-23 11:58 - 2013-07-23 11:58 - 0034816 _____ () C:\Users\PC\AppData\Roaming\RZR_00200df84a87ada2a1a69d4a76db.db
2012-10-27 23:51 - 2012-10-27 23:51 - 0046080 ___SH () C:\Users\PC\AppData\Roaming\Thumbs.db
2012-12-18 21:21 - 2012-12-18 21:21 - 0000090 _____ () C:\Users\PC\AppData\Local\fusioncache.dat
2015-03-05 16:10 - 2015-03-05 16:10 - 0008507 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2012-11-23 21:25 - 2015-03-08 09:34 - 0007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2015-03-07 07:57 - 2015-03-07 07:57 - 0001293 _____ () C:\Users\PC\AppData\Local\Temp1.html
2015-03-07 07:57 - 2015-03-07 07:57 - 0003051 _____ () C:\Users\PC\AppData\Local\Temp6.html
2014-06-05 12:11 - 2014-06-05 12:11 - 2022894 _____ () C:\ProgramData\1401963607.bdinstall.bin
2014-07-05 16:57 - 2014-07-05 16:57 - 0440959 _____ () C:\ProgramData\1404575705.bdinstall.bin
2014-07-14 11:22 - 2014-07-14 11:22 - 0257399 _____ () C:\ProgramData\1405333262.bdinstall.bin
2014-07-14 11:22 - 2014-07-14 11:22 - 0050040 _____ () C:\ProgramData\1405333338.bdinstall.bin
2014-08-17 21:25 - 2014-08-17 21:25 - 0018554 _____ () C:\ProgramData\1408307088.bdinstall.bin
2014-08-30 15:10 - 2014-08-30 15:10 - 0033471 _____ () C:\ProgramData\1409407795.bdinstall.bin

Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\avgnt.exe
C:\Users\PC\AppData\Local\Temp\HitmanPro.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 15:35

==================== End Of Log ============================
--- --- ---

--- --- ---


Was ganz interessant war - in den letzten Tagen hatte ich mysteriöser Weise Ruhe vor dem Mist. Avira hat seinen Dienst getan, Windows hat geupdatet.. den Windows Search Indexer hatte ich ausgestellt - nicht, dass das viel gemacht hätte.. außer, dass mein PC nicht alle 2 Minuten versucht sämtliche PC Dateien zu indizieren die bereits indiziert sind.

Nun. Machen wir weiter.

Also ich mein damit nicht, dass das Problem behoben wurde. Es hat sich nur.. kurzeitig aufgehoben.. Oo.. ich versuch immer noch herauszufinden woran das liegt.

schrauber 13.03.2015 12:48
Addition.txt von FRST fehlt noch.
Aber was ich bis jetzt sehe sagt das gleiche wie alle andern geposteten Logs. Da ist keine Malware.

Amaya 14.03.2015 09:16
Ich hab Malware auf dem PC
 
Ich sag doch das es ein kompliziertes Problem ist.
Mein Freund hat es auch schon beobachtet .. seine aussage : es hat ihn geyielded als er in der Youtuad.360yieeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
hm.. juhu.. -.-
youtube suchzeile war. Da war das Beispiel jetzt mal zur hand was passiert.. mit esc wird es abgebrochen...

Das interessante ist: Wenn ich den Pc herunterfahre verschwindet das Problem zeitweise. Bis ich irgendetwas mache.. also wenn das Dinge gestartet ist oder so kann man es mit der Taste entf auslösen - dann geht WIndows Start auf und irgendend wann wird das ganze geschrieben.. erst www.. was sich dann wieder löscht, dann ad.360yie.. etc. Nervt. Es ist kein Joke ich kann gerne versuchen davon ein Video zu machen.

Mal gucken ob ich dafür ne gute Capture software finde.


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by PC (administrator) on LAURENTH on 14-03-2015 09:08:15
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available profiles: PC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "E:\wtfx\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Akamai Technologies, Inc.) C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(LogMeIn Inc.) E:\hmchi\hamachi-2-ui.exe
(Akamai Technologies, Inc.) C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
(LogMeIn, Inc.) E:\hmchi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) E:\hmchi\hamachi-2.exe
(LogMeIn, Inc.) E:\hmchi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Waterfox) E:\wtfx\waterfox.exe
(Mozilla Corporation) E:\wtfx\plugin-container.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\hmchi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Run: [Akamai NetSession Interface] => C:\Users\PC\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\MountPoints2: {44dbe384-04d2-11e2-847c-806e6f6e6963} - D:\menue.exe
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\MountPoints2: {c05ae8cf-f9d7-11e2-a6ca-6cf049e6c4ea} - H:\BvsC_Setup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - No CLSID Value
Handler: WSAllMyTubechrome - No CLSID Value
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-07-17] (DivX, LLC)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2013-05-22] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\npArcPluginFF.dll [2014-11-24] (Perfect World Entertainment Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1318200210-3521828580-4078792253-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-21] ()
FF Extension: Avira Browser Safety - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default\Extensions\abs@avira.com [2015-03-09]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default\Extensions\iobitascsurfingprotection@iobit.com [2015-03-05]
FF Extension: Adblock Plus - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com
FF Extension: Wondershare AllMyTube - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com [2014-12-11]
FF HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
S4 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-11-24] (Perfect World Entertainment Inc)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 GaUpdateService; C:\ProgramData\gaupdt\service\0\gaupsvc.exe [1558032 2013-03-19] ()
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 Hamachi2Svc; E:\hmchi\hamachi-2.exe [2490216 2015-02-17] (LogMeIn Inc.)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3975544 2012-05-09] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-29] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-05-29] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 LMIGuardianSvc; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-02-25] (Avira Operations GmbH & Co. KG)
S3 EagleX64; No ImagePath
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-24] (REALiX(tm))
S2 LMIInfo; No ImagePath
S4 LMIRfsClientNP; No ImagePath
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-12-04] (Audials AG)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128856 2013-06-05] (Razer USA Ltd)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-24] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-09-23] (Duplex Secure Ltd.)
S3 X6va008; No ImagePath
S3 X6va012; No ImagePath
S3 X6va021; No ImagePath
S3 X6va028; No ImagePath
S3 xhunter1; No ImagePath
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 09:08 - 2015-03-14 09:09 - 00015178 _____ () C:\Users\PC\Desktop\FRST.txt
2015-03-12 14:20 - 2015-03-12 14:20 - 02095616 _____ (Farbar) C:\Users\PC\Downloads\FRST64(1).exe
2015-03-11 18:45 - 2015-03-11 18:45 - 00000028 _____ () C:\Users\PC\Desktop\ftb erze.txt
2015-03-11 18:23 - 2015-03-11 18:23 - 00000013 _____ () C:\Users\PC\Desktop\test.txt
2015-03-11 13:26 - 2015-03-11 13:26 - 00001086 _____ () C:\Windows\PFRO.log
2015-03-11 01:42 - 2015-03-14 08:03 - 00002240 _____ () C:\Windows\setupact.log
2015-03-11 01:42 - 2015-03-11 01:42 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-10 23:03 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-10 23:03 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-10 23:03 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-10 23:03 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-10 23:03 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-10 23:03 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-10 23:03 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-10 23:03 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-10 23:03 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-10 23:03 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-10 23:03 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-10 23:03 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-10 23:03 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-10 23:03 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-10 23:03 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-10 23:03 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-10 23:03 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-10 23:03 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-10 23:03 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-10 23:03 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-10 23:03 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-10 23:03 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-10 23:03 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-10 23:03 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-10 23:03 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-10 23:03 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-10 23:03 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-10 23:03 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-10 23:03 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-10 23:03 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-10 23:03 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-10 23:03 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-10 23:03 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-10 23:03 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-10 23:03 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-10 23:03 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-10 23:03 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-10 23:03 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-10 23:03 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-10 23:03 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-10 23:03 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-10 23:03 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-10 23:03 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-10 23:03 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-10 23:03 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-10 23:03 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-10 23:03 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-10 23:03 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-10 23:03 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-10 23:03 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-10 23:03 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-10 23:03 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-10 23:03 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-10 23:03 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-10 23:03 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-10 23:02 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-10 23:02 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-10 23:02 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-10 23:02 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-10 23:02 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-10 23:02 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-10 23:02 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-10 23:02 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-10 23:02 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-10 23:02 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-10 23:02 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-10 23:02 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-10 23:02 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-10 23:02 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-10 23:02 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-10 23:02 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-10 23:02 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-10 23:02 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-10 23:02 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-10 23:02 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-10 23:02 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-10 23:02 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-10 23:02 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-10 23:02 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-10 23:02 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-10 23:02 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-10 23:02 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-10 23:02 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 23:02 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-10 23:02 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-10 23:02 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-10 23:02 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-10 23:02 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-10 23:02 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-10 23:02 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-10 23:02 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-10 23:02 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-10 23:02 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-10 23:02 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-10 23:02 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-10 23:02 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-10 23:02 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-10 23:02 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-10 23:02 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-10 23:02 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-10 23:02 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-10 23:02 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-10 23:02 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-10 23:02 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-10 23:02 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-10 23:02 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-10 23:02 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-10 23:02 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-10 23:02 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-10 23:02 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-10 23:02 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-10 23:02 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-10 23:02 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-10 23:02 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 23:02 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-10 23:02 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-10 22:43 - 2015-03-10 22:43 - 34103034 _____ () C:\Users\PC\Downloads\Ultimate_Server.zip
2015-03-10 22:32 - 2015-03-12 17:43 - 00000000 ____D () C:\ftb
2015-03-10 22:30 - 2015-03-12 21:31 - 00000000 ____D () C:\Users\PC\AppData\Local\ftblauncher
2015-03-10 22:30 - 2015-03-10 22:32 - 00000000 ____D () C:\Users\PC\AppData\Roaming\ftblauncher
2015-03-10 22:30 - 2015-03-10 22:30 - 06623853 _____ () C:\Users\PC\Desktop\FTB_Launcher.exe
2015-03-10 22:30 - 2015-03-10 22:30 - 06591597 _____ () C:\Users\PC\Downloads\FTB_Launcher.jar
2015-03-10 20:08 - 2015-03-10 20:09 - 437581680 _____ () C:\Users\PC\Downloads\Die Beschenkte(2).wma
2015-03-10 20:03 - 2015-03-10 20:05 - 437581680 _____ () C:\Users\PC\Downloads\Die Beschenkte(1).wma
2015-03-10 00:34 - 2015-03-10 00:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\java
2015-03-09 18:36 - 2015-03-14 08:04 - 00000000 ____D () C:\Users\PC\AppData\Local\LogMeIn Hamachi
2015-03-09 18:36 - 2015-03-09 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-09 18:33 - 2015-03-09 18:33 - 08548352 _____ () C:\Users\PC\Downloads\hamachi.msi
2015-03-09 13:27 - 2015-03-09 13:27 - 00000000 ____D () C:\Users\PC\AppData\Local\Steam
2015-03-08 18:42 - 2015-03-11 13:27 - 00276968 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-08 18:41 - 2015-03-08 18:41 - 73826304 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag
2015-03-08 18:28 - 2015-03-08 18:31 - 00000000 ____D () C:\Program Files (x86)\Convar
2015-03-08 18:28 - 2015-03-08 18:28 - 03462033 _____ () C:\Users\PC\Downloads\pci_4filerecovery.exe
2015-03-08 18:18 - 2015-03-08 18:18 - 00062496 _____ () C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-08 18:07 - 2015-03-08 18:15 - 00045452 _____ () C:\Users\PC\Desktop\Logfiles.zip
2015-03-08 17:55 - 2015-03-08 17:55 - 00002337 _____ () C:\Users\PC\Desktop\Neues Textdokument (4).txt
2015-03-08 17:29 - 2015-03-14 09:08 - 02095616 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-03-08 17:29 - 2015-03-14 09:08 - 00000000 ____D () C:\Users\PC\Desktop\FRST-OlderVersion
2015-03-08 17:19 - 2015-03-08 17:19 - 00000576 _____ () C:\Users\PC\Desktop\defogger_disable.log
2015-03-08 17:19 - 2015-03-08 17:19 - 00000020 _____ () C:\Users\PC\defogger_reenable
2015-03-08 17:17 - 2015-03-08 17:17 - 00050477 _____ () C:\Users\PC\Desktop\Defogger.exe
2015-03-08 17:13 - 2015-03-08 17:13 - 00000000 ____D () C:\Users\PC\AppData\Local\AnVir
2015-03-08 16:58 - 2015-03-08 16:58 - 00000000 _____ () C:\Users\PC\Desktop\Fbars.txt
2015-03-08 16:29 - 2015-03-08 16:32 - 00000076 _____ () C:\Users\PC\Desktop\Neues Textdokument (3).txt
2015-03-08 10:17 - 2015-03-08 15:26 - 10995632 _____ (SurfRight B.V.) C:\Users\PC\Downloads\hitmanpro_x64.exe
2015-03-08 10:17 - 2015-03-08 10:17 - 02209056 _____ () C:\Users\PC\Downloads\avira-eu-cleaner_de.exe
2015-03-08 10:16 - 2015-03-08 10:16 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-08 10:14 - 2015-03-08 10:14 - 00005651 _____ () C:\Users\PC\Desktop\UsbFix_Report.txt
2015-03-08 09:54 - 2015-03-08 09:54 - 20268032 _____ (Microsoft Corporation) C:\Users\PC\Downloads\imageres.dll
2015-03-08 09:40 - 2015-03-08 09:40 - 12184357 _____ () C:\Users\PC\Downloads\imageres.zip
2015-03-08 08:23 - 2015-03-08 08:23 - 06870552 _____ (ParetoLogic, Inc.) C:\Users\PC\Downloads\RegCureProSetup.exe
2015-03-08 07:51 - 2015-03-08 07:51 - 00030973 _____ () C:\Users\PC\Desktop\w1.txt
2015-03-08 05:19 - 2015-03-08 05:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2015-03-08 05:19 - 2015-03-08 05:19 - 00000000 ____D () C:\Program Files (x86)\FileASSASSIN
2015-03-08 04:20 - 2015-03-08 04:20 - 00000240 _____ () C:\Users\PC\Desktop\leg.reg
2015-03-08 03:49 - 2015-03-08 03:48 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-08 03:28 - 2015-03-08 03:28 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Avira
2015-03-08 03:20 - 2015-02-25 17:53 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-08 03:20 - 2015-02-25 17:53 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-08 03:20 - 2015-02-25 17:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-03-08 03:19 - 2015-03-08 03:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-08 03:19 - 2015-03-08 03:20 - 00000000 ____D () C:\ProgramData\Avira
2015-03-08 03:19 - 2015-03-08 03:20 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-08 03:19 - 2015-03-08 03:19 - 00001211 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-03-07 23:32 - 2010-03-10 16:31 - 00000000 ____D () C:\Users\PC\Desktop\Double Driver
2015-03-07 23:31 - 2015-03-07 23:31 - 02165485 _____ () C:\Users\PC\Downloads\double_driver_4.1.0_portable.zip
2015-03-07 22:41 - 2015-03-07 22:41 - 01663104 _____ () C:\Users\PC\Downloads\PANDAIS15.exe
2015-03-07 21:55 - 2015-03-07 21:55 - 05297736 _____ (SuperEasy Software GmbH & Co. KG ) C:\Users\PC\Desktop\driverupdater.exe
2015-03-07 20:13 - 2015-03-07 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrar Registry Manager
2015-03-07 20:13 - 2015-03-07 20:13 - 00000000 ____D () C:\Program Files\Registrar Registry Manager
2015-03-07 19:57 - 2015-03-07 20:07 - 00008552 _____ () C:\Users\PC\Desktop\FarBars Recover Anleitung.txt
2015-03-07 19:51 - 2015-03-08 18:10 - 00000000 ____D () C:\Users\PC\Desktop\AnVir
2015-03-07 17:32 - 2015-03-08 10:14 - 00000000 ____D () C:\UsbFix
2015-03-07 08:20 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-07 08:20 - 2014-08-30 03:10 - 06583296 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-07 08:20 - 2014-08-30 02:50 - 05702656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-07 07:57 - 2015-03-07 07:57 - 00003051 _____ () C:\Users\PC\AppData\Local\Temp6.html
2015-03-07 07:57 - 2015-03-07 07:57 - 00001293 _____ () C:\Users\PC\AppData\Local\Temp1.html
2015-03-07 06:11 - 2015-03-07 06:11 - 00000000 _____ () C:\Users\PC\Desktop\Neues Textdokument (2).txt
2015-03-07 05:50 - 2015-03-07 05:50 - 00000821 _____ () C:\Users\PC\Desktop\SanityCheck.lnk
2015-03-07 05:50 - 2015-03-07 05:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanityCheck
2015-03-07 05:50 - 2015-03-07 05:50 - 00000000 ____D () C:\Program Files\SanityCheck
2015-03-07 05:44 - 2015-03-07 05:44 - 02957424 _____ () C:\Users\PC\Desktop\funk.reg
2015-03-07 05:39 - 2015-03-07 05:39 - 00000596 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk
2015-03-07 05:07 - 2015-03-07 05:07 - 00006568 _____ () C:\Users\PC\Documents\cc_20150307_050726.reg
2015-03-07 04:53 - 2015-03-07 04:53 - 01092680 _____ (Smart PC Solutions ) C:\Users\PC\Downloads\fixregistry27.exe
2015-03-07 04:48 - 2015-03-07 04:48 - 00005216 _____ () C:\Users\PC\Downloads\tessss.txt
2015-03-07 04:14 - 2015-03-07 04:16 - 00013075 _____ () C:\Users\PC\Desktop\bookmarks_07.03.15.html
2015-03-07 04:05 - 2015-03-08 17:37 - 00000000 ____D () C:\Users\PC\AppData\Local\CrashDumps
2015-03-06 23:42 - 2015-03-06 23:42 - 00000000 ___RD () C:\Users\PC\Desktop\TEAMGEIST
2015-03-06 23:14 - 2015-03-06 23:14 - 00000000 ____D () C:\Users\PC\Tracing
2015-03-06 23:13 - 2015-03-06 23:13 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-06 23:13 - 2015-03-06 23:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-06 23:13 - 2015-03-06 23:13 - 00000000 ____D () C:\ProgramData\Skype
2015-03-06 23:13 - 2015-03-06 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-06 23:12 - 2015-03-06 23:12 - 00003152 _____ () C:\Windows\System32\Tasks\{75A5D437-EAD1-4FF1-BCFA-D23C47968FD7}
2015-03-06 22:47 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-03-06 22:47 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-03-06 22:47 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-03-06 22:47 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-03-06 22:47 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-03-06 22:47 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-03-06 22:47 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-03-06 22:47 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-03-06 22:47 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-03-06 22:47 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-03-06 22:47 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-03-06 22:47 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-03-06 22:47 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-03-06 22:47 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-03-06 22:47 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-03-06 22:29 - 2015-03-06 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-06 21:47 - 2015-03-06 21:47 - 00431144 _____ () C:\Users\PC\Downloads\Mediakey.zip
2015-03-06 21:42 - 2015-03-06 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown Device Identifier 8.02
2015-03-06 21:42 - 2015-03-06 21:42 - 00000000 ____D () C:\Program Files\Unknown Device Identifier
2015-03-06 21:41 - 2015-03-06 21:41 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-06 21:38 - 2015-03-06 18:10 - 00000872 _____ () C:\Windows\system32\Drivers\etc\hosts.20150306-213833.backup
2015-03-06 21:18 - 2015-03-06 21:18 - 00000000 ____D () C:\Users\nsk1051.tmp
2015-03-06 21:16 - 2015-03-06 21:16 - 00000000 ____D () C:\Spacekace
2015-03-06 19:03 - 2015-03-06 19:20 - 00000021 _____ () C:\Users\PC\Desktop\Neues Textdokument.txt
2015-03-06 18:47 - 2015-03-06 18:47 - 00000000 ____D () C:\Users\PC\Desktop\backups
2015-03-06 18:43 - 2015-03-06 18:43 - 00000000 ____D () C:\Users\PC\Desktop\Neuer Ordner (2)
2015-03-06 18:32 - 2015-03-06 18:46 - 00004586 _____ () C:\Users\PC\Desktop\Rkill.txt
2015-03-06 18:31 - 2015-03-06 18:31 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-06 18:31 - 2015-03-06 18:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-06 18:31 - 2015-03-06 18:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-06 18:31 - 2015-03-06 18:31 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-06 18:29 - 2015-03-06 18:29 - 00159578 _____ () C:\Users\PC\Downloads\JavaRa-2.6.zip
2015-03-06 18:29 - 2015-03-06 18:29 - 00159578 _____ () C:\Users\PC\Downloads\JavaRa-2.6 (1).zip
2015-03-06 18:28 - 2015-03-06 18:28 - 00000000 _____ () C:\Windows\SysWOW64\REN7BCA.tmp
2015-03-06 17:33 - 2015-03-06 17:33 - 00013330 _____ () C:\Users\PC\Desktop\KBDRU1.DLL - Verknüpfung.lnk
2015-03-06 17:05 - 2015-03-07 07:53 - 00000000 ____D () C:\Users\PC\Desktop\Procmon
2015-03-06 16:41 - 2015-03-06 16:41 - 00004894 _____ () C:\Users\PC\Desktop\RKreport_DEL_03062015_164021.log
2015-03-06 16:12 - 2015-03-06 16:28 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-06 15:59 - 2015-03-06 16:41 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-06 15:59 - 2015-03-06 15:59 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-06 15:11 - 2015-03-06 15:11 - 13787245 _____ () C:\Users\PC\Downloads\SL-6481-BK_Driver_V1.3.zip
2015-03-06 15:03 - 2015-03-06 15:25 - 00000000 ____D () C:\Users\PC\Documents\ProcAlyzer Dumps
2015-03-06 03:18 - 2015-03-06 03:18 - 00000476 __RSH () C:\Users\PC\ntuser.pol
2015-03-06 03:00 - 2015-03-07 05:01 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-06 03:00 - 2015-03-06 21:41 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-06 03:00 - 2015-03-06 03:00 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-06 01:58 - 2015-03-06 01:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
2015-03-06 01:58 - 2015-03-06 01:58 - 00000000 ____D () C:\Program Files (x86)\Hex-Editor MX
2015-03-06 00:39 - 2015-03-06 00:39 - 00086858 _____ () C:\Users\PC\Downloads\Shortcut.txt
2015-03-06 00:38 - 2015-03-06 00:39 - 00042522 _____ () C:\Users\PC\Downloads\Addition.txt
2015-03-06 00:37 - 2015-03-12 14:27 - 00095813 _____ () C:\Users\PC\Downloads\FRST.txt
2015-03-06 00:34 - 2015-03-14 09:08 - 00000000 ____D () C:\FRST
2015-03-06 00:30 - 2015-03-06 00:30 - 02092544 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2015-03-05 23:56 - 2015-03-05 23:56 - 00156624 _____ () C:\Users\PC\Downloads\RkU3.7.300.501.zip
2015-03-05 23:55 - 2015-03-05 23:55 - 00916072 _____ (F-Secure Corporation) C:\Users\PC\Downloads\fsbl1067.exe
2015-03-05 23:41 - 2015-03-05 23:42 - 00002764 _____ () C:\Users\PC\Desktop\Rkill (2).txt
2015-03-05 23:41 - 2015-03-05 23:41 - 00000000 ____D () C:\Users\PC\Desktop\rkill
2015-03-05 23:11 - 2015-03-08 17:25 - 00000000 ____D () C:\Users\PC\Desktop\Anti Spy
2015-03-05 23:09 - 2015-03-05 23:09 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\PC\Desktop\iExplore.exe
2015-03-05 20:32 - 2015-03-05 20:54 - 00009304 _____ () C:\Users\PC\Desktop\hijackthis.log
2015-03-05 20:20 - 2015-03-05 20:20 - 00000000 __SHD () C:\Users\PC\AppData\Local\EmieBrowserModeList
2015-03-05 20:14 - 2015-03-05 20:14 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2015-03-05 19:54 - 2015-03-05 19:54 - 01686759 _____ () C:\Users\PC\Downloads\PSTools.zip
2015-03-05 18:59 - 2015-03-06 19:21 - 00001178 _____ () C:\Windows\SysWOW64\BroomData.bit
2015-03-05 18:59 - 2013-04-08 15:30 - 00022752 _____ () C:\Windows\system32\PCloudBroom64.exe
2015-03-05 18:08 - 2015-03-05 18:08 - 00943832 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-03-05 18:08 - 2015-03-05 18:08 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-03-05 18:04 - 2015-03-06 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-05 17:57 - 2015-03-05 17:57 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-05 17:57 - 2015-03-05 17:57 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-03-05 17:57 - 2015-03-05 17:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-05 17:40 - 2015-03-09 18:34 - 00002898 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_PC
2015-03-05 17:34 - 2015-03-05 17:34 - 00001174 _____ () C:\Users\PC\Desktop\IObit Uninstaller.lnk
2015-03-05 17:10 - 2015-03-05 17:11 - 60205784 _____ () C:\Users\PC\Downloads\Waterfox_36.0_Setup (1).exe
2015-03-05 17:05 - 2015-03-05 17:05 - 00004884 _____ () C:\Users\PC\Documents\links.txt
2015-03-05 16:10 - 2015-03-05 16:10 - 00008507 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2015-03-03 19:31 - 2015-03-03 19:31 - 00000000 ____D () C:\Users\PC\.thumbnails
2015-03-03 15:27 - 2015-03-05 17:12 - 00000000 ____D () C:\Users\PC\.gimp-2.8
2015-03-03 15:27 - 2015-03-03 15:27 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-03-03 15:26 - 2015-03-03 15:27 - 00000000 ____D () C:\Program Files\GIMP 2
2015-03-03 15:24 - 2015-03-03 15:25 - 00000000 ____D () C:\Users\PC\Downloads\Divergent
2015-03-03 07:01 - 2015-03-03 07:03 - 58384493 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 7 - Frame Sets.zip
2015-03-03 07:01 - 2015-03-03 07:01 - 01686393 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 5 - Medieval Architecture.zip
2015-03-03 07:01 - 2015-03-03 07:01 - 00590854 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 2 - Metal & Stone.zip
2015-03-03 07:00 - 2015-03-03 07:01 - 00687738 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 3 - Crystal & Liquid.zip
2015-03-03 07:00 - 2015-03-03 07:00 - 00537139 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 1 - Floor & Wall.zip
2015-03-03 06:59 - 2015-03-03 07:00 - 09840461 _____ (Spiral Graphics Inc.) C:\Users\PC\Downloads\Genetica Viewer 3.5 Setup.exe
2015-03-03 06:59 - 2015-03-03 06:59 - 04645910 _____ (Spiral Graphics Inc. ) C:\Users\PC\Downloads\Wood_Workshop_1,01_Setup.exe
2015-03-03 06:04 - 2015-03-05 23:10 - 00000000 ____D () C:\Users\PC\Desktop\Eigenes Texture Pack light
2015-03-03 05:03 - 2015-03-03 05:03 - 02809041 _____ () C:\Users\PC\Downloads\abstaria.zip
2015-03-03 05:02 - 2015-03-03 05:02 - 07753333 _____ () C:\Users\PC\Downloads\Okami Texture Pack_x64_1.6.2.zip
2015-03-03 05:00 - 2015-03-03 05:00 - 48264336 _____ () C:\Users\PC\Downloads\The Next Big Thing 2013 1.7.2.zip
2015-03-03 04:50 - 2015-03-03 04:51 - 39792674 _____ () C:\Users\PC\Downloads\HerrSommer Dye - 1.8 - v2.zip
2015-03-03 04:45 - 2015-03-03 04:46 - 65669183 _____ () C:\Users\PC\Downloads\HD Realism (Light).zip
2015-03-03 04:39 - 2015-03-03 04:39 - 05488685 _____ () C:\Users\PC\Downloads\Pebbles 32x32 v.0.95.zip
2015-03-03 04:38 - 2015-03-03 04:39 - 50065163 _____ () C:\Users\PC\Downloads\1.7.2 64x Scaramandos Halloween(2).zip
2015-03-03 04:30 - 2015-03-03 04:30 - 38532761 _____ () C:\Users\PC\Downloads\Moartex HD_1.6.1.zip
2015-03-03 04:25 - 2015-03-03 04:25 - 25141775 _____ () C:\Users\PC\Downloads\Wolion64.zip
2015-03-03 04:20 - 2015-03-03 04:20 - 21181489 _____ () C:\Users\PC\Downloads\Evolutrium Craft 64x [1.7.4].zip
2015-03-03 04:20 - 2015-03-03 04:20 - 09206747 _____ () C:\Users\PC\Downloads\Battlefield 3 resource pack 1.7.x.zip
2015-03-03 04:14 - 2015-03-03 04:15 - 42740954 _____ () C:\Users\PC\Downloads\HerrSommer  Medieval - 1.8 - v2-3 wip.zip
2015-03-03 04:13 - 2015-03-03 04:13 - 40517657 _____ () C:\Users\PC\Downloads\HerrSommer - 1.8 - v2.zip
2015-03-03 04:11 - 2015-03-03 04:11 - 34633116 _____ () C:\Users\PC\Downloads\[64]outdated version search for v8.zip
2015-03-03 04:08 - 2015-03-03 04:09 - 06905541 _____ () C:\Users\PC\Downloads\[1.8] Arcility [HD - 64x] 11914.zip
2015-03-03 04:08 - 2015-03-03 04:08 - 05175548 _____ () C:\Users\PC\Downloads\Finlandia 1.8.zip
2015-03-03 04:02 - 2015-03-03 04:02 - 55852704 _____ () C:\Users\PC\Downloads\64 x 64 Hyperion HD Texture Pack (new).zip
2015-03-03 04:02 - 2015-03-03 04:02 - 00748598 _____ () C:\Users\PC\Downloads\Serinity HD [1.8.1].zip
2015-03-03 03:56 - 2015-03-03 03:56 - 11338545 _____ () C:\Users\PC\Downloads\willpack4.zip
2015-03-03 03:54 - 2015-03-03 03:54 - 00777106 _____ () C:\Users\PC\Downloads\Lithos Luminous.zip
2015-03-03 03:53 - 2015-03-03 03:53 - 06259465 _____ () C:\Users\PC\Downloads\ProZeth 1.8 v2.7.zip
2015-03-03 03:53 - 2015-03-03 03:53 - 00048048 _____ () C:\Users\PC\Downloads\_Lithos_HD_Font_Add-on.zip
2015-03-03 03:52 - 2015-03-03 03:52 - 11301346 _____ () C:\Users\PC\Downloads\SummerFields_1.8.X.zip
2015-03-03 03:44 - 2015-03-03 03:44 - 01619803 _____ () C:\Users\PC\Downloads\Nagareru - 1.0.zip
2015-03-03 03:42 - 2015-03-03 03:42 - 13724372 _____ () C:\Users\PC\Downloads\Wuggi-Craft_Fantasia v.102.zip
2015-03-03 03:42 - 2015-03-03 03:42 - 04042384 _____ () C:\Users\PC\Downloads\Romecraft GERMANIA 14.5.zip
2015-03-03 03:39 - 2015-03-03 03:41 - 221112346 _____ () C:\Users\PC\Downloads\CCCode-dokustash-d9d644b6c5ed.zip
2015-03-03 03:38 - 2015-03-03 03:38 - 23534658 _____ () C:\Users\PC\Downloads\1.7-MegaDoku-TSC-Light.zip
2015-03-03 03:38 - 2015-03-03 03:38 - 01181511 _____ () C:\Users\PC\Downloads\Thaumcraft-lV-Dokucraft-1.7.10.zip
2015-03-03 03:35 - 2015-03-03 03:35 - 23914948 _____ () C:\Users\PC\Downloads\WesterosCraft Survival.zip
2015-03-03 03:33 - 2015-03-03 03:34 - 54364655 _____ () C:\Users\PC\Downloads\1.8.1 -Dokucraft_Dwarven_v67.zip
2015-03-03 03:30 - 2015-03-03 03:30 - 03284713 _____ () C:\Users\PC\Downloads\Wayukian_pack_v6.1.zip
2015-03-03 01:36 - 2015-03-07 05:30 - 00000000 ____D () C:\Users\PC\Desktop\512
2015-03-03 00:23 - 2015-03-07 05:13 - 00000000 ____D () C:\Users\PC\AppData\Roaming\inkscape
2015-03-03 00:18 - 2015-03-03 00:19 - 43314243 _____ (inkscape.org) C:\Users\PC\Downloads\Inkscape-0.91-1.exe
2015-03-03 00:17 - 2015-03-03 00:17 - 06528454 _____ () C:\Users\PC\Downloads\paint.net.4.0.5.install.zip
2015-03-02 22:41 - 2015-03-06 15:24 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Spotify
2015-03-02 22:41 - 2015-03-02 22:41 - 00001776 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-02 20:53 - 2015-03-08 17:12 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2015-03-02 20:32 - 2015-03-02 20:32 - 00005584 _____ () C:\Users\PC\Documents\cc_20150302_203208.reg
2015-03-02 12:20 - 2015-03-07 22:27 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Panda Security
2015-03-02 12:19 - 2015-03-07 22:28 - 00000000 ____D () C:\ProgramData\Panda Security
2015-03-02 04:24 - 2015-03-08 15:26 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-03-02 03:44 - 2015-03-02 03:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-02 02:52 - 2015-03-02 03:33 - 00000000 ____D () C:\Windows\system32\log
2015-03-01 19:10 - 2015-03-01 19:18 - 174466376 _____ () C:\Users\PC\Downloads\KoP 1.8 V9 eXtrem Part1.zip
2015-02-28 14:15 - 2015-02-28 14:16 - 00000000 ____D () C:\Program Files (x86)\Minecraft
2015-02-28 14:15 - 2015-02-28 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-02-27 00:21 - 2015-02-27 00:21 - 00000000 ____D () C:\Users\PC\Documents\PDF Files
2015-02-24 00:32 - 2015-02-24 00:34 - 437581680 _____ () C:\Users\PC\Downloads\Die Beschenkte.wma
2015-02-24 00:30 - 2015-02-24 00:32 - 451398198 _____ () C:\Users\PC\Downloads\Wild Cards_01.wma
2015-02-17 15:19 - 2015-02-17 15:25 - 451505806 _____ () C:\Users\PC\Downloads\Die Flammen der Dämmerung_02.wma
2015-02-17 13:26 - 2015-02-05 18:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-17 13:25 - 2015-02-05 22:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-17 13:25 - 2015-02-05 22:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-17 03:56 - 2015-02-17 04:01 - 448183150 _____ () C:\Users\PC\Downloads\Die Flammen der Dämmerung_01(2).wma
2015-02-16 16:20 - 2015-02-16 16:20 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2015-02-16 14:34 - 2015-02-16 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-02-16 14:32 - 2006-09-20 16:58 - 00040960 _____ () C:\Windows\SysWOW64\psfind.dll
2015-02-16 14:29 - 2015-02-16 14:29 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-02-15 21:06 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-15 21:06 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 08:10 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-14 08:10 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-14 08:05 - 2014-12-23 00:18 - 00002848 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (PC)
2015-03-14 08:03 - 2015-02-09 23:57 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-03-14 08:03 - 2012-11-08 13:53 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-14 08:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-13 21:51 - 2013-08-13 23:38 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{02AECB88-615E-4C17-8DEF-93C5E174B3CD}
2015-03-13 01:19 - 2012-09-26 17:48 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype
2015-03-12 21:58 - 2012-10-14 14:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\TS3Client
2015-03-11 14:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-11 13:27 - 2012-09-22 18:25 - 00000000 ____D () C:\Windows\Panther
2015-03-11 13:23 - 2012-09-22 17:29 - 01841538 _____ () C:\Windows\WindowsUpdate.log
2015-03-11 13:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 13:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 13:05 - 2013-07-23 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 13:01 - 2012-09-23 07:22 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-10 23:40 - 2014-04-23 02:17 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.minecraft
2015-03-10 23:39 - 2014-04-25 21:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-08 18:41 - 2015-02-09 19:50 - 73826304 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-03-08 18:41 - 2015-02-09 19:50 - 05705728 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-03-08 18:41 - 2015-02-09 19:50 - 00036864 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-03-08 18:41 - 2015-02-09 19:50 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-03-08 18:37 - 2012-09-23 17:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BitTorrent
2015-03-08 17:19 - 2012-09-23 07:04 - 00000000 ____D () C:\Users\PC
2015-03-08 17:10 - 2013-11-10 03:27 - 00000000 ____D () C:\Users\PC\Downloads\Dreamhunter (The Dreamhunter Duet, #1) - Elizabeth Knox
2015-03-08 17:05 - 2014-11-30 18:42 - 00000000 ____D () C:\Users\PC\Downloads\Rune Factory Tides of Destiny [wii][NTSC][Scrubbed]-TLS
2015-03-08 17:03 - 2015-01-17 15:09 - 00000000 ____D () C:\Users\PC\Downloads\James Dashner - The Rule of Thoughts (2014)
2015-03-08 17:02 - 2012-12-24 00:58 - 00000000 ____D () C:\Users\PC\AppData\Roaming\IObit
2015-03-08 17:02 - 2012-12-24 00:58 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-08 16:41 - 2014-10-30 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OGPlanet
2015-03-08 16:39 - 2013-01-01 22:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-08 15:54 - 2013-12-10 20:25 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-08 09:34 - 2012-11-23 21:25 - 00007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2015-03-08 05:04 - 2014-12-24 02:12 - 00000000 ____D () C:\AdwCleaner
2015-03-08 03:19 - 2014-03-03 21:54 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-08 00:10 - 2013-06-27 16:39 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-03-07 19:43 - 2012-12-02 20:05 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-07 05:30 - 2014-07-16 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
2015-03-07 05:16 - 2014-10-05 15:51 - 00000000 ____D () C:\ProgramData\HappyCloud
2015-03-07 05:13 - 2014-05-09 20:29 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-07 05:12 - 2012-11-15 18:09 - 00000000 ____D () C:\Users\PC\AppData\Local\Google
2015-03-07 05:03 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-06 22:42 - 2012-10-04 16:36 - 01625086 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-06 22:42 - 2009-07-14 18:58 - 00710500 _____ () C:\Windows\system32\perfh007.dat
2015-03-06 22:42 - 2009-07-14 18:58 - 00154830 _____ () C:\Windows\system32\perfc007.dat
2015-03-06 22:42 - 2009-07-14 06:13 - 01625086 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-06 18:31 - 2014-12-24 14:42 - 00000000 ____D () C:\Program Files\Java
2015-03-06 18:28 - 2013-10-22 17:30 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-06 18:28 - 2013-03-05 18:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-06 18:14 - 2013-10-05 17:15 - 00000000 ____D () C:\Program Files (x86)\Domination
2015-03-06 18:14 - 2013-08-03 19:40 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-03-06 18:14 - 2013-08-02 20:21 - 00000000 ____D () C:\Program Files (x86)\DOSBox-0.63
2015-03-06 18:14 - 2012-11-03 13:56 - 00000000 ____D () C:\Program Files\DivX
2015-03-06 18:14 - 2012-09-25 15:07 - 00000000 ____D () C:\Program Files (x86)\Otherland
2015-03-06 18:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-06 18:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-03-06 18:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-06 16:22 - 2012-09-23 13:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job.bak
2015-03-06 15:21 - 2015-01-05 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDLINK
2015-03-06 15:20 - 2012-09-23 16:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-06 15:13 - 2015-01-05 16:35 - 00000000 ____D () C:\Program Files (x86)\SPEEDLINK
2015-03-06 12:36 - 2012-12-23 14:08 - 00000000 ____D () C:\Users\PC\AppData\Roaming\QuickScan
2015-03-06 12:18 - 2012-11-26 19:03 - 00000000 ____D () C:\Users\PC\AppData\Local\Spotify
2015-03-06 02:41 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-05 20:25 - 2014-08-28 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Entropia Universe
2015-03-05 20:25 - 2013-01-22 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox
2015-03-05 19:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-05 18:08 - 2014-12-24 14:50 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-03-05 17:33 - 2014-12-04 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-03-05 17:21 - 2014-12-04 18:33 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-05 17:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2015-03-02 20:32 - 2013-03-03 20:44 - 00000000 ____D () C:\Windows\pss
2015-03-02 02:42 - 2014-12-24 16:51 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Steganos
2015-03-02 02:36 - 2013-08-03 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nobilis
2015-03-02 02:36 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-01 16:36 - 2014-09-08 13:38 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2015-02-26 22:10 - 2014-12-24 16:51 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Steganos VPN
2015-02-24 03:17 - 2012-09-23 07:23 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-18 04:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-17 13:27 - 2012-11-15 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-16 16:20 - 2012-10-30 17:26 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-16 14:34 - 2012-12-14 11:27 - 00000000 ____D () C:\Users\PC\Documents\My Games

==================== Files in the root of some directories =======

2014-06-28 19:33 - 2014-07-08 13:37 - 0000113 _____ () C:\Users\PC\AppData\Roaming\D2Info0
2014-06-28 19:33 - 2014-06-28 22:13 - 0000008 _____ () C:\Users\PC\AppData\Roaming\DofusAppId0_1
2014-07-08 13:37 - 2014-07-08 17:46 - 0000008 _____ () C:\Users\PC\AppData\Roaming\DofusAppId0_2
2013-07-23 11:58 - 2013-07-23 11:58 - 0034816 _____ () C:\Users\PC\AppData\Roaming\RZR_00200df84a87ada2a1a69d4a76db.db
2012-10-27 23:51 - 2012-10-27 23:51 - 0046080 ___SH () C:\Users\PC\AppData\Roaming\Thumbs.db
2012-12-18 21:21 - 2012-12-18 21:21 - 0000090 _____ () C:\Users\PC\AppData\Local\fusioncache.dat
2015-03-05 16:10 - 2015-03-05 16:10 - 0008507 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2012-11-23 21:25 - 2015-03-08 09:34 - 0007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2015-03-07 07:57 - 2015-03-07 07:57 - 0001293 _____ () C:\Users\PC\AppData\Local\Temp1.html
2015-03-07 07:57 - 2015-03-07 07:57 - 0003051 _____ () C:\Users\PC\AppData\Local\Temp6.html
2014-06-05 12:11 - 2014-06-05 12:11 - 2022894 _____ () C:\ProgramData\1401963607.bdinstall.bin
2014-07-05 16:57 - 2014-07-05 16:57 - 0440959 _____ () C:\ProgramData\1404575705.bdinstall.bin
2014-07-14 11:22 - 2014-07-14 11:22 - 0257399 _____ () C:\ProgramData\1405333262.bdinstall.bin
2014-07-14 11:22 - 2014-07-14 11:22 - 0050040 _____ () C:\ProgramData\1405333338.bdinstall.bin
2014-08-17 21:25 - 2014-08-17 21:25 - 0018554 _____ () C:\ProgramData\1408307088.bdinstall.bin
2014-08-30 15:10 - 2014-08-30 15:10 - 0033471 _____ () C:\ProgramData\1409407795.bdinstall.bin

Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\avgnt.exe
C:\Users\PC\AppData\Local\Temp\HitmanPro.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 15:35

==================== End Of Log ============================
--- --- ---


Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by PC at 2015-03-14 09:09:27
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1AVCapture Version 1.9.5.40 (HKLM-x32\...\{8EB278E8-7FDA-4ED9-A429-C87A76F95087}_is1) (Version: 1.9.5.40 - PCWinSoft Systems)
Acoustica Special Edition 5.0 (HKLM-x32\...\Acoustica Special Edition_is1) (Version: 5.0 - Acon AS)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
Akamai NetSession Interface (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte / related Design)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - Ubisoft Montreal)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Audials (HKLM-x32\...\{9DDE35B3-AAD2-496F-84F0-66F66FCC49F7}) (Version: 11.0.46200.0 - Audials AG)
Avira (HKLM-x32\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.650 - Avira)
BattleSpace (HKLM-x32\...\Steam App 306930) (Version:  - Funnel Inc.)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BitTorrent (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\BitTorrent) (Version: 7.9.2.37755 - BitTorrent Inc.)
CC Magic (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\CC Magic) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
DesignCAD 22 (HKLM-x32\...\{C5C61F02-1453-48A1-947E-8BC9F6812F8E}) (Version: 22.0.0 - IMSIDesign)
D-Fend v2 (HKLM-x32\...\D-Fend v2) (Version:  - )
Die Sims™ 3 Erstelle ein Muster-Tool (HKLM-x32\...\{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}) (Version: 1.0.0 - Electronic Arts)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
DUNGEONS - The Dark Lord (Steam Special Edition) (HKLM-x32\...\Steam App 200550) (Version:  - Realmforge Studios)
Dungeons & Dragons Online (HKLM-x32\...\Dungeons & Dragons Online) (Version:  - Turbine, Inc)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 14.9.0.124499 - MindArk PE AB)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Fable - The Lost Chapters (HKLM-x32\...\Steam App 204030) (Version:  - Lionhead Studios)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version:  - Stardock Entertainment)
FATE (HKLM-x32\...\Steam App 246840) (Version:  - WildTangent)
FATE: Undiscovered Realms (HKLM-x32\...\Steam App 276890) (Version:  - WildTangent)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FRANZIS onlineTV 8 (HKLM-x32\...\{CBC88F0E-1960-4AC3-8C38-8BAD44E3F6E3}_is1) (Version: 8.5.0.10 - FRANZIS Verlag GmbH)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GKLauncher version 1.1.0.4 (HKLM-x32\...\{961346DF-FE43-4392-99FC-47B1F5A882C3}_is1) (Version: 1.1.0.4 - GameKiss)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HDR projects elements (64-Bit) (HKLM\...\HDR projects elements_is1) (Version: 1.22 - Franzis Verlag GmbH)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.1.1.0 - Lightworks)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher) (Version: 3.0.0 - OGPlanet, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.10.297 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Experte 8 Ultimate (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 8.0.0140.0 - Avanquest software)
PDoD Uninstallation (HKLM-x32\...\{B5A4D5A1-7646-4EA9-9D30-3368A736A791}_is1) (Version: 0.4.3 - SickMafia)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Photomizer Retro (HKLM-x32\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.13.308 - Engelmann Media GmbH)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Pokemon Online 2.4.2 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version:  - Dreambelievers)
Pokemon World Online version 1.94 (HKLM-x32\...\{58FA82F2-5FAA-4036-9129-C97DDCAC6A1B}_is1) (Version: 1.94 - PWO Team)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.18 - NCH Software)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Password Unlocker Studio)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Registrar Registry Manager 7.70 (HKLM\...\RegistrarHome_is1) (Version:  - Resplendence Software Projects Sp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
SanityCheck 3.00 (HKLM\...\SanityCheck_is1) (Version:  - Resplendence Software Projects Sp.)
Schriftenbibliothek (HKLM-x32\...\Schriftenbibliothek_is1) (Version:  - )
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
SPlayer (HKLM-x32\...\SPlayer) (Version:  - )
Spotify (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Tales Runner version 1.2 (HKLM-x32\...\{FB205A57-6847-4BAE-8854-ED09266CC221}_is1) (Version: 1.2 - OGPlanet, Inc)
TeamSpeak 3 Client (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Legend of Korra™ (HKLM-x32\...\Steam App 281690) (Version:  - Platinum Games)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unknown Device Identifier 8.02 (HKLM\...\Unknown Device Identifier_is1) (Version: 8.02 - Huntersoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.902 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.61 - NCH Software)
Villagers and Heroes (HKLM-x32\...\Steam App 263540) (Version:  - Mad Otter Games)
VIRTUIS ADVANCED Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - SPEEDLINK)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Waterfox 36.0 (x64 en-US) (HKLM\...\Waterfox 36.0 (x64 en-US)) (Version: 36.0 - Mozilla)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wondershare AllMyTube(Build 4.2.2.0) (HKLM-x32\...\Wondershare AllMyTube_is1) (Version: 4.2.2.0 - Wondershare Software)
XSplit Gamecaster (HKLM-x32\...\{8780DFA8-7E56-43B1-93DB-FE001F8290D7}) (Version: 2.0.1411.2413 - SplitmediaLabs)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1318200210-3521828580-4078792253-1001_Classes\CLSID\{af15ce4e-488b-4bc5-b3ec-d1e26f95ad62}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

05-03-2015 17:25:35 Driver Booster : Marvell 91xx Config Device
05-03-2015 17:27:56 Windows Update
05-03-2015 17:56:06 Windows Modules Installer
05-03-2015 18:03:18 Installed Java 7 Update 76 (64-bit)
05-03-2015 19:31:18 IObit Uninstaller restore point
05-03-2015 20:43:08 IObit Uninstaller restore point
05-03-2015 22:37:38 Prüfpunkt von HitmanPro
05-03-2015 22:38:30 Prüfpunkt von HitmanPro
06-03-2015 03:36:25 Prüfpunkt von HitmanPro
06-03-2015 15:12:44 Installed simplitec simplicheck
06-03-2015 15:13:59 Installed VIRTUIS Advanced Gaming Keyboard
06-03-2015 15:14:10 Installed VIRTUIS Advanced Gaming Keyboard
06-03-2015 15:20:09 Removed VIRTUIS Advanced Gaming Keyboard
06-03-2015 15:20:32 Installed VIRTUIS Advanced Gaming Keyboard
06-03-2015 15:20:45 Installed VIRTUIS Advanced Gaming Keyboard
06-03-2015 17:06:12 Removed simplitec simplicheck
06-03-2015 18:06:43 Saskia goes Antivir
06-03-2015 18:30:13 Removed Java 7 Update 76 (64-bit)
06-03-2015 18:31:30 Installed Java 7 Update 67 (64-bit)
06-03-2015 22:36:42 Windows Update
07-03-2015 17:21:03 Windows Update
08-03-2015 03:30:42 Avira EU-Cleaner - 08.03.2015 03:30
09-03-2015 18:35:40 Installed LogMeIn Hamachi
11-03-2015 13:00:29 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-03-06 21:38 - 00450807 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        localhost
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D56A7C0-3491-4372-A2F7-9C023EA1C305} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-11-04] (IObit)
Task: {14006D03-CFC3-41BF-936C-55B8D8729350} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {26D97E70-E6EC-4D6B-9DB6-5B147764945C} - System32\Tasks\{75A5D437-EAD1-4FF1-BCFA-D23C47968FD7} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {4C9B2D88-5042-4B54-B05C-185CC7D88607} - System32\Tasks\Uninstaller_SkipUac_PC => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {9C3BE1C5-2990-4621-BBF2-2F4CCF696290} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-10-13] (IObit)
Task: {A9F29E0E-32C2-4DFD-ACC0-772105FC8284} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {AC82F664-B73B-48C4-B981-CAEF6E10B6D2} - System32\Tasks\Driver Booster SkipUAC (PC) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-11-27] (IObit)
Task: {B1387C6E-F901-4F32-8DE1-8F87F2506BD7} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {B4902C62-8664-4182-AD1C-849D3941C165} - System32\Tasks\ASC8_SkipUac_PC => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {FA438C0F-D4F2-48A2-936F-2D2EFE80886F} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-10-08] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job.bak => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-13 21:16 - 2015-02-05 20:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-08 00:06 - 2014-05-29 20:29 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-08 00:06 - 2014-05-29 20:29 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-06 15:22 - 2015-02-06 15:22 - 23056048 _____ () C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll
2015-01-15 13:28 - 2014-06-04 15:17 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:6B0023F8
AlternateDataStreams: C:\ProgramData\Temp:EEDA5B17

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdvancedSystemCareService8 => 2
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: GaUpdateService => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: PandaAgent => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupfolder: C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^debug.log => C:\Windows\pss\debug.log.Startup
MSCONFIG\startupfolder: C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinUpdate.lnk => C:\Windows\pss\WinUpdate.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DDO-Startprogramm =>
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: KSS =>
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: pdiface =>
MSCONFIG\startupreg: PSUAMain => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SL-6481 Gaming Keyboard => "C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-1318200210-3521828580-4078792253-500 - Administrator - Disabled)
Gast (S-1-5-21-1318200210-3521828580-4078792253-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1318200210-3521828580-4078792253-1003 - Limited - Enabled)
PC (S-1-5-21-1318200210-3521828580-4078792253-1001 - Administrator - Enabled) => C:\Users\PC

==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/13/2015 01:13:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/11/2015 02:03:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/11/2015 01:34:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (3268) WebCacheLocal: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\PC\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (03/11/2015 01:27:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -528.

Error: (03/11/2015 01:27:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Catalog Database (1168) Catalog Database: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\CatRoot2\edb.log.

Error: (03/10/2015 05:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.25.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10b0

Startzeit: 01d05b47beb01d26

Endzeit: 126

Anwendungspfad: C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

Berichts-ID: 988b4c58-c742-11e4-a61d-6cf049e6c4ea

Error: (03/10/2015 02:45:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/08/2015 05:25:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/08/2015 11:43:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/08/2015 08:06:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avscan.exe, Version 15.0.8.650 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a04

Startzeit: 01d0596ca9db3da7

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

Berichts-ID: 6d2eff84-c561-11e4-ba1c-6cf049e6c4ea


System errors:
=============
Error: (03/14/2015 08:03:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Kernel Information Provider" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/14/2015 08:02:29 AM) (Source: Disk) (EventID: 15) (User: )
Description: Das Gerät \Device\Harddisk0\DR0 ist für den Zugriff noch nicht bereit.

Error: (03/14/2015 08:02:29 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.

Error: (03/14/2015 08:02:29 AM) (Source: Disk) (EventID: 15) (User: )
Description: Das Gerät \Device\Harddisk0\DR0 ist für den Zugriff noch nicht bereit.

Error: (03/14/2015 08:02:29 AM) (Source: Disk) (EventID: 15) (User: )
Description: Das Gerät \Device\Harddisk0\DR0 ist für den Zugriff noch nicht bereit.

Error: (03/14/2015 00:04:21 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{44dbe381-04d2-11e2-847c-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{767F240C-583E-4466-A08C-78039E0D8B98}

Error: (03/14/2015 00:03:54 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{44dbe381-04d2-11e2-847c-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{7D200089-004B-43CD-88ED-AD8359892E39}

Error: (03/14/2015 00:03:27 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{44dbe381-04d2-11e2-847c-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{867866F8-19E9-46EB-97CC-5163F32E2697}

Error: (03/14/2015 00:03:00 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{44dbe381-04d2-11e2-847c-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{E0F1EB0A-45A0-4DCB-8E1F-A2A17791C5D2}

Error: (03/14/2015 00:02:33 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT-AUTORITÄT)
Description: 0x8000002a171\??\Volume{44dbe381-04d2-11e2-847c-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{25558FAF-235C-4F93-B6B2-9D7EDE931DFE}


Microsoft Office Sessions:
=========================
Error: (03/13/2015 01:13:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/11/2015 02:03:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/11/2015 01:34:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost3268WebCacheLocal: C:\Users\PC\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (03/11/2015 01:27:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -528

Error: (03/11/2015 01:27:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Catalog Database1168Catalog Database: C:\Windows\system32\CatRoot2\edb.log-1811 (0xfffff8ed)

Error: (03/10/2015 05:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.25.1810b001d05b47beb01d26126C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe988b4c58-c742-11e4-a61d-6cf049e6c4ea

Error: (03/10/2015 02:45:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/08/2015 05:25:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\PC\Desktop\Anti Spy\esetsmartinstaller_enu.exe

Error: (03/08/2015 11:43:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/08/2015 08:06:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: avscan.exe15.0.8.650a0401d0596ca9db3da760000C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe6d2eff84-c561-11e4-ba1c-6cf049e6c4ea


CodeIntegrity Errors:
===================================
  Date: 2012-12-23 14:23:30.355
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 16%
Total physical RAM: 16379.49 MB
Available physical RAM: 13633.55 MB
Total Pagefile: 20425.68 MB
Available Pagefile: 17501.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:684.91 GB) NTFS
Drive d: (Titan Quest) (CDROM) (Total:4.13 GB) (Free:0 GB) UDF
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:781.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B09DE90D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 67621B28)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 14.03.2015 12:48
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
S3 X6va008; No ImagePath
S3 X6va012; No ImagePath
S3 X6va021; No ImagePath
S3 X6va028; No ImagePath
S3 xhunter1; No ImagePath
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Frisches FRST Log bitte.

Amaya 14.03.2015 21:17
Done and the bug is still a bug
 
(immer nur neue logs - nach möglichkeit)

Problem bleibt bestehen ...

test über taste entf - windows start ging hoch und gleich tipp hier wieder wer mit.

wwad
.360yieeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

hm. _._ Wenn du irgendwie dabei zusehen willst.. sag bescheid. Ganz davon abgesehen, was das Ding dann mach wenn man in einem Ordner ist oder im Taskmanager. Springt wild mit der Auswahl umher.. und blockiert irgendwann vor EIngaben den WIndows sound.. diese gepinge >.<

Vor 5 Jahren hatte ich schonmal Probleme mit dem Adyieldmanager.. damals wirklich nur ne Toolbar und ne Dll zum löschen, nach Ewigkeiten am Suchen, weil keiner das Problem kannte.
Kann doch nicht sein das ein "geblocktes Cookie" (bezweifel das es immer noch ein Cookie ist) so unauffinbar ist

AnmerkunG: Nach dem Restart hat sich der Pc erstmal aufgehangen.. mit dem berühmten "_" Geblinke.
Fixlog
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by PC at 2015-03-14 16:03:37 Run:2
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available profiles: PC)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bit
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
S3 X6va008; No ImagePath
S3 X6va012; No ImagePath
S3 X6va021; No ImagePath
S3 X6va028; No ImagePath
S3 xhunter1; No ImagePath
Emptytemp:
*****************

HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found.
X6va008 => Service not found.
X6va012 => Service not found.
X6va021 => Service not found.
X6va028 => Service not found.
xhunter1 => Service not found.
EmptyTemp: => Removed 6.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 16:04:01 ====
FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by PC (administrator) on LAURENTH on 14-03-2015 16:14:32
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available profiles: PC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "E:\wtfx\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) E:\hmchi\hamachi-2.exe
(LogMeIn, Inc.) E:\hmchi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(LogMeIn Inc.) E:\hmchi\hamachi-2-ui.exe
(LogMeIn, Inc.) E:\hmchi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\PC\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Akamai Technologies, Inc.) C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\PC\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Waterfox) E:\wtfx\waterfox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => E:\hmchi\hamachi-2-ui.exe [3978600 2015-02-17] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Run: [Akamai NetSession Interface] => C:\Users\PC\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\MountPoints2: {44dbe384-04d2-11e2-847c-806e6f6e6963} - D:\menue.exe
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\MountPoints2: {c05ae8cf-f9d7-11e2-a6ca-6cf049e6c4ea} - H:\BvsC_Setup.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-20 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - No CLSID Value
Handler: WSAllMyTubechrome - No CLSID Value
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default
FF NewTab: hxxp://www.google.com
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-07-17] (DivX, LLC)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2013-05-22] (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\npArcPluginFF.dll [2014-11-24] (Perfect World Entertainment Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1318200210-3521828580-4078792253-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-08-21] ()
FF Extension: Avira Browser Safety - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default\Extensions\abs@avira.com [2015-03-09]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default\Extensions\iobitascsurfingprotection@iobit.com [2015-03-05]
FF Extension: Adblock Plus - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\8v3y2dml.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-11]
FF HKLM-x32\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com
FF Extension: Wondershare AllMyTube - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com [2014-12-11]
FF HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-25] (Avira Operations GmbH & Co. KG)
S4 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-11-24] (Perfect World Entertainment Inc)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S4 GaUpdateService; C:\ProgramData\gaupdt\service\0\gaupsvc.exe [1558032 2013-03-19] ()
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 Hamachi2Svc; E:\hmchi\hamachi-2.exe [2490216 2015-02-17] (LogMeIn Inc.)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3975544 2012-05-09] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-05-29] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-05-29] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 LMIGuardianSvc; No ImagePath

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-02-25] (Avira Operations GmbH & Co. KG)
S3 EagleX64; No ImagePath
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-24] (REALiX(tm))
S2 LMIInfo; No ImagePath
S4 LMIRfsClientNP; No ImagePath
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2013-12-04] (Audials AG)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [128856 2013-06-05] (Razer USA Ltd)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-24] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-09-23] (Duplex Secure Ltd.)
R3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 16:14 - 2015-03-14 16:15 - 00014922 _____ () C:\Users\PC\Desktop\FRST.txt
2015-03-12 14:20 - 2015-03-12 14:20 - 02095616 _____ (Farbar) C:\Users\PC\Downloads\FRST64(1).exe
2015-03-11 18:45 - 2015-03-11 18:45 - 00000028 _____ () C:\Users\PC\Desktop\ftb erze.txt
2015-03-11 18:23 - 2015-03-11 18:23 - 00000013 _____ () C:\Users\PC\Desktop\test.txt
2015-03-11 13:26 - 2015-03-14 15:57 - 00001916 _____ () C:\Windows\PFRO.log
2015-03-11 01:42 - 2015-03-14 16:10 - 00002576 _____ () C:\Windows\setupact.log
2015-03-11 01:42 - 2015-03-11 01:42 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-10 23:03 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-10 23:03 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-10 23:03 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-10 23:03 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-10 23:03 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-10 23:03 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-10 23:03 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-10 23:03 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-10 23:03 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-03-10 23:03 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-03-10 23:03 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-03-10 23:03 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-03-10 23:03 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-03-10 23:03 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-03-10 23:03 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-03-10 23:03 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-10 23:03 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-10 23:03 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-10 23:03 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-10 23:03 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-10 23:03 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-10 23:03 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-10 23:03 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-10 23:03 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-10 23:03 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-10 23:03 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-10 23:03 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-10 23:03 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-10 23:03 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-10 23:03 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-10 23:03 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-10 23:03 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-10 23:03 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-10 23:03 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-10 23:03 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-10 23:03 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-10 23:03 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-10 23:03 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-10 23:03 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-10 23:03 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-10 23:03 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-10 23:03 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-03-10 23:03 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-03-10 23:03 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-10 23:03 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-10 23:03 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-10 23:03 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-10 23:03 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-10 23:03 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-10 23:03 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-10 23:03 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-03-10 23:03 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-10 23:03 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-10 23:03 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-10 23:03 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-10 23:03 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-10 23:03 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-10 23:03 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-10 23:03 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-10 23:03 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-10 23:03 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-10 23:02 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-10 23:02 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-10 23:02 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-03-10 23:02 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-10 23:02 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-10 23:02 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-03-10 23:02 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-10 23:02 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-10 23:02 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-10 23:02 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-10 23:02 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-10 23:02 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-10 23:02 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-10 23:02 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-10 23:02 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-10 23:02 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-10 23:02 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-10 23:02 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-10 23:02 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-10 23:02 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-10 23:02 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-10 23:02 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-10 23:02 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-10 23:02 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-10 23:02 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-10 23:02 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-03-10 23:02 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-10 23:02 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 23:02 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-10 23:02 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-10 23:02 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-03-10 23:02 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-03-10 23:02 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-10 23:02 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-10 23:02 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-10 23:02 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-03-10 23:02 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-03-10 23:02 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-03-10 23:02 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-03-10 23:02 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-03-10 23:02 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-10 23:02 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-10 23:02 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-10 23:02 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-10 23:02 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-10 23:02 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-10 23:02 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-03-10 23:02 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-10 23:02 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-10 23:02 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-10 23:02 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-10 23:02 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-03-10 23:02 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-10 23:02 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-10 23:02 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-10 23:02 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-10 23:02 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-10 23:02 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-10 23:02 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-10 23:02 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-10 23:02 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-10 22:43 - 2015-03-10 22:43 - 34103034 _____ () C:\Users\PC\Downloads\Ultimate_Server.zip
2015-03-10 22:32 - 2015-03-12 17:43 - 00000000 ____D () C:\ftb
2015-03-10 22:30 - 2015-03-12 21:31 - 00000000 ____D () C:\Users\PC\AppData\Local\ftblauncher
2015-03-10 22:30 - 2015-03-10 22:32 - 00000000 ____D () C:\Users\PC\AppData\Roaming\ftblauncher
2015-03-10 22:30 - 2015-03-10 22:30 - 06623853 _____ () C:\Users\PC\Desktop\FTB_Launcher.exe
2015-03-10 22:30 - 2015-03-10 22:30 - 06591597 _____ () C:\Users\PC\Downloads\FTB_Launcher.jar
2015-03-10 20:08 - 2015-03-10 20:09 - 437581680 _____ () C:\Users\PC\Downloads\Die Beschenkte(2).wma
2015-03-10 20:03 - 2015-03-10 20:05 - 437581680 _____ () C:\Users\PC\Downloads\Die Beschenkte(1).wma
2015-03-10 00:34 - 2015-03-10 00:34 - 00000000 ____D () C:\Users\PC\AppData\Roaming\java
2015-03-09 18:36 - 2015-03-14 16:11 - 00000000 ____D () C:\Users\PC\AppData\Local\LogMeIn Hamachi
2015-03-09 18:36 - 2015-03-09 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-03-09 18:33 - 2015-03-09 18:33 - 08548352 _____ () C:\Users\PC\Downloads\hamachi.msi
2015-03-09 13:27 - 2015-03-09 13:27 - 00000000 ____D () C:\Users\PC\AppData\Local\Steam
2015-03-08 18:42 - 2015-03-11 13:27 - 00276968 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-08 18:41 - 2015-03-08 18:41 - 73826304 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag
2015-03-08 18:28 - 2015-03-08 18:31 - 00000000 ____D () C:\Program Files (x86)\Convar
2015-03-08 18:28 - 2015-03-08 18:28 - 03462033 _____ () C:\Users\PC\Downloads\pci_4filerecovery.exe
2015-03-08 18:18 - 2015-03-08 18:18 - 00062496 _____ () C:\Users\PC\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-08 18:07 - 2015-03-08 18:15 - 00045452 _____ () C:\Users\PC\Desktop\Logfiles.zip
2015-03-08 17:55 - 2015-03-08 17:55 - 00002337 _____ () C:\Users\PC\Desktop\Neues Textdokument (4).txt
2015-03-08 17:29 - 2015-03-14 09:08 - 02095616 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-03-08 17:29 - 2015-03-14 09:08 - 00000000 ____D () C:\Users\PC\Desktop\FRST-OlderVersion
2015-03-08 17:19 - 2015-03-08 17:19 - 00000576 _____ () C:\Users\PC\Desktop\defogger_disable.log
2015-03-08 17:19 - 2015-03-08 17:19 - 00000020 _____ () C:\Users\PC\defogger_reenable
2015-03-08 17:17 - 2015-03-08 17:17 - 00050477 _____ () C:\Users\PC\Desktop\Defogger.exe
2015-03-08 17:13 - 2015-03-08 17:13 - 00000000 ____D () C:\Users\PC\AppData\Local\AnVir
2015-03-08 16:58 - 2015-03-08 16:58 - 00000000 _____ () C:\Users\PC\Desktop\Fbars.txt
2015-03-08 16:29 - 2015-03-08 16:32 - 00000076 _____ () C:\Users\PC\Desktop\Neues Textdokument (3).txt
2015-03-08 10:17 - 2015-03-08 15:26 - 10995632 _____ (SurfRight B.V.) C:\Users\PC\Downloads\hitmanpro_x64.exe
2015-03-08 10:17 - 2015-03-08 10:17 - 02209056 _____ () C:\Users\PC\Downloads\avira-eu-cleaner_de.exe
2015-03-08 10:16 - 2015-03-08 10:16 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-03-08 10:14 - 2015-03-08 10:14 - 00005651 _____ () C:\Users\PC\Desktop\UsbFix_Report.txt
2015-03-08 09:54 - 2015-03-08 09:54 - 20268032 _____ (Microsoft Corporation) C:\Users\PC\Downloads\imageres.dll
2015-03-08 09:40 - 2015-03-08 09:40 - 12184357 _____ () C:\Users\PC\Downloads\imageres.zip
2015-03-08 08:23 - 2015-03-08 08:23 - 06870552 _____ (ParetoLogic, Inc.) C:\Users\PC\Downloads\RegCureProSetup.exe
2015-03-08 07:51 - 2015-03-08 07:51 - 00030973 _____ () C:\Users\PC\Desktop\w1.txt
2015-03-08 05:19 - 2015-03-08 05:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
2015-03-08 05:19 - 2015-03-08 05:19 - 00000000 ____D () C:\Program Files (x86)\FileASSASSIN
2015-03-08 04:20 - 2015-03-08 04:20 - 00000240 _____ () C:\Users\PC\Desktop\leg.reg
2015-03-08 03:49 - 2015-03-08 03:48 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-03-08 03:28 - 2015-03-08 03:28 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Avira
2015-03-08 03:20 - 2015-02-25 17:53 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-03-08 03:20 - 2015-02-25 17:53 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-03-08 03:20 - 2015-02-25 17:53 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-03-08 03:19 - 2015-03-08 03:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-08 03:19 - 2015-03-08 03:20 - 00000000 ____D () C:\ProgramData\Avira
2015-03-08 03:19 - 2015-03-08 03:20 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-08 03:19 - 2015-03-08 03:19 - 00001211 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-03-07 23:32 - 2010-03-10 16:31 - 00000000 ____D () C:\Users\PC\Desktop\Double Driver
2015-03-07 23:31 - 2015-03-07 23:31 - 02165485 _____ () C:\Users\PC\Downloads\double_driver_4.1.0_portable.zip
2015-03-07 22:41 - 2015-03-07 22:41 - 01663104 _____ () C:\Users\PC\Downloads\PANDAIS15.exe
2015-03-07 21:55 - 2015-03-07 21:55 - 05297736 _____ (SuperEasy Software GmbH & Co. KG ) C:\Users\PC\Desktop\driverupdater.exe
2015-03-07 20:13 - 2015-03-07 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrar Registry Manager
2015-03-07 20:13 - 2015-03-07 20:13 - 00000000 ____D () C:\Program Files\Registrar Registry Manager
2015-03-07 19:57 - 2015-03-07 20:07 - 00008552 _____ () C:\Users\PC\Desktop\FarBars Recover Anleitung.txt
2015-03-07 19:51 - 2015-03-08 18:10 - 00000000 ____D () C:\Users\PC\Desktop\AnVir
2015-03-07 17:32 - 2015-03-08 10:14 - 00000000 ____D () C:\UsbFix
2015-03-07 08:20 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-03-07 08:20 - 2014-08-30 03:10 - 06583296 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-03-07 08:20 - 2014-08-30 02:50 - 05702656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-03-07 07:57 - 2015-03-07 07:57 - 00003051 _____ () C:\Users\PC\AppData\Local\Temp6.html
2015-03-07 07:57 - 2015-03-07 07:57 - 00001293 _____ () C:\Users\PC\AppData\Local\Temp1.html
2015-03-07 06:11 - 2015-03-07 06:11 - 00000000 _____ () C:\Users\PC\Desktop\Neues Textdokument (2).txt
2015-03-07 05:50 - 2015-03-07 05:50 - 00000821 _____ () C:\Users\PC\Desktop\SanityCheck.lnk
2015-03-07 05:50 - 2015-03-07 05:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SanityCheck
2015-03-07 05:50 - 2015-03-07 05:50 - 00000000 ____D () C:\Program Files\SanityCheck
2015-03-07 05:44 - 2015-03-07 05:44 - 02957424 _____ () C:\Users\PC\Desktop\funk.reg
2015-03-07 05:39 - 2015-03-07 05:39 - 00000596 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk
2015-03-07 05:07 - 2015-03-07 05:07 - 00006568 _____ () C:\Users\PC\Documents\cc_20150307_050726.reg
2015-03-07 04:53 - 2015-03-07 04:53 - 01092680 _____ (Smart PC Solutions ) C:\Users\PC\Downloads\fixregistry27.exe
2015-03-07 04:48 - 2015-03-07 04:48 - 00005216 _____ () C:\Users\PC\Downloads\tessss.txt
2015-03-07 04:14 - 2015-03-07 04:16 - 00013075 _____ () C:\Users\PC\Desktop\bookmarks_07.03.15.html
2015-03-07 04:05 - 2015-03-08 17:37 - 00000000 ____D () C:\Users\PC\AppData\Local\CrashDumps
2015-03-06 23:42 - 2015-03-06 23:42 - 00000000 ___RD () C:\Users\PC\Desktop\TEAMGEIST
2015-03-06 23:14 - 2015-03-06 23:14 - 00000000 ____D () C:\Users\PC\Tracing
2015-03-06 23:13 - 2015-03-06 23:13 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-03-06 23:13 - 2015-03-06 23:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-06 23:13 - 2015-03-06 23:13 - 00000000 ____D () C:\ProgramData\Skype
2015-03-06 23:13 - 2015-03-06 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-03-06 23:12 - 2015-03-06 23:12 - 00003152 _____ () C:\Windows\System32\Tasks\{75A5D437-EAD1-4FF1-BCFA-D23C47968FD7}
2015-03-06 22:47 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-03-06 22:47 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-03-06 22:47 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-03-06 22:47 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-03-06 22:47 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-03-06 22:47 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-03-06 22:47 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-03-06 22:47 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-03-06 22:47 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-03-06 22:47 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-03-06 22:47 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-03-06 22:47 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-03-06 22:47 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-03-06 22:47 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-03-06 22:47 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-03-06 22:29 - 2015-03-06 22:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-03-06 21:47 - 2015-03-06 21:47 - 00431144 _____ () C:\Users\PC\Downloads\Mediakey.zip
2015-03-06 21:42 - 2015-03-06 21:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unknown Device Identifier 8.02
2015-03-06 21:42 - 2015-03-06 21:42 - 00000000 ____D () C:\Program Files\Unknown Device Identifier
2015-03-06 21:41 - 2015-03-06 21:41 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2015-03-06 21:38 - 2015-03-06 18:10 - 00000872 _____ () C:\Windows\system32\Drivers\etc\hosts.20150306-213833.backup
2015-03-06 21:18 - 2015-03-06 21:18 - 00000000 ____D () C:\Users\nsk1051.tmp
2015-03-06 21:16 - 2015-03-06 21:16 - 00000000 ____D () C:\Spacekace
2015-03-06 19:03 - 2015-03-06 19:20 - 00000021 _____ () C:\Users\PC\Desktop\Neues Textdokument.txt
2015-03-06 18:47 - 2015-03-14 16:13 - 00000000 ____D () C:\Users\PC\Desktop\backups
2015-03-06 18:43 - 2015-03-06 18:43 - 00000000 ____D () C:\Users\PC\Desktop\Neuer Ordner (2)
2015-03-06 18:32 - 2015-03-06 18:46 - 00004586 _____ () C:\Users\PC\Desktop\Rkill.txt
2015-03-06 18:31 - 2015-03-06 18:31 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-03-06 18:31 - 2015-03-06 18:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-03-06 18:31 - 2015-03-06 18:31 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-03-06 18:31 - 2015-03-06 18:31 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-06 18:29 - 2015-03-06 18:29 - 00159578 _____ () C:\Users\PC\Downloads\JavaRa-2.6.zip
2015-03-06 18:29 - 2015-03-06 18:29 - 00159578 _____ () C:\Users\PC\Downloads\JavaRa-2.6 (1).zip
2015-03-06 18:28 - 2015-03-06 18:28 - 00000000 _____ () C:\Windows\SysWOW64\REN7BCA.tmp
2015-03-06 17:33 - 2015-03-06 17:33 - 00013330 _____ () C:\Users\PC\Desktop\KBDRU1.DLL - Verknüpfung.lnk
2015-03-06 17:05 - 2015-03-07 07:53 - 00000000 ____D () C:\Users\PC\Desktop\Procmon
2015-03-06 16:41 - 2015-03-06 16:41 - 00004894 _____ () C:\Users\PC\Desktop\RKreport_DEL_03062015_164021.log
2015-03-06 16:12 - 2015-03-06 16:28 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-06 15:59 - 2015-03-06 16:41 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-03-06 15:59 - 2015-03-06 15:59 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-03-06 15:11 - 2015-03-06 15:11 - 13787245 _____ () C:\Users\PC\Downloads\SL-6481-BK_Driver_V1.3.zip
2015-03-06 15:03 - 2015-03-06 15:25 - 00000000 ____D () C:\Users\PC\Documents\ProcAlyzer Dumps
2015-03-06 03:18 - 2015-03-06 03:18 - 00000476 __RSH () C:\Users\PC\ntuser.pol
2015-03-06 03:00 - 2015-03-07 05:01 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-06 03:00 - 2015-03-06 21:41 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-06 03:00 - 2015-03-06 03:00 - 00000656 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2015-03-06 01:58 - 2015-03-06 01:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex-Editor MX
2015-03-06 01:58 - 2015-03-06 01:58 - 00000000 ____D () C:\Program Files (x86)\Hex-Editor MX
2015-03-06 00:39 - 2015-03-06 00:39 - 00086858 _____ () C:\Users\PC\Downloads\Shortcut.txt
2015-03-06 00:38 - 2015-03-06 00:39 - 00042522 _____ () C:\Users\PC\Downloads\Addition.txt
2015-03-06 00:37 - 2015-03-12 14:27 - 00095813 _____ () C:\Users\PC\Downloads\FRST.txt
2015-03-06 00:34 - 2015-03-14 16:14 - 00000000 ____D () C:\FRST
2015-03-06 00:30 - 2015-03-06 00:30 - 02092544 _____ (Farbar) C:\Users\PC\Downloads\FRST64.exe
2015-03-05 23:56 - 2015-03-05 23:56 - 00156624 _____ () C:\Users\PC\Downloads\RkU3.7.300.501.zip
2015-03-05 23:55 - 2015-03-05 23:55 - 00916072 _____ (F-Secure Corporation) C:\Users\PC\Downloads\fsbl1067.exe
2015-03-05 23:41 - 2015-03-05 23:42 - 00002764 _____ () C:\Users\PC\Desktop\Rkill (2).txt
2015-03-05 23:41 - 2015-03-05 23:41 - 00000000 ____D () C:\Users\PC\Desktop\rkill
2015-03-05 23:11 - 2015-03-08 17:25 - 00000000 ____D () C:\Users\PC\Desktop\Anti Spy
2015-03-05 23:09 - 2015-03-05 23:09 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\PC\Desktop\iExplore.exe
2015-03-05 20:32 - 2015-03-05 20:54 - 00009304 _____ () C:\Users\PC\Desktop\hijackthis.log
2015-03-05 20:20 - 2015-03-05 20:20 - 00000000 __SHD () C:\Users\PC\AppData\Local\EmieBrowserModeList
2015-03-05 20:14 - 2015-03-05 20:14 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2015-03-05 19:54 - 2015-03-05 19:54 - 01686759 _____ () C:\Users\PC\Downloads\PSTools.zip
2015-03-05 18:59 - 2015-03-06 19:21 - 00001178 _____ () C:\Windows\SysWOW64\BroomData.bit
2015-03-05 18:59 - 2013-04-08 15:30 - 00022752 _____ () C:\Windows\system32\PCloudBroom64.exe
2015-03-05 18:08 - 2015-03-05 18:08 - 00943832 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-03-05 18:08 - 2015-03-05 18:08 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-03-05 18:04 - 2015-03-06 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-05 17:57 - 2015-03-05 17:57 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-03-05 17:57 - 2015-03-05 17:57 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-03-05 17:57 - 2015-03-05 17:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-05 17:57 - 2015-03-05 17:57 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-05 17:40 - 2015-03-09 18:34 - 00002898 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_PC
2015-03-05 17:34 - 2015-03-05 17:34 - 00001174 _____ () C:\Users\PC\Desktop\IObit Uninstaller.lnk
2015-03-05 17:10 - 2015-03-05 17:11 - 60205784 _____ () C:\Users\PC\Downloads\Waterfox_36.0_Setup (1).exe
2015-03-05 17:05 - 2015-03-05 17:05 - 00004884 _____ () C:\Users\PC\Documents\links.txt
2015-03-05 16:10 - 2015-03-05 16:10 - 00008507 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2015-03-03 19:31 - 2015-03-03 19:31 - 00000000 ____D () C:\Users\PC\.thumbnails
2015-03-03 15:27 - 2015-03-05 17:12 - 00000000 ____D () C:\Users\PC\.gimp-2.8
2015-03-03 15:27 - 2015-03-03 15:27 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-03-03 15:26 - 2015-03-03 15:27 - 00000000 ____D () C:\Program Files\GIMP 2
2015-03-03 15:24 - 2015-03-03 15:25 - 00000000 ____D () C:\Users\PC\Downloads\Divergent
2015-03-03 07:01 - 2015-03-03 07:03 - 58384493 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 7 - Frame Sets.zip
2015-03-03 07:01 - 2015-03-03 07:01 - 01686393 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 5 - Medieval Architecture.zip
2015-03-03 07:01 - 2015-03-03 07:01 - 00590854 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 2 - Metal & Stone.zip
2015-03-03 07:00 - 2015-03-03 07:01 - 00687738 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 3 - Crystal & Liquid.zip
2015-03-03 07:00 - 2015-03-03 07:00 - 00537139 _____ () C:\Users\PC\Downloads\Genetica Texture Pack 1 - Floor & Wall.zip
2015-03-03 06:59 - 2015-03-03 07:00 - 09840461 _____ (Spiral Graphics Inc.) C:\Users\PC\Downloads\Genetica Viewer 3.5 Setup.exe
2015-03-03 06:59 - 2015-03-03 06:59 - 04645910 _____ (Spiral Graphics Inc. ) C:\Users\PC\Downloads\Wood_Workshop_1,01_Setup.exe
2015-03-03 06:04 - 2015-03-05 23:10 - 00000000 ____D () C:\Users\PC\Desktop\Eigenes Texture Pack light
2015-03-03 05:03 - 2015-03-03 05:03 - 02809041 _____ () C:\Users\PC\Downloads\abstaria.zip
2015-03-03 05:02 - 2015-03-03 05:02 - 07753333 _____ () C:\Users\PC\Downloads\Okami Texture Pack_x64_1.6.2.zip
2015-03-03 05:00 - 2015-03-03 05:00 - 48264336 _____ () C:\Users\PC\Downloads\The Next Big Thing 2013 1.7.2.zip
2015-03-03 04:50 - 2015-03-03 04:51 - 39792674 _____ () C:\Users\PC\Downloads\HerrSommer Dye - 1.8 - v2.zip
2015-03-03 04:45 - 2015-03-03 04:46 - 65669183 _____ () C:\Users\PC\Downloads\HD Realism (Light).zip
2015-03-03 04:39 - 2015-03-03 04:39 - 05488685 _____ () C:\Users\PC\Downloads\Pebbles 32x32 v.0.95.zip
2015-03-03 04:38 - 2015-03-03 04:39 - 50065163 _____ () C:\Users\PC\Downloads\1.7.2 64x Scaramandos Halloween(2).zip
2015-03-03 04:30 - 2015-03-03 04:30 - 38532761 _____ () C:\Users\PC\Downloads\Moartex HD_1.6.1.zip
2015-03-03 04:25 - 2015-03-03 04:25 - 25141775 _____ () C:\Users\PC\Downloads\Wolion64.zip
2015-03-03 04:20 - 2015-03-03 04:20 - 21181489 _____ () C:\Users\PC\Downloads\Evolutrium Craft 64x [1.7.4].zip
2015-03-03 04:20 - 2015-03-03 04:20 - 09206747 _____ () C:\Users\PC\Downloads\Battlefield 3 resource pack 1.7.x.zip
2015-03-03 04:14 - 2015-03-03 04:15 - 42740954 _____ () C:\Users\PC\Downloads\HerrSommer  Medieval - 1.8 - v2-3 wip.zip
2015-03-03 04:13 - 2015-03-03 04:13 - 40517657 _____ () C:\Users\PC\Downloads\HerrSommer - 1.8 - v2.zip
2015-03-03 04:11 - 2015-03-03 04:11 - 34633116 _____ () C:\Users\PC\Downloads\[64]outdated version search for v8.zip
2015-03-03 04:08 - 2015-03-03 04:09 - 06905541 _____ () C:\Users\PC\Downloads\[1.8] Arcility [HD - 64x] 11914.zip
2015-03-03 04:08 - 2015-03-03 04:08 - 05175548 _____ () C:\Users\PC\Downloads\Finlandia 1.8.zip
2015-03-03 04:02 - 2015-03-03 04:02 - 55852704 _____ () C:\Users\PC\Downloads\64 x 64 Hyperion HD Texture Pack (new).zip
2015-03-03 04:02 - 2015-03-03 04:02 - 00748598 _____ () C:\Users\PC\Downloads\Serinity HD [1.8.1].zip
2015-03-03 03:56 - 2015-03-03 03:56 - 11338545 _____ () C:\Users\PC\Downloads\willpack4.zip
2015-03-03 03:54 - 2015-03-03 03:54 - 00777106 _____ () C:\Users\PC\Downloads\Lithos Luminous.zip
2015-03-03 03:53 - 2015-03-03 03:53 - 06259465 _____ () C:\Users\PC\Downloads\ProZeth 1.8 v2.7.zip
2015-03-03 03:53 - 2015-03-03 03:53 - 00048048 _____ () C:\Users\PC\Downloads\_Lithos_HD_Font_Add-on.zip
2015-03-03 03:52 - 2015-03-03 03:52 - 11301346 _____ () C:\Users\PC\Downloads\SummerFields_1.8.X.zip
2015-03-03 03:44 - 2015-03-03 03:44 - 01619803 _____ () C:\Users\PC\Downloads\Nagareru - 1.0.zip
2015-03-03 03:42 - 2015-03-03 03:42 - 13724372 _____ () C:\Users\PC\Downloads\Wuggi-Craft_Fantasia v.102.zip
2015-03-03 03:42 - 2015-03-03 03:42 - 04042384 _____ () C:\Users\PC\Downloads\Romecraft GERMANIA 14.5.zip
2015-03-03 03:39 - 2015-03-03 03:41 - 221112346 _____ () C:\Users\PC\Downloads\CCCode-dokustash-d9d644b6c5ed.zip
2015-03-03 03:38 - 2015-03-03 03:38 - 23534658 _____ () C:\Users\PC\Downloads\1.7-MegaDoku-TSC-Light.zip
2015-03-03 03:38 - 2015-03-03 03:38 - 01181511 _____ () C:\Users\PC\Downloads\Thaumcraft-lV-Dokucraft-1.7.10.zip
2015-03-03 03:35 - 2015-03-03 03:35 - 23914948 _____ () C:\Users\PC\Downloads\WesterosCraft Survival.zip
2015-03-03 03:33 - 2015-03-03 03:34 - 54364655 _____ () C:\Users\PC\Downloads\1.8.1 -Dokucraft_Dwarven_v67.zip
2015-03-03 03:30 - 2015-03-03 03:30 - 03284713 _____ () C:\Users\PC\Downloads\Wayukian_pack_v6.1.zip
2015-03-03 01:36 - 2015-03-07 05:30 - 00000000 ____D () C:\Users\PC\Desktop\512
2015-03-03 00:23 - 2015-03-07 05:13 - 00000000 ____D () C:\Users\PC\AppData\Roaming\inkscape
2015-03-03 00:18 - 2015-03-03 00:19 - 43314243 _____ (inkscape.org) C:\Users\PC\Downloads\Inkscape-0.91-1.exe
2015-03-03 00:17 - 2015-03-03 00:17 - 06528454 _____ () C:\Users\PC\Downloads\paint.net.4.0.5.install.zip
2015-03-02 22:41 - 2015-03-06 15:24 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Spotify
2015-03-02 22:41 - 2015-03-02 22:41 - 00001776 _____ () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-03-02 20:53 - 2015-03-08 17:12 - 00000000 ____D () C:\Program Files (x86)\DLLSuite
2015-03-02 20:32 - 2015-03-02 20:32 - 00005584 _____ () C:\Users\PC\Documents\cc_20150302_203208.reg
2015-03-02 12:20 - 2015-03-07 22:27 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Panda Security
2015-03-02 12:19 - 2015-03-07 22:28 - 00000000 ____D () C:\ProgramData\Panda Security
2015-03-02 04:24 - 2015-03-08 15:26 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-03-02 03:44 - 2015-03-02 03:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-02 02:52 - 2015-03-02 03:33 - 00000000 ____D () C:\Windows\system32\log
2015-03-01 19:10 - 2015-03-01 19:18 - 174466376 _____ () C:\Users\PC\Downloads\KoP 1.8 V9 eXtrem Part1.zip
2015-02-28 14:15 - 2015-02-28 14:16 - 00000000 ____D () C:\Program Files (x86)\Minecraft
2015-02-28 14:15 - 2015-02-28 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-02-27 00:21 - 2015-02-27 00:21 - 00000000 ____D () C:\Users\PC\Documents\PDF Files
2015-02-24 00:32 - 2015-02-24 00:34 - 437581680 _____ () C:\Users\PC\Downloads\Die Beschenkte.wma
2015-02-24 00:30 - 2015-02-24 00:32 - 451398198 _____ () C:\Users\PC\Downloads\Wild Cards_01.wma
2015-02-17 15:19 - 2015-02-17 15:25 - 451505806 _____ () C:\Users\PC\Downloads\Die Flammen der Dämmerung_02.wma
2015-02-17 13:26 - 2015-02-05 18:57 - 00621384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-02-17 13:25 - 2015-02-05 22:01 - 32106640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 24768144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 20466496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 13294528 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 13208200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 10773704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 10713256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 10284872 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-02-17 13:25 - 2015-02-05 22:01 - 03610768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 03247248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 01895240 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434752.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434752.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00995248 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00969872 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00943760 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00929936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00908104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00877816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00305136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00177624 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-02-17 13:25 - 2015-02-05 22:01 - 00164752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-02-17 03:56 - 2015-02-17 04:01 - 448183150 _____ () C:\Users\PC\Downloads\Die Flammen der Dämmerung_01(2).wma
2015-02-16 16:20 - 2015-02-16 16:20 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\Drivers\hamachi.sys
2015-02-16 14:34 - 2015-02-16 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2015-02-16 14:32 - 2006-09-20 16:58 - 00040960 _____ () C:\Windows\SysWOW64\psfind.dll
2015-02-16 14:29 - 2015-02-16 14:29 - 00000000 ____D () C:\Program Files (x86)\THQ
2015-02-15 21:06 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-15 21:06 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 16:11 - 2014-12-23 00:18 - 00002848 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (PC)
2015-03-14 16:09 - 2015-02-09 23:57 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-03-14 16:09 - 2012-11-08 13:53 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-14 16:09 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-14 16:04 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-14 16:04 - 2009-07-14 05:45 - 00014192 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-13 21:51 - 2013-08-13 23:38 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{02AECB88-615E-4C17-8DEF-93C5E174B3CD}
2015-03-13 01:19 - 2012-09-26 17:48 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Skype
2015-03-12 21:58 - 2012-10-14 14:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\TS3Client
2015-03-11 14:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-11 13:27 - 2012-09-22 18:25 - 00000000 ____D () C:\Windows\Panther
2015-03-11 13:23 - 2012-09-22 17:29 - 01841538 _____ () C:\Windows\WindowsUpdate.log
2015-03-11 13:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-11 13:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-11 13:05 - 2013-07-23 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 13:01 - 2012-09-23 07:22 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-10 23:40 - 2014-04-23 02:17 - 00000000 ____D () C:\Users\PC\AppData\Roaming\.minecraft
2015-03-10 23:39 - 2014-04-25 21:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-03-08 18:41 - 2015-02-09 19:50 - 73826304 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-03-08 18:41 - 2015-02-09 19:50 - 05705728 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-03-08 18:41 - 2015-02-09 19:50 - 00036864 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-03-08 18:41 - 2015-02-09 19:50 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-03-08 18:37 - 2012-09-23 17:47 - 00000000 ____D () C:\Users\PC\AppData\Roaming\BitTorrent
2015-03-08 17:19 - 2012-09-23 07:04 - 00000000 ____D () C:\Users\PC
2015-03-08 17:10 - 2013-11-10 03:27 - 00000000 ____D () C:\Users\PC\Downloads\Dreamhunter (The Dreamhunter Duet, #1) - Elizabeth Knox
2015-03-08 17:05 - 2014-11-30 18:42 - 00000000 ____D () C:\Users\PC\Downloads\Rune Factory Tides of Destiny [wii][NTSC][Scrubbed]-TLS
2015-03-08 17:03 - 2015-01-17 15:09 - 00000000 ____D () C:\Users\PC\Downloads\James Dashner - The Rule of Thoughts (2014)
2015-03-08 17:02 - 2012-12-24 00:58 - 00000000 ____D () C:\Users\PC\AppData\Roaming\IObit
2015-03-08 17:02 - 2012-12-24 00:58 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-08 16:41 - 2014-10-30 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OGPlanet
2015-03-08 16:39 - 2013-01-01 22:15 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-03-08 15:54 - 2013-12-10 20:25 - 00000000 ____D () C:\ProgramData\Licenses
2015-03-08 09:34 - 2012-11-23 21:25 - 00007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2015-03-08 05:04 - 2014-12-24 02:12 - 00000000 ____D () C:\AdwCleaner
2015-03-08 03:19 - 2014-03-03 21:54 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-08 00:10 - 2013-06-27 16:39 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2015-03-07 19:43 - 2012-12-02 20:05 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-07 05:30 - 2014-07-16 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker Viewer
2015-03-07 05:16 - 2014-10-05 15:51 - 00000000 ____D () C:\ProgramData\HappyCloud
2015-03-07 05:13 - 2014-05-09 20:29 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-07 05:12 - 2012-11-15 18:09 - 00000000 ____D () C:\Users\PC\AppData\Local\Google
2015-03-07 05:03 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-06 22:42 - 2012-10-04 16:36 - 01625086 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-03-06 22:42 - 2009-07-14 18:58 - 00710500 _____ () C:\Windows\system32\perfh007.dat
2015-03-06 22:42 - 2009-07-14 18:58 - 00154830 _____ () C:\Windows\system32\perfc007.dat
2015-03-06 22:42 - 2009-07-14 06:13 - 01625086 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-06 18:31 - 2014-12-24 14:42 - 00000000 ____D () C:\Program Files\Java
2015-03-06 18:28 - 2013-10-22 17:30 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-06 18:28 - 2013-03-05 18:25 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-06 18:14 - 2013-10-05 17:15 - 00000000 ____D () C:\Program Files (x86)\Domination
2015-03-06 18:14 - 2013-08-03 19:40 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-03-06 18:14 - 2013-08-02 20:21 - 00000000 ____D () C:\Program Files (x86)\DOSBox-0.63
2015-03-06 18:14 - 2012-11-03 13:56 - 00000000 ____D () C:\Program Files\DivX
2015-03-06 18:14 - 2012-09-25 15:07 - 00000000 ____D () C:\Program Files (x86)\Otherland
2015-03-06 18:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-03-06 18:14 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-03-06 18:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-03-06 16:22 - 2012-09-23 13:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job.bak
2015-03-06 15:21 - 2015-01-05 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDLINK
2015-03-06 15:20 - 2012-09-23 16:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-06 15:13 - 2015-01-05 16:35 - 00000000 ____D () C:\Program Files (x86)\SPEEDLINK
2015-03-06 12:36 - 2012-12-23 14:08 - 00000000 ____D () C:\Users\PC\AppData\Roaming\QuickScan
2015-03-06 12:18 - 2012-11-26 19:03 - 00000000 ____D () C:\Users\PC\AppData\Local\Spotify
2015-03-06 02:41 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-03-05 20:25 - 2014-08-28 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Entropia Universe
2015-03-05 20:25 - 2013-01-22 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox
2015-03-05 19:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-05 18:08 - 2014-12-24 14:50 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-03-05 17:33 - 2014-12-04 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-03-05 17:21 - 2014-12-04 18:33 - 00000000 ____D () C:\ProgramData\ProductData
2015-03-05 17:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Branding
2015-03-02 20:32 - 2013-03-03 20:44 - 00000000 ____D () C:\Windows\pss
2015-03-02 02:42 - 2014-12-24 16:51 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Steganos
2015-03-02 02:36 - 2013-08-03 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nobilis
2015-03-02 02:36 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-01 16:36 - 2014-09-08 13:38 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2015-02-26 22:10 - 2014-12-24 16:51 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Steganos VPN
2015-02-24 03:17 - 2012-09-23 07:23 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-18 04:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-02-17 13:27 - 2012-11-15 11:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-02-16 16:20 - 2012-10-30 17:26 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-02-16 14:34 - 2012-12-14 11:27 - 00000000 ____D () C:\Users\PC\Documents\My Games

==================== Files in the root of some directories =======

2014-06-28 19:33 - 2014-07-08 13:37 - 0000113 _____ () C:\Users\PC\AppData\Roaming\D2Info0
2014-06-28 19:33 - 2014-06-28 22:13 - 0000008 _____ () C:\Users\PC\AppData\Roaming\DofusAppId0_1
2014-07-08 13:37 - 2014-07-08 17:46 - 0000008 _____ () C:\Users\PC\AppData\Roaming\DofusAppId0_2
2013-07-23 11:58 - 2013-07-23 11:58 - 0034816 _____ () C:\Users\PC\AppData\Roaming\RZR_00200df84a87ada2a1a69d4a76db.db
2012-10-27 23:51 - 2012-10-27 23:51 - 0046080 ___SH () C:\Users\PC\AppData\Roaming\Thumbs.db
2012-12-18 21:21 - 2012-12-18 21:21 - 0000090 _____ () C:\Users\PC\AppData\Local\fusioncache.dat
2015-03-05 16:10 - 2015-03-05 16:10 - 0008507 _____ () C:\Users\PC\AppData\Local\recently-used.xbel
2012-11-23 21:25 - 2015-03-08 09:34 - 0007601 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg
2015-03-07 07:57 - 2015-03-07 07:57 - 0001293 _____ () C:\Users\PC\AppData\Local\Temp1.html
2015-03-07 07:57 - 2015-03-07 07:57 - 0003051 _____ () C:\Users\PC\AppData\Local\Temp6.html
2014-06-05 12:11 - 2014-06-05 12:11 - 2022894 _____ () C:\ProgramData\1401963607.bdinstall.bin
2014-07-05 16:57 - 2014-07-05 16:57 - 0440959 _____ () C:\ProgramData\1404575705.bdinstall.bin
2014-07-14 11:22 - 2014-07-14 11:22 - 0257399 _____ () C:\ProgramData\1405333262.bdinstall.bin
2014-07-14 11:22 - 2014-07-14 11:22 - 0050040 _____ () C:\ProgramData\1405333338.bdinstall.bin
2014-08-17 21:25 - 2014-08-17 21:25 - 0018554 _____ () C:\ProgramData\1408307088.bdinstall.bin
2014-08-30 15:10 - 2014-08-30 15:10 - 0033471 _____ () C:\ProgramData\1409407795.bdinstall.bin

Some content of TEMP:
====================
C:\Users\PC\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 15:35

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by PC at 2015-03-14 16:15:39
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1AVCapture Version 1.9.5.40 (HKLM-x32\...\{8EB278E8-7FDA-4ED9-A429-C87A76F95087}_is1) (Version: 1.9.5.40 - PCWinSoft Systems)
Acoustica Special Edition 5.0 (HKLM-x32\...\Acoustica Special Edition_is1) (Version: 5.0 - Acon AS)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.1.0 - IObit)
Akamai NetSession Interface (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte / related Design)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version:  - Ubisoft Montreal)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Audials (HKLM-x32\...\{9DDE35B3-AAD2-496F-84F0-66F66FCC49F7}) (Version: 11.0.46200.0 - Audials AG)
Avira (HKLM-x32\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.650 - Avira)
BattleSpace (HKLM-x32\...\Steam App 306930) (Version:  - Funnel Inc.)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BitTorrent (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\BitTorrent) (Version: 7.9.2.37755 - BitTorrent Inc.)
CC Magic (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\CC Magic) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.82 - NCH Software)
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
DesignCAD 22 (HKLM-x32\...\{C5C61F02-1453-48A1-947E-8BC9F6812F8E}) (Version: 22.0.0 - IMSIDesign)
D-Fend v2 (HKLM-x32\...\D-Fend v2) (Version:  - )
Die Sims™ 3 Erstelle ein Muster-Tool (HKLM-x32\...\{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}) (Version: 1.0.0 - Electronic Arts)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Driver Booster 2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.0 - IObit)
DUNGEONS - The Dark Lord (Steam Special Edition) (HKLM-x32\...\Steam App 200550) (Version:  - Realmforge Studios)
Dungeons & Dragons Online (HKLM-x32\...\Dungeons & Dragons Online) (Version:  - Turbine, Inc)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 14.9.0.124499 - MindArk PE AB)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Fable - The Lost Chapters (HKLM-x32\...\Steam App 204030) (Version:  - Lionhead Studios)
Fallen Enchantress: Legendary Heroes (HKLM-x32\...\Steam App 228260) (Version:  - Stardock Entertainment)
FATE (HKLM-x32\...\Steam App 246840) (Version:  - WildTangent)
FATE: Undiscovered Realms (HKLM-x32\...\Steam App 276890) (Version:  - WildTangent)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FRANZIS onlineTV 8 (HKLM-x32\...\{CBC88F0E-1960-4AC3-8C38-8BAD44E3F6E3}_is1) (Version: 8.5.0.10 - FRANZIS Verlag GmbH)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
GameSpy Comrade (HKLM-x32\...\{894084B6-BC69-43B7-BF06-B93AECFEA520}) (Version: 2.1.1.214 - GameSpy)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GKLauncher version 1.1.0.4 (HKLM-x32\...\{961346DF-FE43-4392-99FC-47B1F5A882C3}_is1) (Version: 1.1.0.4 - GameKiss)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HDR projects elements (64-Bit) (HKLM\...\HDR projects elements_is1) (Version: 1.22 - Franzis Verlag GmbH)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.2.6.2 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.1.1.0 - Lightworks)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.319 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.319 - LogMeIn, Inc.) Hidden
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{db012557-340e-4a46-adae-81a6b0f6a1e9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{e6edaf4d-f9a1-4023-be00-d6189343feb9}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher) (Version: 3.0.0 - OGPlanet, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.10.297 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PDF Experte 8 Ultimate (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 8.0.0140.0 - Avanquest software)
PDoD Uninstallation (HKLM-x32\...\{B5A4D5A1-7646-4EA9-9D30-3368A736A791}_is1) (Version: 0.4.3 - SickMafia)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Photomizer Retro (HKLM-x32\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.13.308 - Engelmann Media GmbH)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Pokemon Online 2.4.2 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version:  - Dreambelievers)
Pokemon World Online version 1.94 (HKLM-x32\...\{58FA82F2-5FAA-4036-9129-C97DDCAC6A1B}_is1) (Version: 1.94 - PWO Team)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.18 - NCH Software)
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version:  - Password Unlocker Studio)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Registrar Registry Manager 7.70 (HKLM\...\RegistrarHome_is1) (Version:  - Resplendence Software Projects Sp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
SanityCheck 3.00 (HKLM\...\SanityCheck_is1) (Version:  - Resplendence Software Projects Sp.)
Schriftenbibliothek (HKLM-x32\...\Schriftenbibliothek_is1) (Version:  - )
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
SlimDX Runtime .NET 2.0 (January 2012) (HKLM-x32\...\{014A2868-BE56-4888-A16C-693989B8F153}) (Version: 2.0.13.43 - SlimDX Group)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.3 - IObit)
SPlayer (HKLM-x32\...\SPlayer) (Version:  - )
Spotify (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Tales Runner version 1.2 (HKLM-x32\...\{FB205A57-6847-4BAE-8854-ED09266CC221}_is1) (Version: 1.2 - OGPlanet, Inc)
TeamSpeak 3 Client (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Legend of Korra™ (HKLM-x32\...\Steam App 281690) (Version:  - Platinum Games)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unknown Device Identifier 8.02 (HKLM\...\Unknown Device Identifier_is1) (Version: 8.02 - Huntersoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.902 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.61 - NCH Software)
Villagers and Heroes (HKLM-x32\...\Steam App 263540) (Version:  - Mad Otter Games)
VIRTUIS ADVANCED Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - SPEEDLINK)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Waterfox 36.0 (x64 en-US) (HKLM\...\Waterfox 36.0 (x64 en-US)) (Version: 36.0 - Mozilla)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wondershare AllMyTube(Build 4.2.2.0) (HKLM-x32\...\Wondershare AllMyTube_is1) (Version: 4.2.2.0 - Wondershare Software)
XSplit Gamecaster (HKLM-x32\...\{8780DFA8-7E56-43B1-93DB-FE001F8290D7}) (Version: 2.0.1411.2413 - SplitmediaLabs)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1318200210-3521828580-4078792253-1001_Classes\CLSID\{af15ce4e-488b-4bc5-b3ec-d1e26f95ad62}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

05-03-2015 17:25:35 Driver Booster : Marvell 91xx Config Device
05-03-2015 17:27:56 Windows Update
05-03-2015 17:56:06 Windows Modules Installer
05-03-2015 18:03:18 Installed Java 7 Update 76 (64-bit)
05-03-2015 19:31:18 IObit Uninstaller restore point
05-03-2015 20:43:08 IObit Uninstaller restore point
05-03-2015 22:37:38 Prüfpunkt von HitmanPro
05-03-2015 22:38:30 Prüfpunkt von HitmanPro
06-03-2015 03:36:25 Prüfpunkt von HitmanPro
06-03-2015 15:12:44 Installed simplitec simplicheck
06-03-2015 15:13:59 Installed VIRTUIS Advanced Gaming Keyboard
06-03-2015 15:14:10 Installed VIRTUIS Advanced Gaming Keyboard
06-03-2015 15:20:09 Removed VIRTUIS Advanced Gaming Keyboard
06-03-2015 15:20:32 Installed VIRTUIS Advanced Gaming Keyboard
06-03-2015 15:20:45 Installed VIRTUIS Advanced Gaming Keyboard
06-03-2015 17:06:12 Removed simplitec simplicheck
06-03-2015 18:06:43 Saskia goes Antivir
06-03-2015 18:30:13 Removed Java 7 Update 76 (64-bit)
06-03-2015 18:31:30 Installed Java 7 Update 67 (64-bit)
06-03-2015 22:36:42 Windows Update
07-03-2015 17:21:03 Windows Update
08-03-2015 03:30:42 Avira EU-Cleaner - 08.03.2015 03:30
09-03-2015 18:35:40 Installed LogMeIn Hamachi
11-03-2015 13:00:29 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-03-06 21:38 - 00450807 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        localhost
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        1000gratisproben.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        10sek.com
127.0.0.1        www.10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        123fporn.info
127.0.0.1        www.123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D56A7C0-3491-4372-A2F7-9C023EA1C305} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-11-04] (IObit)
Task: {14006D03-CFC3-41BF-936C-55B8D8729350} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {26D97E70-E6EC-4D6B-9DB6-5B147764945C} - System32\Tasks\{75A5D437-EAD1-4FF1-BCFA-D23C47968FD7} => Chrome.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {4C9B2D88-5042-4B54-B05C-185CC7D88607} - System32\Tasks\Uninstaller_SkipUac_PC => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {9C3BE1C5-2990-4621-BBF2-2F4CCF696290} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-10-13] (IObit)
Task: {A9F29E0E-32C2-4DFD-ACC0-772105FC8284} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-23] (IObit)
Task: {AC82F664-B73B-48C4-B981-CAEF6E10B6D2} - System32\Tasks\Driver Booster SkipUAC (PC) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-11-27] (IObit)
Task: {B1387C6E-F901-4F32-8DE1-8F87F2506BD7} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {B4902C62-8664-4182-AD1C-849D3941C165} - System32\Tasks\ASC8_SkipUac_PC => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {FA438C0F-D4F2-48A2-936F-2D2EFE80886F} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-10-08] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job.bak => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-13 21:16 - 2015-02-05 20:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-08 00:06 - 2014-05-29 20:29 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-08 00:06 - 2014-05-29 20:29 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-01-15 13:28 - 2014-06-04 15:17 - 00892288 _____ () C:\Program Files (x86)\IObit\Smart Defrag 3\webres.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:6B0023F8
AlternateDataStreams: C:\ProgramData\Temp:EEDA5B17

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1318200210-3521828580-4078792253-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AdvancedSystemCareService8 => 2
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: GaUpdateService => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: IMFservice => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: PandaAgent => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupfolder: C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^debug.log => C:\Windows\pss\debug.log.Startup
MSCONFIG\startupfolder: C:^Users^PC^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WinUpdate.lnk => C:\Windows\pss\WinUpdate.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Advanced SystemCare 8 => "C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe" /Auto
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DDO-Startprogramm =>
MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
MSCONFIG\startupreg: KSS =>
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: pdiface =>
MSCONFIG\startupreg: PSUAMain => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SL-6481 Gaming Keyboard => "C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-1318200210-3521828580-4078792253-500 - Administrator - Disabled)
Gast (S-1-5-21-1318200210-3521828580-4078792253-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1318200210-3521828580-4078792253-1003 - Limited - Enabled)
PC (S-1-5-21-1318200210-3521828580-4078792253-1001 - Administrator - Enabled) => C:\Users\PC

==================== Faulty Device Manager Devices =============

Name: Microsoft-6zu4-Adapter
Description: Microsoft-6zu4-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/14/2015 09:39:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/13/2015 01:13:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/11/2015 02:03:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/11/2015 01:34:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (3268) WebCacheLocal: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Users\PC\AppData\Local\Microsoft\Windows\WebCache\V01.log.

Error: (03/11/2015 01:27:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -528.

Error: (03/11/2015 01:27:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Catalog Database (1168) Catalog Database: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\CatRoot2\edb.log.

Error: (03/10/2015 05:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.25.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10b0

Startzeit: 01d05b47beb01d26

Endzeit: 126

Anwendungspfad: C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe

Berichts-ID: 988b4c58-c742-11e4-a61d-6cf049e6c4ea

Error: (03/10/2015 02:45:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/08/2015 05:25:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/08/2015 11:43:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (03/14/2015 04:09:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Kernel Information Provider" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/14/2015 04:08:52 PM) (Source: Disk) (EventID: 15) (User: )
Description: Das Gerät \Device\Harddisk0\DR0 ist für den Zugriff noch nicht bereit.

Error: (03/14/2015 04:08:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.

Error: (03/14/2015 04:08:52 PM) (Source: Disk) (EventID: 15) (User: )
Description: Das Gerät \Device\Harddisk0\DR0 ist für den Zugriff noch nicht bereit.

Error: (03/14/2015 04:08:52 PM) (Source: Disk) (EventID: 15) (User: )
Description: Das Gerät \Device\Harddisk0\DR0 ist für den Zugriff noch nicht bereit.

Error: (03/14/2015 03:58:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Kernel Information Provider" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/14/2015 03:57:36 PM) (Source: Disk) (EventID: 15) (User: )
Description: Das Gerät \Device\Harddisk0\DR0 ist für den Zugriff noch nicht bereit.

Error: (03/14/2015 03:57:36 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort4 gefunden.

Error: (03/14/2015 03:57:36 PM) (Source: Disk) (EventID: 15) (User: )
Description: Das Gerät \Device\Harddisk0\DR0 ist für den Zugriff noch nicht bereit.

Error: (03/14/2015 03:57:36 PM) (Source: Disk) (EventID: 15) (User: )
Description: Das Gerät \Device\Harddisk0\DR0 ist für den Zugriff noch nicht bereit.


Microsoft Office Sessions:
=========================
Error: (03/14/2015 09:39:07 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/13/2015 01:13:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/11/2015 02:03:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/11/2015 01:34:48 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost3268WebCacheLocal: C:\Users\PC\AppData\Local\Microsoft\Windows\WebCache\V01.log-1811 (0xfffff8ed)

Error: (03/11/2015 01:27:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -528

Error: (03/11/2015 01:27:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Catalog Database1168Catalog Database: C:\Windows\system32\CatRoot2\edb.log-1811 (0xfffff8ed)

Error: (03/10/2015 05:29:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.25.1810b001d05b47beb01d26126C:\Program Files (x86)\Minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe988b4c58-c742-11e4-a61d-6cf049e6c4ea

Error: (03/10/2015 02:45:13 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (03/08/2015 05:25:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\PC\Desktop\Anti Spy\esetsmartinstaller_enu.exe

Error: (03/08/2015 11:43:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
  Date: 2012-12-23 14:23:30.355
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 15%
Total physical RAM: 16379.49 MB
Available physical RAM: 13839.91 MB
Total Pagefile: 20425.68 MB
Available Pagefile: 17671.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:685.93 GB) NTFS
Drive d: (Titan Quest) (CDROM) (Total:4.13 GB) (Free:0 GB) UDF
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:781.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B09DE90D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 67621B28)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Derzeit sitze ich gerne immer wieder ein paar Minuten vor Procmon..

hilft es wenn ich mal den log reinposte und ne zeitangabe gebe.. ?

schrauber 15.03.2015 08:08
Hast schon mal von der Linux Live CD gebootet und dort drin gearbeitet?

Amaya 15.03.2015 15:02
aw
 
Dazu müsste ich brennen können..

aber für den Fall, dass ich einen meiner faulen Freunde mal am richtigen Tag erwische und der nen Brenngerät hat, was wäre der nächste Schritt?

ich zögere derzeit nämlich damit meinen usb stick an meinen pc zu schmeißen..

ich könnte das mal bei meinem freund probieren.. aber der pflegt seinen pc nicht..

hm.. @@ wo findet man das denn genau und was würdet ihr empfehlen - wie vorzugehen?

schrauber 15.03.2015 20:09
Einfach irgend eine Linux CD, milionen Hits direkt bei Google, egal welche, brennen und von der Booten. Macht der REchner dann keine komischen Sachen, ist es Windows, ansonsten Hardware.

All deine Logs sind sauber, ein Cookie ist und bleibt ein Cookie und kann das nit verursachen.

Amaya 15.03.2015 23:50
naja das mit dem cookie
 
Nun.. findest du es dann Zufall, dass ich das Cookie blockiert hab?
Und es mich jetzt mit seinem Namen nervt - als hätte es ein Scherzprogramm installiert?

Böswillige Absichten machen Malware doch aus.

Das Problead.360yieeeeeeeeeeeeeeeeeeeeeeeee
ich sollt nicht jedesmal zum test wenn ich den PC starte ENTF drücken @@

Das Problem ist einfach - ich habe keine Windows CD und keinen Key mehr. Das heißt ich kann beim besten Willen nicht neu aufsetzen. Leider ist das eine der wenigen Dinge die ich bei den letzten beiden Umzügen verloren habe... neben einigen anderen Cds/Dvds.

Ich müh mich doch nicht umsonst ab jedesmal den Procmon zu benutzen - um zu sehen mit welchen Reg Entrys das Ding versucht rumzu spielen, aber ich bin eben auch kein Profi. Ich kann nur hoffen, dass ich das beim 10000 mal erkenne. _._

Seufzt.

Andere Frage. Wenn ich also feststelle das es Windows ist ~ ergo ein System eintraad.360yieeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Eintrag wahrscheinlich dem mist zugriff auf irgendetwas gewhert.. und irgendeine DLL.. oder thumb oder bat oder .. damit zusammen hängt die ich partout nicht rauslesenen kann..

was kann ich machen um das ganze sichtbar zu machen.. oder gibt es die möglichkeit über Windows eine Linux Partition zu erstellen über welche ich dann andere Viren Scanner oder Löschtools laufen lassen kann?

Meine Mal im Verlauf meine kurzen Lebens, von anderen die davon immer mehr verstanden haben als ich, was gehört zu haben.

schrauber 16.03.2015 11:44
Du kannst von der Linux DVD auch die Windows Installation scannen, mehr oder weniger. Ich will erstmal sicher wissen dass es kein Hardwarethema ist.

Amaya 17.03.2015 13:42
Dann brauch ich wieder etwas zeit
 
... Dann brauch ich jetzt erstmal 1 oder 2 Wochen dafür.

Leider, denn nebenbei kuriere ich gerade ne Mandelentzündung aus ^^.. gerade erst bekommen.. genauso ein Mist Ding X)

Bis dahin. :)

schrauber 17.03.2015 16:57
ok :)

Amaya 15.09.2016 14:53
Bin mittlerweile mal wieder mit dem Thema beschäftigt. Lag letzte Jahr auch im Krankenhaus und danach gingen die Probleme noch weiter..

.. Ich werd mal ne Linux CD auftreiben.
Mittlerweile hab ich mich damit beschäftigt.. ob ich eventuell Delete neu belegen kann. Stellt sich heraus. - Ich kann es in der Registry nicht neu belegen. ... Was mich verwirrt.
Im Prinzip muss also irgendetwas am laufen sein, was die Aktion unterbricht und seine eigene ausführt. Das irritiert mich. Ich sollte mal die Treiber für die Tastatur entfernen und neuinstallieren. .. natürlich erst die treiber downloaden.. ansonsten wäre das witzig.


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:52 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131