Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Malwarebytes doesn't work, computer really slow - logs included [C


  • This topic is locked This topic is locked

#1
marvli

marvli

    New Member

  • Member
  • Pip
  • 4 posts

Malwarebytes doesn't launch with Windows and I can't run it manually either. Microsoft Security Essentials appears to still work. I wasn't at my computer for the last 2 days (15th and 16th August 2014) and when I booted my computer today it was really slow. The Wacom tablet driver didn't work (lots of error messages) and Fences (this program: http://www.stardock....roducts/fences/) gave me an error message because Windows Aero doesn't work either. When I rebooted I got a black screen for a minute with this in the bottom right corner: 

this-copy-of-windows-is-not-genuine.jpg?

 

Help?  :(

 

 

Attached Files


  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

Hello marvli,

Welcome to Geekstogo.

Note: Unless otherwise instructed always copy and paste the logs in the forum. If reports don't fit on one post it might be necessary to break the logs up to get them on the forum. Just use as many posts as you need, that's fine. :)

Moving on

Please download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Please run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt.

So when you return please post

  • Fixlog.txt
  • FRST.txt
  • Addition.txt

 


  • 0

#3
marvli

marvli

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Thank you for your time and effort emeraldnzl,

 

I should mention that I fixed Malwarebytes by running AdwCleaner (which I got from this forum) and then reinstalling it. I did that yesterday while waiting for a reply. The don't get the message "This copy of Windows is not genuine" anymore when booting. But right before I get to the desktop I get a black screen for  around 15 minutes (same thing after following your instructions) before the desktop finally loads.

 

Fixlog.txt:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-08-2014 04
Ran by Lorenz at 2014-08-18 10:32:57 Run:1
Running from C:\Users\Lorenz\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
URLSearchHook: HKLM-x32 - (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
URLSearchHook: HKCU - (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855
SearchScopes: HKCU - {46271BEB-8A4C-4831-96D8-5978B8E02F8C} URL = http://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=ecb3b808-ec56-40c0-8c1f-f376575ff2e2&apn_sauid=924C6060-2877-4C2D-87B3-8EB39B342B50
SearchScopes: HKCU - {60C6A931-C773-43D6-B91E-F96126B0F681} URL = http://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
BHO-x32: No Name -> {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} -> No File
Toolbar: HKLM-x32 - No Name - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-11]
C:\ProgramData\hash.dat
C:\Users\Lorenz\{58C482E3-0C46-43EC-8EE5-C7230FFBC3D6}.dat
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\Lorenz:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\TEMP:DED17083
AlternateDataStreams: C:\ProgramData\TEMP:FED25C29
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Cookies:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Lorenz\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\Lorenz\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\Lorenz\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\Lorenz\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
EmptyTemp:
*****************

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found.
"HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{46271BEB-8A4C-4831-96D8-5978B8E02F8C}" => Key deleted successfully.
"HKCR\CLSID\{46271BEB-8A4C-4831-96D8-5978B8E02F8C}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{60C6A931-C773-43D6-B91E-F96126B0F681}" => Key deleted successfully.
"HKCR\CLSID\{60C6A931-C773-43D6-B91E-F96126B0F681}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}" => Key not found.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml => Moved successfully.
"HKCU\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp" => Key not found.
C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx => Moved successfully.
C:\ProgramData\hash.dat => Moved successfully.
C:\Users\Lorenz\{58C482E3-0C46-43EC-8EE5-C7230FFBC3D6}.dat => Moved successfully.
C:\ProgramData => ":gs5sys" ADS removed successfully.
"C:\Users\All Users" => ":gs5sys" ADS not found.
C:\Users\Lorenz => ":gs5sys" ADS removed successfully.
"C:\ProgramData\Anwendungsdaten" => ":gs5sys" ADS not found.
"C:\ProgramData\Application Data" => ":gs5sys" ADS not found.
C:\ProgramData\TEMP => ":DED17083" ADS removed successfully.
C:\ProgramData\TEMP => ":FED25C29" ADS removed successfully.
"C:\ProgramData\Templates" => ":gs5sys" ADS not found.
"C:\ProgramData\Vorlagen" => ":gs5sys" ADS not found.
"C:\Users\Lorenz\Anwendungsdaten" => ":gs5sys" ADS not found.
"C:\Users\Lorenz\Cookies" => ":gs5sys" ADS not found.
"C:\Users\Lorenz\Lokale Einstellungen" => ":gs5sys" ADS not found.
"C:\Users\Lorenz\Vorlagen" => ":gs5sys" ADS not found.
C:\Users\Lorenz\Desktop\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\Lorenz\AppData\Local => ":gs5sys" ADS removed successfully.
C:\Users\Lorenz\AppData\Roaming => ":gs5sys" ADS removed successfully.
"C:\Users\Lorenz\AppData\Local\Anwendungsdaten" => ":gs5sys" ADS not found.
"C:\Users\Lorenz\AppData\Local\Verlauf" => ":gs5sys" ADS not found.
C:\Users\Lorenz\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\Public\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
EmptyTemp: => Removed 2.5 GB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Lorenz (administrator) on COMPUTER on 18-08-2014 10:51:31
Running from C:\Users\Lorenz\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\WindowBlinds\WBCore.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
() C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2350880 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3993744 2014-05-22] (Stardock Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EsternTimesMouseExRun] => C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe [3351040 2013-04-23] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM Group Policy restriction on software: *.7z*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binexe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bincom <====== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <====== ATTENTION
HKLM Group Policy restriction on software: ** <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binpif <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Binscr <====== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <====== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <====== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <====== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <====== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <====== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <====== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <====== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-721527169-3598334179-861810665-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-721527169-3598334179-861810665-1000\...\MountPoints2: {4b6e6034-fd6a-11e0-8324-f46d04193268} - E:\autorun.exe
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.de/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1

FireFox:
========
FF ProfilePath: C:\Users\Lorenz\AppData\Roaming\Mozilla\Firefox\Profiles\ddofuwyq.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Lorenz\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Lorenz\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Lorenz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF Extension: Reddit Enhancement Suite - C:\Users\Lorenz\AppData\Roaming\Mozilla\Firefox\Profiles\ddofuwyq.default\Extensions\[email protected] [2014-06-26]
FF Extension: Adblock Plus - C:\Users\Lorenz\AppData\Roaming\Mozilla\Firefox\Profiles\ddofuwyq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-25]
FF Extension: Thumbnail Zoom - C:\Users\Lorenz\AppData\Roaming\Mozilla\Firefox\Profiles\ddofuwyq.default\Extensions\{E10A6337-382E-4FE6-96DE-936ADC34DD04}.xpi [2014-04-05]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-05-14]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-05-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-06-15]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-08-01]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\Lorenz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Lorenz\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File
CHR Extension: (ProxFlow) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-10-17]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-04-11]
CHR Extension: (Media Hint) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\akipcefbjlmpbcejgdaopmmidpnjlhnb [2014-07-06]
CHR Extension: (Cloud To Butt Plus) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apmlngnhgbnjpajelfkmabhkfapgnoai [2014-07-06]
CHR Extension: (Turn Off the Lights) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Adblock Plus) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-12-07]
CHR Extension: (Google-Suche) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Logitech SetPoint) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd [2013-08-01]
CHR Extension: (Readium) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2014-07-15]
CHR Extension: (DivX HiQ) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-07-29]
CHR Extension: (Image DNA) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nifmhaejjafapjonfiidojfddmpndkmc [2014-07-24]
CHR Extension: (Google Wallet) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-07-29]
CHR Extension: (Hover Zoom) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2014-07-06]
CHR Extension: (ProxPrice) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nopgehbobniifpngnhmljfojnkkopbje [2014-05-14]
CHR Extension: (Media Hint) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbogbchcdigifagelnlmhlenmofdgbao [2013-05-02]
CHR Extension: (Google Mail) - C:\Users\Lorenz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2013-08-01]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
CHR StartMenuInternet: Google Chrome - C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-01-28] () [File not signed]
S4 DAZContentManagementService; C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [22528 2011-05-05] () [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [278336 2011-09-19] (NVIDIA)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-08-14] ()
R2 RealtekCU; C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe [36864 2012-05-10] (Realtek Semiconductor Corp.) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2013-05-16] (Stardock Corporation) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.)
S4 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-06-02] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-07] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-06-02] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1525904 2012-12-18] (Realtek Semiconductor Corporation                           )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-07] (Duplex Secure Ltd.)
S3 ALSysIO; \??\C:\Users\Lorenz\AppData\Local\Temp\ALSysIO64.sys [X]
S2 ASInsHelp; \??\C:\Windows\SysWow64\drivers\AsInsHelp64.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 21:46 - 2014-08-17 21:46 - 00003036 _____ () C:\Users\Lorenz\AppData\Local\recently-used.xbel
2014-08-17 17:03 - 2014-08-17 17:03 - 02213044 _____ () C:\Users\Lorenz\Downloads\hw64_442.zip
2014-08-17 17:03 - 2014-08-17 17:03 - 00000000 ____D () C:\Users\Lorenz\Downloads\hw64_442
2014-08-17 14:47 - 2014-08-17 14:47 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-08-17 14:46 - 2014-08-17 14:46 - 00001966 _____ () C:\Users\Lorenz\Desktop\3ds Max 2014.lnk
2014-08-17 14:46 - 2014-08-17 14:46 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-08-17 14:22 - 2014-08-17 14:22 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Akamai
2014-08-17 12:29 - 2014-08-17 12:29 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-08-17 11:39 - 2014-08-17 11:39 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll
2014-08-17 11:39 - 2014-08-17 11:39 - 00001266 _____ () C:\Users\Public\Desktop\CryptoPrevent.lnk
2014-08-17 11:39 - 2014-08-17 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2014-08-17 11:39 - 2014-08-17 11:39 - 00000000 ____D () C:\ProgramData\Foolish IT
2014-08-17 11:39 - 2014-08-17 11:39 - 00000000 ____D () C:\Program Files (x86)\Foolish IT
2014-08-17 11:38 - 2014-08-17 11:39 - 00961032 _____ (Foolish IT LLC ) C:\Users\Lorenz\Downloads\CryptoPreventSetup.exe
2014-08-17 11:33 - 2014-08-17 11:33 - 00278382 _____ () C:\Users\Lorenz\Downloads\logonfix_1.1.exe
2014-08-17 11:27 - 2014-08-17 11:28 - 00709564 _____ () C:\Users\Lorenz\Downloads\delfix_10.8.exe
2014-08-17 11:19 - 2014-08-18 10:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-17 11:18 - 2014-08-17 11:18 - 00001156 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 11:18 - 2014-08-17 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 11:18 - 2014-08-17 11:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-17 11:18 - 2014-08-17 11:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-17 11:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-17 11:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-17 11:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-17 11:12 - 2014-08-17 11:12 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Lorenz\Downloads\mbam-clean-2.1.1.1001.exe
2014-08-17 11:09 - 2014-08-17 11:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lorenz\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-17 11:06 - 2014-08-17 11:06 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Lorenz\Downloads\tdsskiller.exe
2014-08-17 11:01 - 2014-08-17 11:08 - 00003682 _____ () C:\Users\Lorenz\Downloads\Rkill.txt
2014-08-17 11:01 - 2014-08-17 11:01 - 00688992 _____ (Swearware) C:\Users\Lorenz\Downloads\dds.com
2014-08-17 10:49 - 2014-08-17 10:52 - 00000000 ____D () C:\AdwCleaner
2014-08-17 10:49 - 2014-08-17 10:49 - 01361203 _____ () C:\Users\Lorenz\Downloads\adwcleaner_3.306.exe
2014-08-17 10:49 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-17 10:39 - 2014-08-17 11:23 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\CrashDumps
2014-08-17 10:28 - 2014-08-17 10:28 - 04872677 _____ () C:\Users\Lorenz\Downloads\mbam-chameleon-3.1.4.0.zip
2014-08-17 10:27 - 2014-08-17 10:37 - 00036456 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-08-17 10:27 - 2014-08-17 10:27 - 05421656 _____ () C:\Users\Lorenz\Downloads\RogueKillerX64.exe
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-17 10:25 - 2014-08-17 10:26 - 05571320 _____ (Swearware) C:\Users\Lorenz\Downloads\ComboFix.exe
2014-08-17 09:50 - 2014-08-17 09:50 - 00069703 _____ () C:\Users\Lorenz\Downloads\Addition.txt
2014-08-17 09:49 - 2014-08-18 10:51 - 00040439 _____ () C:\Users\Lorenz\Downloads\FRST.txt
2014-08-17 09:49 - 2014-08-18 10:51 - 00000000 ____D () C:\FRST
2014-08-17 09:42 - 2014-08-17 09:42 - 00001947 _____ () C:\Users\Lorenz\Downloads\aswMBR.txt
2014-08-17 09:42 - 2014-08-17 09:42 - 00000512 _____ () C:\Users\Lorenz\Downloads\MBR.dat
2014-08-17 09:24 - 2014-08-17 10:03 - 00223768 _____ () C:\Users\Lorenz\Downloads\OTL.Txt
2014-08-17 09:08 - 2014-08-17 09:08 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lorenz\Downloads\iExplore.exe
2014-08-17 09:05 - 2014-08-17 09:05 - 02101760 _____ (Farbar) C:\Users\Lorenz\Downloads\FRST64.exe
2014-08-17 08:59 - 2014-08-17 08:59 - 00602112 _____ (OldTimer Tools) C:\Users\Lorenz\Downloads\OTL.exe
2014-08-14 21:32 - 2014-08-14 21:32 - 00000000 ____D () C:\Program Files (x86)\Modern
2014-08-14 10:11 - 2014-08-14 10:12 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\faogen3
2014-08-14 00:04 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 00:04 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 00:04 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 00:04 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 00:04 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 00:04 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 00:04 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 00:04 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 12:46 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 12:46 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 12:46 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 12:46 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 12:46 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 12:46 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 12:46 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 12:46 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 12:46 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 12:46 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 12:46 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 12:46 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 12:46 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 12:46 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 12:46 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 12:46 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 12:46 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 12:46 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 12:46 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 12:46 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 12:46 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 12:46 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 12:46 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 12:46 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 12:46 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 12:46 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 12:46 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 12:46 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 12:46 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 12:46 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 12:46 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 12:46 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 12:46 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 12:46 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 12:46 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 12:46 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 12:46 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 12:46 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 12:46 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 12:46 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 12:46 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 12:46 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 12:46 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 12:46 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 12:46 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 12:46 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 12:46 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 12:46 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 12:46 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 12:46 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 12:46 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 12:46 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 12:46 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 12:46 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 12:46 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 12:46 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 12:46 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 12:46 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 12:46 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 12:46 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 12:46 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 12:46 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 12:46 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 12:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 12:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 12:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 12:46 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 12:46 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 12:46 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 12:46 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 12:46 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 12:46 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 12:46 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 12:46 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 12:46 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 12:46 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 12:46 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 12:46 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 12:46 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 12:46 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 12:46 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 12:45 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 12:45 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 11:15 - 2014-08-13 11:15 - 00000000 __SHD () C:\Windows\ftpcache
2014-08-12 11:15 - 2014-08-12 11:15 - 00603686 _____ () C:\Users\Lorenz\Downloads\DebrisMaker2.0.mzp
2014-08-11 09:38 - 2014-08-11 09:38 - 00000800 _____ () C:\Users\Lorenz\Desktop\Faogen 3.lnk
2014-08-11 09:38 - 2014-08-11 09:38 - 00000800 _____ () C:\Users\Administrator\Desktop\Faogen 3.lnk
2014-08-11 09:38 - 2014-08-11 09:38 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Faogen 3
2014-08-11 09:38 - 2014-08-11 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Faogen 3
2014-08-11 09:38 - 2014-08-11 09:38 - 00000000 ____D () C:\Program Files\Faogen 3
2014-08-10 18:20 - 2014-08-10 18:20 - 00000968 _____ () C:\Users\Lorenz\Desktop\Marvin.lnk
2014-08-10 18:19 - 2014-08-10 18:19 - 00000741 _____ () C:\Users\Lorenz\Desktop\Programmordner.lnk
2014-08-10 18:18 - 2014-08-10 18:18 - 00001891 _____ () C:\Users\Lorenz\Desktop\Editor 64.lnk
2014-08-10 18:04 - 2014-08-10 18:04 - 00001475 _____ () C:\Users\Lorenz\Desktop\Arma 3.lnk
2014-08-10 18:04 - 2014-08-10 18:04 - 00001050 _____ () C:\Users\Lorenz\Desktop\Programme (x86).lnk
2014-08-10 18:04 - 2014-08-10 18:04 - 00000945 _____ () C:\Users\Lorenz\Desktop\Programme.lnk
2014-08-10 18:03 - 2014-08-10 18:03 - 00001495 _____ () C:\Users\Lorenz\Desktop\Crysis 2.lnk
2014-08-10 17:17 - 2014-08-10 17:17 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-08-10 16:50 - 2014-08-10 17:19 - 00000000 ____D () C:\ProgramData\Stardock
2014-08-10 16:50 - 2014-08-10 17:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-08-10 16:50 - 2014-08-10 16:50 - 00002080 _____ () C:\Users\Lorenz\Desktop\Customize Fences.lnk
2014-08-10 16:50 - 2014-08-10 16:50 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Stardock
2014-08-10 16:50 - 2014-08-10 16:50 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Stardock
2014-08-10 16:49 - 2014-08-10 17:17 - 00000000 ____D () C:\Program Files (x86)\Stardock
2014-08-10 16:38 - 2014-08-10 16:38 - 00000000 ____D () C:\Users\Lorenz\Documents\Network Monitor 3
2014-08-10 16:36 - 2014-08-10 16:36 - 00001016 _____ () C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
2014-08-10 16:36 - 2014-08-10 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Network Monitor 3.4
2014-08-10 16:36 - 2014-08-10 16:36 - 00000000 ____D () C:\Program Files\Microsoft Network Monitor 3
2014-08-08 17:01 - 2014-08-08 17:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-08-07 19:31 - 2014-08-17 14:22 - 00000000 ____D () C:\Autodesk
2014-08-07 12:51 - 2014-08-07 12:51 - 00000000 __HDC () C:\ProgramData\{629D8B17-22B3-46F8-A281-BD604EBA3ED7}
2014-08-07 12:50 - 2014-08-07 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 2(R) Mod SDK 1.1
2014-08-05 15:52 - 2014-08-05 15:52 - 00057243 _____ () C:\Users\Lorenz\Desktop\VR Fortress.txt
2014-08-05 14:38 - 2014-08-05 14:38 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\inkscape
2014-08-05 14:37 - 2014-08-05 14:37 - 00001085 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2014-08-05 14:36 - 2014-08-05 14:36 - 00001061 _____ () C:\Users\Public\Desktop\Inkscape.lnk
2014-08-05 14:33 - 2014-08-05 14:37 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-08-04 15:45 - 2014-08-04 15:45 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Battle.net
2014-08-04 15:45 - 2014-08-04 15:45 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Blizzard Entertainment
2014-08-04 15:45 - 2014-08-04 15:45 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Battle.net
2014-08-04 15:45 - 2014-08-04 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-04 15:44 - 2014-08-04 15:45 - 00001212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.netBattle.net.lnk
2014-08-04 15:44 - 2014-08-04 15:45 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-04 15:44 - 2014-08-04 15:45 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-03 13:53 - 2014-08-03 13:53 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\IsolatedStorage
2014-08-03 13:42 - 2014-08-03 13:45 - 00001401 _____ () C:\Users\Public\Desktop\Quixel SUITE.lnk
2014-08-03 13:40 - 2014-08-03 13:40 - 00000000 ____D () C:\Users\Public\Quixel
2014-08-01 14:28 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 14:28 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 14:28 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 14:28 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 14:27 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 14:27 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 14:27 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 14:27 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 14:27 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 14:27 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 14:26 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 14:26 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 14:26 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 14:26 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-30 14:06 - 2014-07-30 14:06 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\LogMeIn
2014-07-30 14:06 - 2014-07-30 14:06 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-07-30 11:50 - 2014-07-30 11:50 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Quixel_AB
2014-07-30 11:47 - 2014-07-30 11:47 - 00001096 _____ () C:\Users\Public\Desktop\nDo2 x64.lnk
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Quixel
2014-07-29 15:34 - 2014-07-29 15:34 - 00001073 _____ () C:\Users\Public\Desktop\Crazybump.lnk
2014-07-29 13:59 - 2014-07-29 16:19 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\TS3Client
2014-07-29 13:56 - 2014-07-29 13:56 - 00001216 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-07-29 13:56 - 2014-07-29 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-07-29 13:56 - 2014-07-29 13:56 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-07-27 22:15 - 2014-07-29 18:53 - 00000000 ___RD () C:\Users\Lorenz\Desktop\Kerbal Space Program
2014-07-27 11:23 - 2014-07-27 11:23 - 00000000 ____D () C:\Users\Lorenz\Documents\Substance Painter
2014-07-27 11:22 - 2014-07-27 11:22 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Allegorithmic
2014-07-27 11:21 - 2014-07-27 11:21 - 00001110 _____ () C:\Users\Lorenz\Desktop\Substance Painter.lnk
2014-07-27 11:21 - 2014-07-27 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allegorithmic
2014-07-27 11:21 - 2014-07-27 11:21 - 00000000 ____D () C:\Program Files\Allegorithmic
2014-07-20 11:46 - 2014-07-22 18:50 - 00000000 ____D () C:\Users\Lorenz\Documents\3D-CoatV4
2014-07-20 11:45 - 2014-07-21 18:53 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3d-Coat-V4
2014-07-20 11:45 - 2014-07-20 11:46 - 00000000 ____D () C:\Program Files\3D-Coat-V4
2014-07-20 11:45 - 2014-07-20 11:45 - 00000665 _____ () C:\Users\Lorenz\Desktop\3D Coat.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-18 10:52 - 2014-08-17 09:49 - 00040439 _____ () C:\Users\Lorenz\Downloads\FRST.txt
2014-08-18 10:51 - 2014-08-17 09:49 - 00000000 ____D () C:\FRST
2014-08-18 10:51 - 2011-04-19 22:29 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-721527169-3598334179-861810665-1000UA.job
2014-08-18 10:49 - 2014-05-20 22:29 - 79661056 _____ () C:\Users\Lorenz\AppData\Local\SageThumbs.db3
2014-08-18 10:48 - 2014-08-17 11:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-18 10:48 - 2009-07-14 06:45 - 05970480 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-18 10:45 - 2014-01-31 18:52 - 00060227 _____ () C:\Windows\setupact.log
2014-08-18 10:45 - 2012-06-08 15:46 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-18 10:44 - 2014-06-07 15:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-18 10:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-18 10:43 - 2014-01-31 18:51 - 00172680 _____ () C:\Windows\PFRO.log
2014-08-18 10:36 - 2011-04-19 22:00 - 01333186 _____ () C:\Windows\WindowsUpdate.log
2014-08-18 10:33 - 2011-04-19 22:00 - 00000000 ____D () C:\Users\Lorenz
2014-08-18 10:32 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-08-18 10:25 - 2012-05-20 10:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-18 10:08 - 2009-07-14 06:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-18 10:08 - 2009-07-14 06:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-18 09:57 - 2012-06-08 15:46 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-18 09:54 - 2011-04-20 11:40 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Adobe
2014-08-18 09:53 - 2011-04-20 11:40 - 00000356 _____ () C:\Windows\Tasks\AdobeAAMUpdater-1.0-Computer-Lorenz.job
2014-08-17 21:46 - 2014-08-17 21:46 - 00003036 _____ () C:\Users\Lorenz\AppData\Local\recently-used.xbel
2014-08-17 17:03 - 2014-08-17 17:03 - 02213044 _____ () C:\Users\Lorenz\Downloads\hw64_442.zip
2014-08-17 17:03 - 2014-08-17 17:03 - 00000000 ____D () C:\Users\Lorenz\Downloads\hw64_442
2014-08-17 14:50 - 2013-04-11 18:51 - 00000000 ___RD () C:\Users\Lorenz\Desktop\Dateien und Anatomie
2014-08-17 14:47 - 2014-08-17 14:47 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2014-08-17 14:47 - 2011-05-22 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-08-17 14:46 - 2014-08-17 14:46 - 00001966 _____ () C:\Users\Lorenz\Desktop\3ds Max 2014.lnk
2014-08-17 14:46 - 2014-08-17 14:46 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-08-17 14:46 - 2014-05-10 14:52 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-08-17 14:42 - 2009-07-14 04:34 - 00017705 _____ () C:\Windows\system32\Drivers\etc\services
2014-08-17 14:33 - 2014-03-24 22:18 - 00228934 _____ () C:\Windows\DirectX.log
2014-08-17 14:29 - 2011-05-22 16:26 - 00000000 ____D () C:\Program Files\Autodesk
2014-08-17 14:22 - 2014-08-17 14:22 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Akamai
2014-08-17 14:22 - 2014-08-07 19:31 - 00000000 ____D () C:\Autodesk
2014-08-17 12:50 - 2011-04-19 22:29 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-721527169-3598334179-861810665-1000Core.job
2014-08-17 12:29 - 2014-08-17 12:29 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-08-17 12:08 - 2011-06-11 11:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-17 11:52 - 2011-12-25 11:17 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\LogMeIn Hamachi
2014-08-17 11:39 - 2014-08-17 11:39 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll
2014-08-17 11:39 - 2014-08-17 11:39 - 00001266 _____ () C:\Users\Public\Desktop\CryptoPrevent.lnk
2014-08-17 11:39 - 2014-08-17 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
2014-08-17 11:39 - 2014-08-17 11:39 - 00000000 ____D () C:\ProgramData\Foolish IT
2014-08-17 11:39 - 2014-08-17 11:39 - 00000000 ____D () C:\Program Files (x86)\Foolish IT
2014-08-17 11:39 - 2014-08-17 11:38 - 00961032 _____ (Foolish IT LLC ) C:\Users\Lorenz\Downloads\CryptoPreventSetup.exe
2014-08-17 11:33 - 2014-08-17 11:33 - 00278382 _____ () C:\Users\Lorenz\Downloads\logonfix_1.1.exe
2014-08-17 11:28 - 2014-08-17 11:27 - 00709564 _____ () C:\Users\Lorenz\Downloads\delfix_10.8.exe
2014-08-17 11:23 - 2014-08-17 10:39 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\CrashDumps
2014-08-17 11:18 - 2014-08-17 11:18 - 00001156 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-17 11:18 - 2014-08-17 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-17 11:18 - 2014-08-17 11:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-17 11:18 - 2014-08-17 11:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-17 11:12 - 2014-08-17 11:12 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Lorenz\Downloads\mbam-clean-2.1.1.1001.exe
2014-08-17 11:09 - 2014-08-17 11:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lorenz\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-17 11:08 - 2014-08-17 11:01 - 00003682 _____ () C:\Users\Lorenz\Downloads\Rkill.txt
2014-08-17 11:06 - 2014-08-17 11:06 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Lorenz\Downloads\tdsskiller.exe
2014-08-17 11:01 - 2014-08-17 11:01 - 00688992 _____ (Swearware) C:\Users\Lorenz\Downloads\dds.com
2014-08-17 10:52 - 2014-08-17 10:49 - 00000000 ____D () C:\AdwCleaner
2014-08-17 10:49 - 2014-08-17 10:49 - 01361203 _____ () C:\Users\Lorenz\Downloads\adwcleaner_3.306.exe
2014-08-17 10:37 - 2014-08-17 10:27 - 00036456 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-08-17 10:28 - 2014-08-17 10:28 - 04872677 _____ () C:\Users\Lorenz\Downloads\mbam-chameleon-3.1.4.0.zip
2014-08-17 10:27 - 2014-08-17 10:27 - 05421656 _____ () C:\Users\Lorenz\Downloads\RogueKillerX64.exe
2014-08-17 10:27 - 2014-08-17 10:27 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-08-17 10:26 - 2014-08-17 10:25 - 05571320 _____ (Swearware) C:\Users\Lorenz\Downloads\ComboFix.exe
2014-08-17 10:03 - 2014-08-17 09:24 - 00223768 _____ () C:\Users\Lorenz\Downloads\OTL.Txt
2014-08-17 09:50 - 2014-08-17 09:50 - 00069703 _____ () C:\Users\Lorenz\Downloads\Addition.txt
2014-08-17 09:46 - 2011-04-19 22:51 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-17 09:42 - 2014-08-17 09:42 - 00001947 _____ () C:\Users\Lorenz\Downloads\aswMBR.txt
2014-08-17 09:42 - 2014-08-17 09:42 - 00000512 _____ () C:\Users\Lorenz\Downloads\MBR.dat
2014-08-17 09:08 - 2014-08-17 09:08 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Lorenz\Downloads\iExplore.exe
2014-08-17 09:05 - 2014-08-17 09:05 - 02101760 _____ (Farbar) C:\Users\Lorenz\Downloads\FRST64.exe
2014-08-17 08:59 - 2014-08-17 08:59 - 00602112 _____ (OldTimer Tools) C:\Users\Lorenz\Downloads\OTL.exe
2014-08-14 22:06 - 2012-06-10 18:03 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-14 21:57 - 2012-12-30 23:15 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Activision
2014-08-14 21:32 - 2014-08-14 21:32 - 00000000 ____D () C:\Program Files (x86)\Modern
2014-08-14 21:21 - 2012-04-11 16:22 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\BitTorrent
2014-08-14 14:23 - 2011-04-29 09:15 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\vlc
2014-08-14 10:12 - 2014-08-14 10:11 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\faogen3
2014-08-14 09:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 00:14 - 2013-08-15 09:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 00:08 - 2011-04-19 22:25 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 00:04 - 2014-05-07 01:21 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 11:18 - 2011-08-05 21:53 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-08-13 11:15 - 2014-08-13 11:15 - 00000000 __SHD () C:\Windows\ftpcache
2014-08-12 11:15 - 2014-08-12 11:15 - 00603686 _____ () C:\Users\Lorenz\Downloads\DebrisMaker2.0.mzp
2014-08-11 21:04 - 2014-04-27 21:17 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Arma 3
2014-08-11 13:57 - 2014-04-05 22:34 - 00000132 _____ () C:\Users\Lorenz\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-11 12:21 - 2014-02-21 18:18 - 00000000 ____D () C:\Users\Lorenz\Desktop\My Projects
2014-08-11 09:39 - 2011-04-20 11:10 - 00000000 ___RD () C:\Users\Lorenz\Marvin
2014-08-11 09:38 - 2014-08-11 09:38 - 00000800 _____ () C:\Users\Lorenz\Desktop\Faogen 3.lnk
2014-08-11 09:38 - 2014-08-11 09:38 - 00000800 _____ () C:\Users\Administrator\Desktop\Faogen 3.lnk
2014-08-11 09:38 - 2014-08-11 09:38 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Faogen 3
2014-08-11 09:38 - 2014-08-11 09:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Faogen 3
2014-08-11 09:38 - 2014-08-11 09:38 - 00000000 ____D () C:\Program Files\Faogen 3
2014-08-10 21:59 - 2014-06-30 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazy Nezumi Pro
2014-08-10 21:59 - 2013-12-29 02:41 - 00000000 ____D () C:\Program Files (x86)\Lazy Nezumi Pro
2014-08-10 18:20 - 2014-08-10 18:20 - 00000968 _____ () C:\Users\Lorenz\Desktop\Marvin.lnk
2014-08-10 18:19 - 2014-08-10 18:19 - 00000741 _____ () C:\Users\Lorenz\Desktop\Programmordner.lnk
2014-08-10 18:18 - 2014-08-10 18:18 - 00001891 _____ () C:\Users\Lorenz\Desktop\Editor 64.lnk
2014-08-10 18:04 - 2014-08-10 18:04 - 00001475 _____ () C:\Users\Lorenz\Desktop\Arma 3.lnk
2014-08-10 18:04 - 2014-08-10 18:04 - 00001050 _____ () C:\Users\Lorenz\Desktop\Programme (x86).lnk
2014-08-10 18:04 - 2014-08-10 18:04 - 00000945 _____ () C:\Users\Lorenz\Desktop\Programme.lnk
2014-08-10 18:03 - 2014-08-10 18:03 - 00001495 _____ () C:\Users\Lorenz\Desktop\Crysis 2.lnk
2014-08-10 17:19 - 2014-08-10 16:50 - 00000000 ____D () C:\ProgramData\Stardock
2014-08-10 17:18 - 2014-08-10 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2014-08-10 17:17 - 2014-08-10 17:17 - 00000000 ____D () C:\Users\Public\Documents\Stardock
2014-08-10 17:17 - 2014-08-10 16:49 - 00000000 ____D () C:\Program Files (x86)\Stardock
2014-08-10 16:50 - 2014-08-10 16:50 - 00002080 _____ () C:\Users\Lorenz\Desktop\Customize Fences.lnk
2014-08-10 16:50 - 2014-08-10 16:50 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Stardock
2014-08-10 16:50 - 2014-08-10 16:50 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Stardock
2014-08-10 16:38 - 2014-08-10 16:38 - 00000000 ____D () C:\Users\Lorenz\Documents\Network Monitor 3
2014-08-10 16:36 - 2014-08-10 16:36 - 00001016 _____ () C:\Users\Public\Desktop\Microsoft Network Monitor 3.4.lnk
2014-08-10 16:36 - 2014-08-10 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Network Monitor 3.4
2014-08-10 16:36 - 2014-08-10 16:36 - 00000000 ____D () C:\Program Files\Microsoft Network Monitor 3
2014-08-08 20:54 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-08 17:01 - 2014-08-08 17:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-08-08 09:51 - 2014-02-21 18:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-07 19:56 - 2014-05-10 15:02 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\backburner
2014-08-07 19:22 - 2014-05-10 14:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-07 17:07 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-07 16:54 - 2013-07-23 19:22 - 00000000 ___RD () C:\Users\Lorenz\Desktop\SB
2014-08-07 12:51 - 2014-08-07 12:51 - 00000000 __HDC () C:\ProgramData\{629D8B17-22B3-46F8-A281-BD604EBA3ED7}
2014-08-07 12:51 - 2014-08-07 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crysis 2(R) Mod SDK 1.1
2014-08-07 12:46 - 2013-06-15 21:54 - 00000000 ____D () C:\ProgramData\Solidshield
2014-08-07 04:06 - 2014-08-13 12:45 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 12:45 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 09:28 - 2011-04-19 22:29 - 00198256 _____ () C:\Users\Lorenz\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-05 15:52 - 2014-08-05 15:52 - 00057243 _____ () C:\Users\Lorenz\Desktop\VR Fortress.txt
2014-08-05 14:38 - 2014-08-05 14:38 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\inkscape
2014-08-05 14:37 - 2014-08-05 14:37 - 00001085 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2014-08-05 14:37 - 2014-08-05 14:33 - 00000000 ____D () C:\Program Files (x86)\Inkscape
2014-08-05 14:36 - 2014-08-05 14:36 - 00001061 _____ () C:\Users\Public\Desktop\Inkscape.lnk
2014-08-04 15:45 - 2014-08-04 15:45 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Battle.net
2014-08-04 15:45 - 2014-08-04 15:45 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Blizzard Entertainment
2014-08-04 15:45 - 2014-08-04 15:45 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Battle.net
2014-08-04 15:45 - 2014-08-04 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-04 15:45 - 2014-08-04 15:44 - 00001212 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.netBattle.net.lnk
2014-08-04 15:45 - 2014-08-04 15:44 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-04 15:45 - 2014-08-04 15:44 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-03 13:53 - 2014-08-03 13:53 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\IsolatedStorage
2014-08-03 13:48 - 2014-05-31 23:45 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Quixel
2014-08-03 13:45 - 2014-08-03 13:42 - 00001401 _____ () C:\Users\Public\Desktop\Quixel SUITE.lnk
2014-08-03 13:40 - 2014-08-03 13:40 - 00000000 ____D () C:\Users\Public\Quixel
2014-08-03 11:15 - 2014-04-30 22:38 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\FileZilla
2014-08-01 01:41 - 2014-08-13 12:46 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 12:46 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-30 14:06 - 2014-07-30 14:06 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\LogMeIn
2014-07-30 14:06 - 2014-07-30 14:06 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-07-30 11:50 - 2014-07-30 11:50 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Quixel_AB
2014-07-30 11:47 - 2014-07-30 11:47 - 00001096 _____ () C:\Users\Public\Desktop\nDo2 x64.lnk
2014-07-30 11:47 - 2014-07-30 11:47 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Quixel
2014-07-30 11:47 - 2014-05-31 23:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quixel
2014-07-30 11:47 - 2012-09-03 20:26 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-07-30 11:47 - 2012-09-03 20:26 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-07-29 18:53 - 2014-07-27 22:15 - 00000000 ___RD () C:\Users\Lorenz\Desktop\Kerbal Space Program
2014-07-29 17:00 - 2014-07-13 10:21 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\headus
2014-07-29 16:19 - 2014-07-29 13:59 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\TS3Client
2014-07-29 15:34 - 2014-07-29 15:34 - 00001073 _____ () C:\Users\Public\Desktop\Crazybump.lnk
2014-07-29 15:34 - 2014-06-27 15:41 - 00000000 ____D () C:\Program Files (x86)\Crazybump
2014-07-29 15:27 - 2014-06-27 15:43 - 00000000 ____D () C:\ProgramData\licensecb
2014-07-29 15:27 - 2014-06-27 15:42 - 00001073 _____ () C:\Users\Administrator\Desktop\Crazybump.lnk
2014-07-29 13:56 - 2014-07-29 13:56 - 00001216 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-07-29 13:56 - 2014-07-29 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-07-29 13:56 - 2014-07-29 13:56 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-07-28 23:09 - 2014-06-27 15:43 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\licensecb
2014-07-28 23:09 - 2014-06-27 15:42 - 00000000 ____D () C:\ProgramData\CrazyBump
2014-07-28 23:09 - 2014-06-27 15:41 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\CrazyBump
2014-07-28 22:06 - 2014-07-06 10:31 - 00000000 ____D () C:\Users\Lorenz\Documents\xNormal
2014-07-27 11:23 - 2014-07-27 11:23 - 00000000 ____D () C:\Users\Lorenz\Documents\Substance Painter
2014-07-27 11:22 - 2014-07-27 11:22 - 00000000 ____D () C:\Users\Lorenz\AppData\Local\Allegorithmic
2014-07-27 11:21 - 2014-07-27 11:21 - 00001110 _____ () C:\Users\Lorenz\Desktop\Substance Painter.lnk
2014-07-27 11:21 - 2014-07-27 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allegorithmic
2014-07-27 11:21 - 2014-07-27 11:21 - 00000000 ____D () C:\Program Files\Allegorithmic
2014-07-27 11:19 - 2014-06-23 17:04 - 00000000 ____D () C:\ProgramData\Marmoset Toolbag
2014-07-25 16:52 - 2014-08-13 12:46 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:43 - 2013-03-14 23:10 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 16:43 - 2013-03-14 23:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 16:02 - 2014-08-13 12:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-13 12:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-13 12:46 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-13 12:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-13 12:46 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-13 12:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-13 12:46 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 12:46 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-13 12:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-13 12:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-13 12:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-13 12:46 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-13 12:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-13 12:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-13 12:46 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-13 12:46 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-13 12:46 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 12:46 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-13 12:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-13 12:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-13 12:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 12:46 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-13 12:46 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-13 12:46 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-13 12:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-13 12:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-13 12:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-13 12:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-13 12:46 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-13 12:46 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-13 12:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-13 12:46 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 12:46 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-13 12:46 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 12:46 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 12:46 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 12:46 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 12:46 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-13 12:46 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-13 12:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-13 12:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 12:46 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 12:46 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 12:46 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-13 12:46 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-13 12:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-13 12:46 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-13 12:46 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-13 12:46 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 12:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 12:46 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 12:46 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 12:46 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 21:30 - 2013-03-14 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 14:16 - 2011-04-20 09:26 - 00000000 ___HD () C:\Users\Lorenz\Documents\My Games
2014-07-22 18:50 - 2014-07-20 11:46 - 00000000 ____D () C:\Users\Lorenz\Documents\3D-CoatV4
2014-07-22 18:50 - 2011-06-23 12:08 - 00000025 ____H () C:\Users\Lorenz\AppData\Roaming\uninst.log
2014-07-22 18:50 - 2011-06-23 12:08 - 00000025 ____H () C:\Users\Lorenz\AppData\Local\uninst.log
2014-07-22 18:50 - 2011-06-23 12:08 - 00000025 ____H () C:\ProgramData\temp25.log
2014-07-21 18:53 - 2014-07-20 11:45 - 00000000 ____D () C:\Users\Lorenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3d-Coat-V4
2014-07-20 11:46 - 2014-07-20 11:45 - 00000000 ____D () C:\Program Files\3D-Coat-V4
2014-07-20 11:45 - 2014-07-20 11:45 - 00000665 _____ () C:\Users\Lorenz\Desktop\3D Coat.lnk

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-13 19:48

==================== End Of Log ============================

Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by Lorenz at 2014-08-18 11:16:06
Running from C:\Users\Lorenz\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Alien Swarm (HKLM-x32\...\Steam App 630) (Version:  - Valve)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Anker Precision Laser Gaming Mouse version 1.2 (HKLM-x32\...\{F9A7ED2C-34E1-4A96-9A25-B022C23C3361}_is1) (Version: 1.2 - ANKER Technology)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Arma 2 Army of The Czech Republic (LITE) Uninstall (HKLM-x32\...\Arma 2 Army of The Czech Republic (LITE)) (Version:  - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma 3 Server (HKLM-x32\...\Steam App 233780) (Version:  - Bohemia Interactive)
Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version:  - Bohemia Interactive)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.0.420.0 - Autodesk)
Autodesk 3ds Max 2014 (Version: 16.0.420.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version:  - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
Batman: Arkham City™ GOTY (HKLM-x32\...\GFWL_{57520FA0-DF38-46A1-8046-3B1000008500}) (Version: 1.0.0000.133 - WB Games)
Batman: Arkham City™ GOTY (x32 Version: 1.0.0000.133 - WB Games) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BinMake Uninstall (HKLM-x32\...\BinMake) (Version:  - )
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Call of Atlantis (HKLM-x32\...\Call of Atlantis_is1) (Version: 1.0 - MyPlayCity, Inc.)
Catalyst Control Center InstallProxy (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.05 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version:  - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - )
CryEngine(R)2 Sandbox(TM)2 (HKLM-x32\...\{7E4B7FD9-4ECE-4298-A910-3160B7918059}) (Version: 1.00.0000 - Electronic Arts)
CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version:  - Foolish IT LLC)
Crysis 2 (HKLM-x32\...\Steam App 99830) (Version:  - Crytek Studios)
Crysis 2(R) Mod SDK 1.1 (HKLM-x32\...\Crysis 2(R) Mod SDK 1.1) (Version:  - Crytek GmbH)
Crysis 2(R) Mod SDK 1.1 (x32 Version: 1.1.0.0 - Crytek) Hidden
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version:  - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
DAZ Content Management Service (HKLM-x32\...\DAZ Content Management Service 4.8.1.7) (Version: 4.8.1.7 - DAZ 3D)
Dead Island Riptide (c) Deep Silver version 1 (HKLM-x32\...\RGVhZCBJc2xhbmQgUmlwdGlkZSAoYykgRGVlcCBTaWx2ZXI=_is1) (Version: 1 - )
Dead Island Riptide (HKLM-x32\...\Dead Island Riptide) (Version:  - Voksi)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.22.9 - Electronic Arts)
Dishonored (HKLM-x32\...\Dishonored_is1) (Version:  - )
Dishonored Update 3 and The Knife of Dunwall DLC (c) Bethesda Softworks version 1 (HKLM-x32\...\RGlzaG9ub3JlZA==_is1) (Version: 1 - )
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.8 - DivX, LLC)
DJ_AIO_03_F4200_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA Download Manager (HKLM-x32\...\InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}) (Version: 4.0.0.462 - Electronic Arts)
EA Download Manager (x32 Version: 4.0.0.462 - Electronic Arts) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
F4200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Fallout 3 - The Garden of Eden Creation Kit (HKLM-x32\...\{B343B0E3-212A-40B9-8207-1BD299228F5D}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.00 - Ubisoft)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.11.36.1201 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.36.1201 - DVDVideoSoft Ltd.)
GCFScape 1.8.4 (HKLM\...\GCFScape_is1) (Version:  - Ryan Gregg)
GeoGebra (HKLM-x32\...\GeoGebra) (Version: 3.2.46.0 - International GeoGebra Institute)
GlassFish Server Open Source Edition 3.1.2 (HKLM\...\nbi-glassfish-mod-3.1.2.23.0) (Version:  - )
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Great Secrets - Nostradamus (HKLM-x32\...\Great Secrets - Nostradamus_is1) (Version: 1.0 - MyPlayCity, Inc.)
headus UVLayout v2 Demo (HKLM-x32\...\{D5F0B415-C05A-4C0F-A2AF-A242F8D809A8}) (Version: 2.08.03 - headus)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel(R) Network Connections 15.6.25.0 (Version: 15.6.25.0 - Intel) Hidden
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Java 3D 1.5.1 (x64) (HKLM\...\{64A9C5B3-D166-4C6D-A11E-A54473151000}) (Version: 1.5.1 - Sun Microsystems, Inc.)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) SE Development Kit 7 Update 3 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170030}) (Version: 1.7.0.30 - Oracle)
JavaFX 2.0.3 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation)
JavaFX 2.0.3 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JC2-MP version 0.0.16 (Build 550) (HKLM-x32\...\{7F12FECB-1D75-42D7-9074-D6FEA6D91E65}_is1) (Version: 0.0.16 (Build 550) - )
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Just Cause 2: Multiplayer - Dedicated Server (HKLM-x32\...\Steam App 261140) (Version:  - )
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
KeyShot4 4.2 64 bit (HKLM-x32\...\KeyShot4_64) (Version: 4.2 64 bit - Luxion ApS)
Lazy Nezumi Pro 14.8.9.1236 (HKLM-x32\...\Lazy Nezumi Pro_is1) (Version: 14.8.9.1236 - Guillaume Stordeur)
Left 4 Dead 2 Authoring Tools (HKLM-x32\...\Steam App 563) (Version:  - Valve)
Left 4 Dead Authoring Tools (HKLM-x32\...\Steam App 513) (Version:  - Valve)
Logitech SetPoint 6.52 (HKLM\...\sp6) (Version: 6.52.74 - Logitech)
Magic Encyclopedia - First Story (HKLM-x32\...\Magic Encyclopedia - First Story_is1) (Version: 1.0 - MyPlayCity, Inc.)
Mah Jong Quest III - Balance of Life (HKLM-x32\...\Mah Jong Quest III - Balance of Life_is1) (Version: 1.0 - MyPlayCity, Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marmoset Toolbag 2 (HKLM-x32\...\MSET_Toolbag) (Version:  - Marmoset LLC)
Men of War: Assault Squad (HKLM-x32\...\Steam App 64000) (Version:  - Digitalmindsoft)
MeshLab_64b 1.3.2 (HKLM\...\MeshLab_64b) (Version: 1.3.2 - Paolo Cignoni - Guido Ranzuglia VCG - ISTI - CNR)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Network Monitor 3.4 (HKLM\...\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (HKLM\...\{963E5FEB-1367-46B9-851D-A957F1A3747F}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (HKLM-x32\...\{bec3d87e-1d6d-4b15-8383-29068c86b888}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Muscle Premium 3.1.3 (HKLM-x32\...\Muscle Premium 3.1.3) (Version:  - )
Mystery of Unicorn Castle (HKLM-x32\...\Mystery of Unicorn Castle_is1) (Version: 1.0 - MyPlayCity, Inc.)
NetBeans IDE 7.2 RC1 (HKLM\...\nbi-nb-base-7.2.0.0.201206272359) (Version: 7.2 RC1 - NetBeans.org)
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
NIF Utilities 3.6.0.56780756 for 3ds Max (HKLM\...\NIF Utilities for 3ds Max_is1) (Version:  - NIF File Format Library and Tools)
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3 - )
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA Performance (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 1.00.000 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA System Monitor (x32 Version: 6.5 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
OpenRL Runtime 1.3.1000.14 x64 (HKLM\...\{250C8D22-1757-11E3-818E-1803734DBB4F}) (Version: 1.3.1000.14 - Caustic Graphics, Inc.)
OpenSSL 0.9.8l Light (32-bit) (HKLM-x32\...\OpenSSL Light (32-bit)_is1) (Version:  - OpenSSL Win32 Installer Team)
Oxygen 2 Personal Edition Uninstall (HKLM-x32\...\Oxygen 2 Personal Edition) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Rusted Dreams Faogen 3 (HKLM\...\faogen3) (Version:  - )
SageThumbs 2.0.0.19 (HKLM\...\SageThumbs) (Version: 2.0.0.19 - Cherubic Software)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Sitecom WiFi USB adapter N300 Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0201 - Sitecom Europe BV)
Skeleton Premium 2.0.0 (HKLM-x32\...\Skeleton Premium 2.0.0) (Version:  - )
SketchUp 2014 (HKLM-x32\...\{EF7CAE4B-BED3-4DF9-BAD2-7B94F34A5DFE}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sleeping Dogs version 1.4 (HKLM-x32\...\Sleeping Dogs_is1) (Version: 1.4 - )
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StarCraft II: Heart of the Swarm (c) Blizzard Entertainment version 1 (HKLM-x32\...\U3RhckNyYWZ0IElJOiBIZWFydCBvZiB0aGUgU3dhcm0gKGMp~BFC02D25_is1) (Version: 1 - )
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.13 - Stardock Software, Inc.)
Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.05 - Stardock Software, Inc.)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Substance Painter version 0.9.1 (HKLM\...\{410F5B6E-A29C-4F43-9DE3-44A1357D6AF5}_is1) (Version: 0.9.1 - Allegorithmic)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TexView 2 Uninstall (HKLM-x32\...\TexView 2) (Version:  - )
The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1 (HKLM-x32\...\The Elder Scrolls V Skyrim Dragonborn (c) Bethes~300CD4A2_is1) (Version: 1 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tom Clancy's Rainbow Six Vegas (HKLM-x32\...\{5731C0A8-B266-451A-8D3F-8066AA21836F}) (Version: 1.06.000 - Ubisoft)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Topaz Adjust 4 (64-bit) (HKLM-x32\...\Topaz Adjust 4 (64-bit)) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (64-bit) (Version: 4.1.0 - Topaz Labs) Hidden
Topaz Adjust 4 (HKLM-x32\...\Topaz Adjust 4) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (x32 Version: 4.1.0 - Topaz Labs) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TP-LINK Wireless Client Utility (HKLM-x32\...\{3BD98AAF-61B5-46E0-A6C8-593C242C7C48}) (Version: 7.0 - TP-LINK)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Visitor 3 Uninstall (HKLM-x32\...\Visitor 3) (Version:  - )
Vista Shortcut Manager x64 (HKLM\...\{C7311329-C491-427B-8880-133E84869B3A}) (Version: 2.0 - Frameworkx)
Visual Studio 2010 SP1 Runtime x64 (HKLM\...\{F6305232-7952-4CCE-BDCD-9B2E66591C4A}) (Version: 1.0.0 - Microsoft Corporation)
Visual Studio 2010 SP1 Runtime x86 (HKLM-x32\...\{AEA163A5-BA2F-4E63-9529-DE8606AC82A4}) (Version: 1.0.0 - Microsoft Corporation)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.)
Watch Dogs (HKLM-x32\...\Watch Dogs 1.0.0) (Version: 1.0.0 - Ubisoft)
Watch Dogs (x32 Version: 1.0.0 - Ubisoft) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 3.0.4.3 - Wrye & Wrye Bash Development Team)
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version:  - )
xNormal 3.18.8 (HKLM\...\xNormal 3.18.8) (Version:  - Santiago Orgaz)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-721527169-3598334179-861810665-1000_Classes\CLSID\{83B0E426-D4EE-11D4-BEDF-BAB7F1EEA455}\InprocServer32 -> C:\Program Files\Autodesk\3ds Max 2014\addflow4.ocx (Lassalle Technologies)
CustomCLSID: HKU\S-1-5-21-721527169-3598334179-861810665-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Lorenz\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-721527169-3598334179-861810665-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Lorenz\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-721527169-3598334179-861810665-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Lorenz\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

14-08-2014 19:32:26 Installed Call of Duty - World at War
14-08-2014 19:53:21 DirectX wurde installiert
17-08-2014 07:09:20 OTL Restore Point - 17.08.2014 09:09:16
17-08-2014 07:14:32 Windows Update
17-08-2014 09:04:02 Removed Call of Duty - World at War
17-08-2014 09:52:48 Removed LogMeIn Hamachi
17-08-2014 10:03:31 Removed Call of Duty(R) 2
17-08-2014 12:29:15 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2013-11-21 20:06 - 00451062 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {006E6A4C-8465-48A4-9E92-91D0A20B7290} - System32\Tasks\AdobeAAMUpdater-1.0-Computer-Lorenz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {00DE6D7D-DBEB-411F-83B1-6AC45E240B27} - System32\Tasks\{129F1506-70CA-415A-9E08-57ED0EB05046} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {1B4CDFA8-771C-4766-AF58-FDB41998B661} - System32\Tasks\{19048122-7742-4BE8-AD58-2688167AE37A} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {276D2689-6464-4410-AB2E-85DDA8C8961C} - System32\Tasks\{CC32E800-C6B6-478D-8730-EA543887A7B1} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {2826A0B7-F3FF-4F9C-82EB-8E27C2C2623E} - System32\Tasks\{F5A351FF-CDA4-4FE8-A6B0-D6DA06334567} => C:\Program Files (x86)\Reality Pump\Two Worlds\TwoWorlds.exe
Task: {2FFE7B18-C17F-4AE0-ACF1-E5FA698C41C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {39B4E763-9D03-46A0-A98A-E70DEB52C20B} - System32\Tasks\{69303290-CEBD-4EE0-8A59-4363598B362B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {52418A6E-C081-4AF2-8A0F-80D6C92D6E16} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-721527169-3598334179-861810665-1000Core => C:\Users\Lorenz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-19] (Google Inc.)
Task: {5938E694-BF6D-4751-9602-E9EA75747A7B} - System32\Tasks\{8FCB3914-4ABA-4233-9B06-E9A6D84C6CD8} => C:\Program Files (x86)\EA GAMES\Die Sims 2\TSBin\Sims2.exe
Task: {6FDB27AB-FECC-465B-8EA0-FED700247F28} - System32\Tasks\{4D0BC569-5C6A-4E6D-94FE-3ABD6E34F390} => C:\Program Files (x86)\Electronic Arts\Die Sims 3\Game\Bin\Sims3Launcher.exe [2011-05-19] (Electronic Arts, Inc.)
Task: {70971D44-8432-4A44-BFC0-08123FEC70A8} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {7654A2D4-BF0E-418F-AFC0-F4D4F9DD7662} - System32\Tasks\{66D8B10F-E383-450B-9401-7D972DA3799D} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {8D3BCC98-18E4-4639-9B19-BCC9D2BC1170} - System32\Tasks\{37C171D3-7260-404B-8883-CB4B6C82E54D} => C:\Program Files (x86)\Purplehills\Der Stein der Weisen\davinci.exe
Task: {986150DB-065E-4EC1-A42C-604BCCE43120} - System32\Tasks\{FD663A4B-7570-4E9C-8260-3926A9FEE22D} => C:\Program Files (x86)\Reality Pump\Two Worlds\TwoWorlds.exe
Task: {9F0C6481-A65D-41C9-988F-5E522868E2B5} - System32\Tasks\{84A01B5D-E969-4A34-AAD6-A1AA011B6E8C} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {A1F88BFB-6B2F-4C8E-9AFB-326F532FE4DC} - System32\Tasks\{FDA18571-F25D-4AAB-AD03-9B3194C45D06} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {A6ED5473-4197-4CDE-A557-FCDEAB213A12} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09] (Adobe Systems Incorporated)
Task: {AED756B1-2959-4E9C-AA4C-ECB77C2AF3CB} - System32\Tasks\{8755F93F-3908-4406-B299-2D36757F9F0D} => C:\Program Files (x86)\Purplehills\Der Stein der Weisen\davinci.exe
Task: {AFB50D2C-DC29-4CE9-A360-660723ACC83D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-08] (Google Inc.)
Task: {AFFC5D40-A403-4F78-9D2F-88F8C1DEB78D} - System32\Tasks\{CDCAFC58-67C6-4F0E-8F03-98D14D4ACCB1} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {BD8F5506-6A9F-4099-96EC-DB759ADE04BC} - System32\Tasks\{A6196121-F75D-4B6C-A0D0-AC8DE55F1E0A} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {BE78FF48-A3BC-466D-AF47-E33CAF2C5D89} - System32\Tasks\{C7174FC4-6BB9-4E4D-976F-2E2C80E0A44E} => C:\Program Files (x86)\Battlefield\bf3.exe
Task: {E1A545DB-78FD-4E66-9F90-08A18C53BAF6} - System32\Tasks\{13236B66-A209-4217-A746-74C23798832A} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {E59BD3A5-8D8D-4637-9C94-33B2B6607B67} - System32\Tasks\{7C4B0705-70A7-446F-B4FE-A1F79E50A01F} => C:\Program Files (x86)\Purplehills\Der Stein der Weisen\davinci.exe
Task: {F4825457-ED51-41B8-B004-ACAEA025EA27} - System32\Tasks\{BF532784-6A52-49B2-BB82-59E5F8280165} => C:\SIERRA\Pharao\Pharaoh.exe
Task: {F89AFB07-8024-472C-98AE-FF78623D9762} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-721527169-3598334179-861810665-1000UA => C:\Users\Lorenz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-19] (Google Inc.)
Task: {FD930386-505C-4996-99CE-12C99F57ECD9} - System32\Tasks\{7ECB0D3F-0B50-4AED-BDAC-2CF288909856} => C:\Program Files (x86)\Reality Pump\Two Worlds\TwoWorlds.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-Computer-Lorenz.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-721527169-3598334179-861810665-1000Core.job => C:\Users\Lorenz\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-721527169-3598334179-861810665-1000UA.job => C:\Users\Lorenz\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-06-15 13:26 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2014-06-07 15:44 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2012-08-06 10:32 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2011-09-15 06:19 - 2011-09-15 06:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2014-01-19 15:10 - 2013-04-23 19:17 - 03351040 _____ () C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe
2011-09-20 14:56 - 2011-09-20 14:56 - 00260096 _____ () C:\Program Files\Autodesk\3ds Max 2014\cppunit_dll.dll
2012-08-30 05:03 - 2012-08-30 05:03 - 05686272 _____ () C:\Program Files\Autodesk\3ds Max 2014\synHub.dll
2012-01-27 06:57 - 2012-01-27 06:57 - 00598016 _____ () C:\Program Files\Autodesk\3ds Max 2014\substance_sse2_blend.dll
2012-01-11 07:25 - 2012-01-11 07:25 - 00274432 _____ () C:\Program Files\Autodesk\3ds Max 2014\substance_linker.dll
2011-09-22 05:41 - 2011-09-22 05:41 - 00727040 _____ () C:\Program Files\Autodesk\3ds Max 2014\AshliFX.dll
2012-12-28 00:20 - 2012-12-28 00:20 - 00045088 _____ () C:\Program Files\Autodesk\3ds Max 2014\QtSolutions_MFCMigrationFramework_Ad_2.dll
2011-11-16 06:48 - 2011-11-16 06:48 - 01057792 _____ () C:\Program Files\Autodesk\3ds Max 2014\gen_fx.dll
2011-04-29 20:23 - 2011-04-29 20:23 - 00125376 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axutil.dll
2011-04-29 20:23 - 2011-04-29 20:23 - 00385984 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_engine.dll
2011-04-29 20:23 - 2011-04-29 20:23 - 00158144 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axiom.dll
2011-04-29 20:23 - 2011-04-29 20:23 - 00034752 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_parser.dll
2011-04-29 20:27 - 2011-04-29 20:27 - 01315264 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\libxml2.dll
2011-04-29 20:23 - 2011-04-29 20:23 - 00103360 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\neethi.dll
2011-04-29 20:23 - 2011-04-29 20:23 - 00046528 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_sender.dll
2011-04-29 20:23 - 2011-04-29 20:23 - 00021440 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\lib\axis2_http_receiver.dll
2011-04-29 20:23 - 2011-04-29 20:23 - 00032192 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\addressing\axis2_mod_addr.dll
2011-04-29 20:23 - 2011-04-29 20:23 - 00014784 _____ () C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\modules\logging\axis2_mod_log.dll
2014-03-17 17:08 - 2012-11-06 10:47 - 00114688 _____ () C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\EnumDevLib.dll
2014-01-19 15:10 - 2011-01-27 01:53 - 00028160 _____ () C:\Program Files (x86)\Anker Precision Laser Gaming Mouse\uiHook.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-08-17 09:53 - 2014-08-07 05:20 - 00718152 _____ () C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-17 09:53 - 2014-08-07 05:20 - 00126280 _____ () C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-17 09:53 - 2014-08-07 05:20 - 08537928 _____ () C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-17 09:53 - 2014-08-07 05:20 - 00353096 _____ () C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-17 09:53 - 2014-08-07 05:20 - 01732936 _____ () C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-17 09:53 - 2014-08-07 05:20 - 14669128 _____ () C:\Users\Lorenz\AppData\Local\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Cookies:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Lorenz\AppData\Local\Verlauf:gs5sys

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: DAZContentManagementService => 2
MSCONFIG\Services: FlexNet Licensing Service 64 => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: mi-raysat_3dsmax2012_64 => 2
MSCONFIG\Services: mi-raysat_3dsmax2014_64 => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\startupfolder: C:^Users^Lorenz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EA Core => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
MSCONFIG\startupreg: Google Update => "C:\Users\Lorenz\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Spiele Post => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: ASInsHelp
Description: ASInsHelp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ASInsHelp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/18/2014 10:48:24 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (08/18/2014 10:46:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2014 02:35:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ZBrush.exe, Version 4.6.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1448

Startzeit: 01cfba17888f2e02

Endzeit: 1

Anwendungspfad: C:\Program Files (x86)\ZBrush\ZBrush.exe

Berichts-ID: dd4bd686-260a-11e4-b0cb-f46d04193268

Error: (08/17/2014 02:33:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ZBrush.exe, Version 4.6.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9ac

Startzeit: 01cfba1751e98508

Endzeit: 1

Anwendungspfad: C:\Program Files (x86)\ZBrush\ZBrush.exe

Berichts-ID: 95e15471-260a-11e4-b0cb-f46d04193268

Error: (08/17/2014 02:32:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ZBrush.exe, Version 4.6.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18e0

Startzeit: 01cfba172e3a2ba5

Endzeit: 2

Anwendungspfad: C:\Program Files (x86)\ZBrush\ZBrush.exe

Berichts-ID: 807bef76-260a-11e4-b0cb-f46d04193268

Error: (08/17/2014 00:31:55 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (08/17/2014 00:29:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2014 11:43:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2014 11:23:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: DesktopDock64.dll, Version: 2.13.0.0, Zeitstempel: 0x537cc6c9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000003190
ID des fehlerhaften Prozesses: 0x4a4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/17/2014 11:16:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/18/2014 10:44:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/17/2014 00:28:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/17/2014 00:03:21 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding740{B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE}

Error: (08/17/2014 11:42:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/17/2014 11:15:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/17/2014 10:55:58 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/17/2014 10:54:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/17/2014 10:54:39 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.

Error: (08/17/2014 10:54:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ASInsHelp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/17/2014 08:59:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.


Microsoft Office Sessions:
=========================
Error: (08/18/2014 10:48:24 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (08/18/2014 10:46:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2014 02:35:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ZBrush.exe4.6.0.0144801cfba17888f2e021C:\Program Files (x86)\ZBrush\ZBrush.exedd4bd686-260a-11e4-b0cb-f46d04193268

Error: (08/17/2014 02:33:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ZBrush.exe4.6.0.09ac01cfba1751e985081C:\Program Files (x86)\ZBrush\ZBrush.exe95e15471-260a-11e4-b0cb-f46d04193268

Error: (08/17/2014 02:32:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ZBrush.exe4.6.0.018e001cfba172e3a2ba52C:\Program Files (x86)\ZBrush\ZBrush.exe807bef76-260a-11e4-b0cb-f46d04193268

Error: (08/17/2014 00:31:55 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (08/17/2014 00:29:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2014 11:43:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2014 11:23:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4DesktopDock64.dll2.13.0.0537cc6c9c000000500000000000031904a401cfb9fbb8d8e136C:\Windows\Explorer.EXEc:\program files (x86)\stardock\fences\DesktopDock64.dll173b1f8f-25f0-11e4-adef-f46d04193268

Error: (08/17/2014 11:16:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2011-04-19 22:44:14.422
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Lorenz\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-04-19 22:44:14.391
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Lorenz\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-04-19 22:44:14.048
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2011-04-19 22:44:14.048
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 48%
Total physical RAM: 8168.95 MB
Available physical RAM: 4205.76 MB
Total Pagefile: 16336.08 MB
Available Pagefile: 11732.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:404.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 480252CA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Edited by marvli, 18 August 2014 - 03:17 AM.

  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

Hello marvli,

Thank you for copying and pasting the logs in the thread. No need to put them in code tags though. Just paste them directly into the post. :)

Moving on

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Please download Rkill by Grinler and save it to your desktop.

  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • When the scan is done Notepad will open with rKill log. Please copy and past that in your reply.

Note: rKill.txt log can also be found on your desktop.

When you return please post

  • Fixlog.txt
  • rKill log

 


  • 0

#5
marvli

marvli

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

Rkill.txt:

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/18/2014 12:11:16 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\Lorenz\Downloads\FRST64.exe (PID: 6796) [UP-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * Cannot edit the HOSTS file.
 * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingc.../hosts-permbat/
 
 * HOSTS file entries found: 
 
  127.0.0.1 www.007guard.com
  127.0.0.1 007guard.com
  127.0.0.1 008i.com
  127.0.0.1 www.008k.com
  127.0.0.1 008k.com
  127.0.0.1 www.00hq.com
  127.0.0.1 00hq.com
  127.0.0.1 010402.com
  127.0.0.1 www.032439.com
  127.0.0.1 032439.com
  127.0.0.1 www.0scan.com
  127.0.0.1 0scan.com
  127.0.0.1 1000gratisproben.com
  127.0.0.1 www.1000gratisproben.com
  127.0.0.1 1001namen.com
  127.0.0.1 www.1001namen.com
  127.0.0.1 100888290cs.com
  127.0.0.1 www.100888290cs.com
  127.0.0.1 www.100sexlinks.com
  127.0.0.1 100sexlinks.com
 
  20 out of 15502 HOSTS entries shown.
  Please review HOSTS file for further entries.
 
Program finished at: 08/18/2014 12:13:33 PM
Execution time: 0 hours(s), 2 minute(s), and 17 seconds(s)
 
 
Fixlog.txt:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-08-2014 04
Ran by Lorenz at 2014-08-18 12:10:05 Run:2
Running from C:\Users\Lorenz\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Cookies:gs5sys
AlternateDataStreams: C:\Users\Lorenz\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Lorenz\AppData\Local\Verlauf:gs5sys
*****************
 
"C:\ProgramData\Templates" => ":gs5sys" ADS not found.
"C:\ProgramData\Vorlagen" => ":gs5sys" ADS not found.
"C:\Users\Lorenz\Cookies" => ":gs5sys" ADS not found.
"C:\Users\Lorenz\Vorlagen" => ":gs5sys" ADS not found.
"C:\Users\Lorenz\AppData\Local\Verlauf" => ":gs5sys" ADS not found.
 
==== End of Fixlog ====
 

  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

Hmm... something not working properly there.

 

Let's do this:

 

Please download ComboFix from this location:

Link

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
 

  • Double click on ComboFix.exe & follow the prompts.
  • If you have an older Operating System you may be asked whether you want to install the Recovery Console. Click yes and follow any prompts.
  • Your desktop may go blank. This is normal.
  • ComboFix may appear to be doing nothing for quite long periods, this is normal, just leave it to do it's job.
  • ComboFix may reboot your machine. This is normal too.

**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**

When finished, it will produce a log for you.  Please include the C:\ComboFix.txt in your next reply.

 


  • 0

#7
marvli

marvli

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts

OK, so I did run from my desktop this time not from Downloads:

 

Combofix.txt

 

ComboFix 14-08-17.01 - Lorenz 18.08.2014  23:41:03.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8169.4591 [GMT 2:00]
ausgeführt von:: c:\users\Lorenz\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\temp25.log
c:\users\Lorenz\AppData\Favorites\Ryu.cs
c:\users\Lorenz\AppData\Local\uninst.log
c:\users\Lorenz\AppData\Roaming\technic-launcher.jar
c:\users\Lorenz\AppData\Roaming\uninst.log
c:\windows\IsUn0407.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-07-18 bis 2014-08-18  ))))))))))))))))))))))))))))))
.
.
2014-08-18 09:27 . 2014-08-18 09:27 -------- d-----w- c:\program files (x86)\FirstClass
2014-08-18 09:27 . 2014-08-18 09:27 -------- d-----w- c:\programdata\FirstClass
2014-08-18 08:04 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C8370FC7-87B6-4B7F-9CC0-DA9996B3A6C3}\mpengine.dll
2014-08-17 12:47 . 2014-08-17 12:47 -------- d-----w- c:\program files (x86)\Autodesk
2014-08-17 12:46 . 2014-08-17 12:46 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2014-08-17 12:22 . 2014-08-17 12:22 -------- d-----w- c:\users\Lorenz\AppData\Local\Akamai
2014-08-17 09:39 . 2014-08-17 09:39 53248 ----a-w- c:\windows\SysWow64\zlib.dll
2014-08-17 09:39 . 2014-08-17 09:39 -------- d-----w- c:\programdata\Foolish IT
2014-08-17 09:39 . 2014-08-17 09:39 -------- d-----w- c:\program files (x86)\Foolish IT
2014-08-17 09:19 . 2014-08-18 22:00 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-17 09:18 . 2014-08-17 09:18 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-08-17 09:18 . 2014-08-17 09:18 -------- d-----w- c:\programdata\Malwarebytes
2014-08-17 09:18 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-08-17 09:18 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-08-17 09:18 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-08-17 08:49 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-08-17 08:49 . 2014-08-17 08:52 -------- d-----w- C:\AdwCleaner
2014-08-17 08:39 . 2014-08-18 19:33 -------- d-----w- c:\users\Lorenz\AppData\Local\CrashDumps
2014-08-17 08:27 . 2014-08-17 08:37 36456 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-08-17 08:27 . 2014-08-17 08:27 -------- d-----w- c:\programdata\RogueKiller
2014-08-17 07:49 . 2014-08-18 10:10 -------- d-----w- C:\FRST
2014-08-17 07:25 . 2014-05-02 00:00 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F90A133D-C6D0-4D8F-B6BF-E999DBB7A3FA}\gapaengine.dll
2014-08-17 07:15 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-14 19:32 . 2014-08-14 19:32 -------- d-----w- c:\program files (x86)\Modern
2014-08-14 08:11 . 2014-08-14 08:12 -------- d-----w- c:\users\Lorenz\AppData\Roaming\faogen3
2014-08-13 22:04 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-13 22:04 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-13 22:04 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-13 22:04 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-13 22:04 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-13 22:04 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-13 22:04 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-13 22:04 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-13 10:45 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-13 10:45 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-13 09:15 . 2014-08-13 09:15 -------- d-sh--w- c:\windows\ftpcache
2014-08-11 07:38 . 2014-08-11 07:38 -------- d-----w- c:\program files\Faogen 3
2014-08-10 14:50 . 2014-08-10 15:19 -------- d-----w- c:\programdata\Stardock
2014-08-10 14:50 . 2014-08-10 14:50 -------- d-----w- c:\users\Lorenz\AppData\Local\Stardock
2014-08-10 14:50 . 2014-08-10 14:50 -------- d-----w- c:\users\Lorenz\AppData\Roaming\Stardock
2014-08-10 14:49 . 2014-08-10 15:17 -------- d-----w- c:\program files (x86)\Stardock
2014-08-10 14:36 . 2014-08-10 14:36 -------- d-----w- c:\program files\Microsoft Network Monitor 3
2014-08-08 15:01 . 2014-08-18 10:27 122584 ----a-w- c:\windows\system32\drivers\48230029.sys
2014-08-07 17:31 . 2014-08-17 12:22 -------- d-----w- C:\Autodesk
2014-08-07 10:51 . 2014-08-07 10:51 -------- dc-h--w- c:\programdata\{629D8B17-22B3-46F8-A281-BD604EBA3ED7}
2014-08-05 12:38 . 2014-08-05 12:38 -------- d-----w- c:\users\Lorenz\AppData\Roaming\inkscape
2014-08-05 12:33 . 2014-08-05 12:37 -------- d-----w- c:\program files (x86)\Inkscape
2014-08-04 13:45 . 2014-08-04 13:45 -------- d-----w- c:\users\Lorenz\AppData\Local\Blizzard Entertainment
2014-08-04 13:45 . 2014-08-04 13:45 -------- d-----w- c:\users\Lorenz\AppData\Local\Battle.net
2014-08-04 13:45 . 2014-08-04 13:45 -------- d-----w- c:\users\Lorenz\AppData\Roaming\Battle.net
2014-08-04 13:44 . 2014-08-04 13:45 -------- d-----w- c:\programdata\Blizzard Entertainment
2014-08-04 13:44 . 2014-08-04 13:45 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2014-08-04 13:44 . 2014-08-04 13:45 -------- d-----w- c:\program files (x86)\Battle.net
2014-08-03 11:53 . 2014-08-03 11:53 -------- d-----w- c:\users\Lorenz\AppData\Local\IsolatedStorage
2014-08-03 11:40 . 2014-08-03 11:40 -------- d-----w- c:\users\Public\Quixel
2014-08-01 12:28 . 2014-05-14 16:23 44512 ----a-w- c:\windows\system32\wups2.dll
2014-08-01 12:28 . 2014-05-14 16:23 58336 ----a-w- c:\windows\system32\wuauclt.exe
2014-08-01 12:28 . 2014-05-14 16:23 2477536 ----a-w- c:\windows\system32\wuaueng.dll
2014-08-01 12:28 . 2014-05-14 16:21 2620928 ----a-w- c:\windows\system32\wucltux.dll
2014-08-01 12:27 . 2014-05-14 16:23 38880 ----a-w- c:\windows\system32\wups.dll
2014-08-01 12:27 . 2014-05-14 16:20 97792 ----a-w- c:\windows\system32\wudriver.dll
2014-08-01 12:27 . 2014-05-14 16:23 36320 ----a-w- c:\windows\SysWow64\wups.dll
2014-08-01 12:27 . 2014-05-14 16:23 700384 ----a-w- c:\windows\system32\wuapi.dll
2014-08-01 12:27 . 2014-05-14 16:23 581600 ----a-w- c:\windows\SysWow64\wuapi.dll
2014-08-01 12:27 . 2014-05-14 16:17 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2014-08-01 12:26 . 2014-05-14 07:23 179656 ----a-w- c:\windows\SysWow64\wuwebv.dll
2014-08-01 12:26 . 2014-05-14 07:23 198600 ----a-w- c:\windows\system32\wuwebv.dll
2014-08-01 12:26 . 2014-05-14 07:20 36864 ----a-w- c:\windows\system32\wuapp.exe
2014-08-01 12:26 . 2014-05-14 07:17 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
2014-07-30 12:06 . 2014-07-30 12:06 -------- d-----w- c:\users\Lorenz\AppData\Local\LogMeIn
2014-07-30 12:06 . 2014-07-30 12:06 -------- d-----w- c:\programdata\LogMeIn
2014-07-30 09:50 . 2014-07-30 09:50 -------- d-----w- c:\users\Lorenz\AppData\Local\Quixel_AB
2014-07-30 09:47 . 2014-07-30 09:47 -------- d-----w- c:\users\Lorenz\AppData\Roaming\Quixel
2014-07-29 11:59 . 2014-07-29 14:19 -------- d-----w- c:\users\Lorenz\AppData\Roaming\TS3Client
2014-07-29 11:56 . 2014-07-29 11:56 -------- d-----w- c:\program files (x86)\TeamSpeak 3 Client
2014-07-27 09:22 . 2014-07-27 09:22 -------- d-----w- c:\users\Lorenz\AppData\Local\Allegorithmic
2014-07-27 09:21 . 2014-07-27 09:21 -------- d-----w- c:\program files\Allegorithmic
2014-07-20 09:45 . 2014-07-20 09:46 -------- d-----w- c:\program files\3D-Coat-V4
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-14 20:06 . 2012-06-10 16:03 66872 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-08-13 22:08 . 2011-04-19 20:25 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-07-06 07:25 . 2013-05-21 18:17 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-07-06 07:25 . 2014-07-06 07:26 313256 ----a-w- c:\windows\system32\javaws.exe
2014-07-06 07:25 . 2013-05-21 18:17 191400 ----a-w- c:\windows\system32\javaw.exe
2014-07-06 07:25 . 2013-05-21 18:17 190888 ----a-w- c:\windows\system32\java.exe
2014-06-30 11:51 . 2014-06-30 11:51 61440 ----a-w- c:\windows\SysWow64\nvPhotoshopUtil.dll
2014-06-30 11:51 . 2014-06-30 11:51 40960 ----a-w- c:\windows\SysWow64\nvISWOW64.dll
2014-06-30 11:51 . 2011-11-12 07:32 151552 ----a-w- c:\windows\SysWow64\nvRegDev.dll
2014-06-25 23:17 . 2014-06-25 23:17 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-06-25 23:06 . 2014-06-25 23:06 2938 ----a-w- c:\windows\SysWow64\ealregsnapshot1.reg
2014-06-23 22:04 . 2012-06-10 16:03 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-06-23 22:04 . 2012-06-10 15:39 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-06-23 14:39 . 2011-04-20 15:11 281688 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-06-18 02:18 . 2014-07-10 07:19 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-10 07:19 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-07 20:22 . 2014-06-07 18:43 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-06-07 17:12 . 2011-06-24 12:28 386680 ----a-w- c:\windows\system32\drivers\sptd.sys
2014-06-06 10:10 . 2014-07-10 07:19 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-10 07:19 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-10 07:18 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-10 07:18 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-10 07:18 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-10 07:19 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-10 07:19 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-10 07:19 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-10 07:19 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-10 07:19 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-10 07:19 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-10 07:19 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-10 07:19 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-10 07:19 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-10 07:19 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-10 07:19 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-10 07:19 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-10 07:19 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-10 07:19 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-10 07:19 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2014-05-29 23:00 . 2014-06-07 13:32 1291232 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-05-29 23:00 . 2014-06-07 13:32 1122312 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-05-29 22:59 . 2014-06-07 13:32 1715176 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-05-29 22:59 . 2014-06-07 13:32 1279480 ----a-w- c:\windows\system32\nvspcap64.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"EsternTimesMouseExRun"="c:\program files (x86)\Anker Precision Laser Gaming Mouse\AnkerMonEx.exe" [2013-04-23 3351040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-03-17 224128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ALSysIO;ALSysIO;c:\users\Lorenz\AppData\Local\Temp\ALSysIO64.sys;c:\users\Lorenz\AppData\Local\Temp\ALSysIO64.sys [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R4 DAZContentManagementService;DAZ Content Management Service;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe ;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe  [x]
R4 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys;c:\windows\SYSNATIVE\DRIVERS\nm3.sys [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 mi-raysat_3dsmax2014_64;mental ray Satellite for Autodesk 3ds Max 2014 64-bit;c:\program files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe;c:\program files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RealtekCU;RealtekCU;c:\program files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe;c:\program files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtlService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys;c:\windows\SYSNATIVE\DRIVERS\nvoclk64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
S3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
S3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-20 19:41]
.
2014-08-18 c:\windows\Tasks\AdobeAAMUpdater-1.0-Computer-Lorenz.job
- c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2014-04-05 04:09]
.
2014-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-08 13:46]
.
2014-08-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-06-08 13:46]
.
2014-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-721527169-3598334179-861810665-1000Core.job
- c:\users\Lorenz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-19 20:29]
.
2014-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-721527169-3598334179-861810665-1000UA.job
- c:\users\Lorenz\AppData\Local\Google\Update\GoogleUpdate.exe [2011-04-19 20:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2350880]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-05-29 1279480]
"Fences"="c:\program files (x86)\Stardock\Fences\Fences.exe" [2014-05-22 3993744]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2014-05-22 521872]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube to MP3 Converter - c:\users\Lorenz\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.192.1
FF - ProfilePath - c:\users\Lorenz\AppData\Roaming\Mozilla\Firefox\Profiles\ddofuwyq.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
.
------- Dateityp-Verknüpfung -------
.
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.scr=CryptoPreventSCR
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Arma 2 Army of The Czech Republic (LITE) - c:\program files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ACR_Lite_UnInstall.exe
AddRemove-BattlEye for OA - c:\program files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\Expansion\BattlEye\UnInstallBE.exe
AddRemove-UnityWebPlayer - c:\users\Lorenz\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-721527169-3598334179-861810665-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:1e,43,f4,f8,d5,00,6e,85,9f,82,83,be,9d,d9,cd,5e,c3,c2,da,3c,ca,38,67,
   42,d5,f5,10,c4,f6,5b,c7,d7,7e,c1,23,d5,1e,66,07,48,95,0c,fd,e5,e7,fb,6d,09,\
"??"=hex:5f,c1,36,f8,82,e2,79,84,23,72,b2,5c,4e,1d,6f,2c
.
[HKEY_USERS\S-1-5-21-721527169-3598334179-861810665-1000\Software\SecuROM\License information*]
"datasecu"=hex:a2,ea,34,eb,3c,53,82,20,91,a1,52,88,9f,81,9e,ef,97,1d,d1,52,1b,
   47,a5,2b,55,75,2b,2a,10,61,ad,d2,ec,ed,8b,8e,93,fd,44,6b,7f,f5,e8,cb,3d,7b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_USERS\S-1-5-21-721527169-3598334179-861810665-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\c:\Program Files (x86)\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00"
"qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00"
"qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00"
.
[HKEY_USERS\S-1-5-21-721527169-3598334179-861810665-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\c:\program files (x86)\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats]
"Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00"
"qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
"qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
c:\program files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWlan.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-19  00:07:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-08-18 22:07
.
Vor Suchlauf: 10 Verzeichnis(se), 415.141.552.128 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 415.947.403.264 Bytes frei
.
- - End Of File - - B1CB37D2F418070656FEDA01E71A9F36
A36C5E4F47E84449FF07ED3517B43A31
 
 
 
Looks like it automatically used my OS language. I can translate all of that if you need me to :)

  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts

Looks like it automatically used my OS language. I can translate all of that if you need me to :)


If I do I will ask you. All okay so far though. :)

Moving on

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you may need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Disable your security programs.
  • Click the blue Run ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow/install to install. If your firewall asks whether you want to allow installation, say yes. If asked, click yes to allow the program to run on your computer.
  • Check "Enable detection of potentially unwanted applications"
  • Click on Start and say yes to allow the program to proceed.
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed click "List of found threats" and click again on Copy to clipboard. Open notepad and past in the clipboard list. Save it as ESET log somewhere that you can find .
  • After that click the button "Back"
  • Select and check Uninstall application on close and Delete quarantined files.
  • Then click on: Finish
  • Copy and paste the ESET log back here and tell me how your machine is now.

 
  • 0

#9
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,017 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP