Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Advanced System Protector, my Backup & Regcleaner Pro

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.11.2013, 11:59   #1
kleind
 
Advanced System Protector, my Backup & Regcleaner Pro - Standard

Advanced System Protector, my Backup & Regcleaner Pro



Hallo,

es tut mir leid euch wieder mit diesem alten Thema belästigen zu müssen. Ich habe hierzu bereits einen Foreneintrag gefunden doch konnte mir dieser nicht helfen.
Die im Betreff angegebenen Programme lassen sich nicht mehr entfernen. Ich habe mit dem FRST einen Scan durchgeführt und mal aufgelistet was auf dem Computer vor sich geht. Vielen Dank für eure Hilfe!
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2013
Ran by Lutz (administrator) on LUTZ-PC on 14-11-2013 11:29:19
Running from C:\Users\Lutz\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
() C:\ProgramData\IBUpdaterService\ibsvc.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AMD) C:\Windows\system32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Vimicro Corporation) C:\Program Files (x86)\Sweex\WC060\VMonitor.exe
(Dropbox, Inc.) C:\Users\Lutz\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\DeviceDisplayObjectProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(TeamViewer GmbH) c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\avgnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11774568 2011-01-13] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [362032 2009-11-12] (Acronis)
HKLM\...\Run: [XeroxEndeavorBackgroundTask] - rundll32.exe xrWCbgnd.dll,LaunchBgTask 1
HKCU\...\Run: [IncrediMail] - C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe [366024 2012-03-28] (IncrediMail, Ltd.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: H - H:\LaunchU3.exe -a
MountPoints2: {00fb02c6-f491-11e0-9aac-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {08f6f6a3-ef11-11e0-954f-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {3738b26e-89df-11e1-aa80-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {3fcb39fc-f0d8-11e0-b53e-8c89a5282830} - G:\Setup.exe
MountPoints2: {6fdb7f27-a592-11e2-ac95-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {7d5db93c-c405-11e1-9a26-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {994d8635-5892-11e2-ba02-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {a207cf8b-2a58-11e3-87d1-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {b53a091a-f0de-11e0-8f20-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {baee3497-03ab-11e2-a6f2-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {c51e407d-2733-11e3-af3b-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {c860ec9c-bdaa-11e0-a5db-8c89a5282830} - G:\LaunchU3.exe -a
MountPoints2: {cfbf1b2f-68e6-11e1-ae5d-8c89a5282830} - H:\DTVP_Launcher.exe
MountPoints2: {e4434c18-d618-11e1-82b7-8c89a5282830} - H:\LaunchU3.exe -a
MountPoints2: {ed51f9be-c367-11e2-8f8e-8c89a5282830} - H:\LaunchU3.exe -a
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] - D:\Corel\Corel Graphics 12\Languages\DE\Programs\registration.exe [733184 2003-11-27] (Corel Corporation)
HKLM-x32\...\Run: [Adobe_ID0EYTHM] - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe [1884160 2007-03-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5140960 2009-11-12] (Acronis)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [Tv-Plug-In] - C:\Program Files (x86)\Tv-Plug-In\Tv-Plug-In.exe [296744 2013-04-10] (Intech-Software Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-10-31] (Avira Operations GmbH & Co. KG)
IMEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\capture.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\coreldrw.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\corelpp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\corupd.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\csbprof.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\fontnav.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\rave.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\trace.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IMEO\tv-plug-in.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
Startup: C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Lutz\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk
ShortcutTarget: Versandhelfer.lnk -> C:\Program Files (x86)\Versandhelfer\Versandhelfer.exe ()
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{cd54a046-b47a-11e0-b68c-806e6f6e6963}\bootwiz\asrm.bin

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=hp&installDate=11/11/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDND&bmod=MDND
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=FA258C89A5282830&affID=122289&tsp=4924
SearchScopes: HKCU - {1C53D31A-8A0C-4BD1-A8F0-59B706876999} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=fa252e120000000000008c89a5282830&r=439
SearchScopes: HKCU - {432C0C35-5DAA-4378-A194-38E21712C624} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com//?search={searchTerms}&loc=search_box&a=1ex66TGhplC
SearchScopes: HKCU - {F1A73045-2E99-48E7-A0D9-CE7F6500ABB9} URL = hxxp://isearch.avg.com/search?cid={30CB6281-AEBA-44EE-A239-E9E3587E35F4}&mid=24946bb6144e47d1b1775dc0e3ccc1c3-7ca552837ab04f8c1c792cf35e719a890cf7eed2&lang=de&ds=tt014&pr=sa&d=2011-12-09 08:03:56&v=8.0.0.34&sap=dsp&q={searchTerms}
BHO: SuperLyrics-16 - {11111111-1111-1111-1111-110411411162} - C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-bho64.dll (10superSoftabcd)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: SuperLyrics-16 - {11111111-1111-1111-1111-110411411162} - C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-bho.dll (10superSoftabcd)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File
Toolbar: HKCU - No Name - {990AF1C2-5A27-4460-8149-ECC6BC122AF3} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.10

FireFox:
========
FF ProfilePath: C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\f0zwr6ci.default
FF Homepage: N-TV.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-1.3 - C:\Users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\f0zwr6ci.default\Extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor

Chrome: 
=======
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh\25.62088_0
CHR Extension: (Snap.Do ) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0
CHR Extension: (SiteAdvisor) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0
CHR Extension: (Plus-HD-1.3) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0
CHR Extension: () - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\incpbbmbclbkhjphicahojidkcabaajc\1.25.19_0
CHR Extension: (Skype Click to Call) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (DealPly  Shopping) - C:\Users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcgaoafcmbadjkfdippkdddgkeaipbn\3.5.0.0_0
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Lutz\AppData\Roaming\PlusWinks\PlusWinks.crx
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Lutz\AppData\Local\Temp\tbch.crx
CHR HKLM-x32\...\Chrome\Extension: [ojcgaoafcmbadjkfdippkdddgkeaipbn] - C:\Program Files (x86)\DealPly\DealPly.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-10-31] (Avira Operations GmbH & Co. KG)
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] ()
R2 IBUpdaterService; C:\ProgramData\IBUpdaterService\ibsvc.exe [614720 2013-06-25] ()
S4 IISExpressSVC; C:\Program Files (x86)\Lansweeper\IISExpress\IISexpressSVC.exe [106496 2011-03-30] (Lansweeper.com)
S4 lansweeperservice; C:\Program Files (x86)\Lansweeper\Service\Lansweeperservice.exe [304640 2011-06-14] (Lansweeper)
R2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [103472 2012-12-04] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MSSQL$SQLLANSWEEPER2K8; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe [43028328 2011-09-22] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-21] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWow64\snmp.exe [47616 2010-11-21] (Microsoft Corporation)
S4 SQLAgent$SQLLANSWEEPER2K8; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE [370024 2011-09-22] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2100024 2013-09-09] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [106904 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-10-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-31] (Avira Operations GmbH & Co. KG)
S2 Par1284; C:\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys [53344 2005-03-02] (Warp Nine Engineering)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2011-10-07] ()
R0 tdrpman258; C:\Windows\System32\DRIVERS\tdrpm258.sys [1477728 2011-07-25] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [199168 2009-07-20] (Vimicro Corporation)
R3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
U3 abzwpgl4; C:\Windows\System32\Drivers\abzwpgl4.sys [0 ] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\afcdp.sys 3F5FDC12FFA4794FC3A178A26D48E7CF
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 60216B0E704584DE6D5A9F59E9C34C47
C:\Windows\System32\DRIVERS\atikmpag.sys 6B4E9261B613B047A9A145F328889968
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asmthub3.sys 6FE3237C1177E66437E7AD0E8AC1A6E5
C:\Windows\system32\drivers\asmtxhci.sys C4043E39A2ABBC56581CA25DF161E9F7
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtihdW76.sys CBD14F698DEF12EE3557604B726CB8EB
C:\Windows\System32\DRIVERS\avgntflt.sys 0909E9AD4019AFF25C58E0DFFDCD744E
C:\Windows\System32\DRIVERS\avipbb.sys DBAB18B20FDA2542EEF8C588D878B7B5
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\drivers\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStor.sys D7921D5A870B11CC1ADAB198A519D50A
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 3E49DAC8EEFA6016AA2A6331BEC866AE
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\system32\drivers\HECIx64.sys A6518DCC42F7A6E999BB3BEA8FD87567
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys DD81FBC57AB9134CDDC5CE90880BFD80
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys 8E55251D83763CCCA60FE26A811CFB0C
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys ED5873F7DFB2F96D37F13322211B6BDC
C:\Windows\System32\DRIVERS\RTL8192su.sys 4629C5C4772D223B0ECD1EA8BA7A2A33
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\snapman.sys 27BA49F89468FDDAE6C2B311C53BCE3A
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\serscan.sys DECACB6921DED1A38642642685D77DAC
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdrpm258.sys BF7AC81DF6FBE09438D9DC7188178EA9
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\timntr.sys 2C1CAF5563548A15515EAB07D2A069C6
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys 45427C4B8CAC6B241478F149B935CD80
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\VMUVC.sys 32C178C985E1FCAAD4861E57A0723101
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vvftUVC.sys 9D9FE9E24F03AD87324245F516BEDAE5
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WSDPrint.sys 8D918B1DB190A4D9B1753A66FA8C96E8
C:\Windows\System32\DRIVERS\wsvd.sys 82E8F5AA03DF7DBDB8A33F700D5D8CDA
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\Drivers\abzwpgl4.sys 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-14 10:52 - 2013-11-14 10:55 - 00040012 _____ C:\Users\Lutz\Downloads\Addition.txt
2013-11-14 10:50 - 2013-11-14 11:30 - 00043550 _____ C:\Users\Lutz\Downloads\FRST.txt
2013-11-14 10:48 - 2013-11-14 10:48 - 00000000 ____D C:\FRST
2013-11-14 10:47 - 2013-11-14 10:47 - 01957794 _____ (Farbar) C:\Users\Lutz\Downloads\FRST64.exe
2013-11-14 10:46 - 2013-11-14 10:46 - 01090529 _____ (Farbar) C:\Users\Lutz\Downloads\FRST.exe
2013-11-14 09:58 - 2013-11-14 09:58 - 00001174 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-11-14 09:58 - 2013-11-14 09:58 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-11-14 09:56 - 2013-11-14 09:58 - 05831344 _____ (TeamViewer GmbH) C:\Users\Lutz\Downloads\TeamViewer_Setup_de.exe
2013-11-14 09:01 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-14 09:01 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-14 09:01 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-14 09:01 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-14 09:01 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-14 09:01 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-14 09:01 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-14 09:01 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-14 09:01 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-14 09:01 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-14 09:01 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-14 09:01 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-14 07:30 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 07:30 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 07:30 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 07:30 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 07:30 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-14 07:30 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 07:30 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 07:30 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 07:30 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 07:30 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 07:30 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 07:30 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 07:30 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 07:30 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 07:30 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 07:30 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 07:30 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 07:30 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 07:30 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 07:30 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 07:30 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 07:30 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 07:30 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 07:30 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 07:30 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 07:30 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 07:30 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 07:30 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 07:30 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 07:30 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Lutz\Desktop\5
2013-11-14 07:17 - 2013-11-14 07:17 - 00000000 ____D C:\Users\Lutz\Desktop\4
2013-11-13 14:15 - 2013-11-13 14:15 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Avira
2013-11-13 14:12 - 2013-11-13 14:12 - 00002080 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-13 14:12 - 2013-10-31 19:25 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-11-13 14:11 - 2013-11-13 14:11 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-13 14:11 - 2013-10-31 19:25 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-11-13 14:11 - 2013-10-31 19:25 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-11-13 14:11 - 2013-10-31 19:25 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-13 13:52 - 2013-11-13 13:54 - 126764512 _____ C:\Users\Lutz\Downloads\avira_free_antivirus_de.exe
2013-11-13 13:31 - 2013-11-13 13:31 - 00000000 ____D C:\ProgramData\Systweak
2013-11-13 13:29 - 2013-11-13 13:29 - 00269768 _____ C:\Windows\Minidump\111313-26925-01.dmp
2013-11-13 12:43 - 2013-11-13 22:14 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.3
2013-11-13 12:43 - 2013-11-13 22:14 - 00000000 ____D C:\Program Files (x86)\JFileManager
2013-11-13 12:21 - 2013-11-13 12:21 - 00000000 ____D C:\Users\Lutz\SyncFolder
2013-11-13 12:07 - 2013-11-13 12:07 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-11-13 11:53 - 2013-11-14 09:09 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-11-13 11:53 - 2013-11-13 13:37 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-11-13 11:52 - 2013-11-14 10:14 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-11-13 11:52 - 2013-11-13 15:01 - 00000274 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-11-13 11:52 - 2013-11-13 13:30 - 00000282 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-11-13 11:52 - 2013-11-13 11:52 - 00003020 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-11-13 11:52 - 2013-11-13 11:52 - 00002864 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2013-11-13 11:52 - 2013-11-13 11:52 - 00001239 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-11-13 11:52 - 2012-07-25 12:03 - 00016896 _____ C:\Windows\system32\sasnative64.exe
2013-11-13 11:51 - 2013-11-13 22:14 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Systweak
2013-11-13 11:51 - 2013-11-13 22:14 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-11-13 11:51 - 2013-11-13 11:51 - 00001064 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-11-13 11:51 - 2013-08-22 18:36 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-11-13 11:50 - 2013-11-13 11:50 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-13 11:50 - 2013-11-13 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-13 11:43 - 2013-11-13 11:43 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0(1).exe
2013-11-13 07:46 - 2013-11-13 07:47 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0 (2).exe
2013-11-13 07:46 - 2013-11-13 07:46 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0 (1).exe
2013-11-13 07:45 - 2013-11-13 07:45 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0.exe
2013-11-13 07:32 - 2013-11-13 12:06 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\TweakNow RegCleaner
2013-11-13 07:32 - 2013-11-13 12:06 - 00000000 ____D C:\Program Files (x86)\TweakNow RegCleaner
2013-11-13 07:31 - 2013-11-13 07:31 - 07217632 _____ (TweakNow.com                                                ) C:\Users\Lutz\Downloads\RegCleaner730.exe
2013-11-12 14:10 - 2013-11-12 14:10 - 00000000 ____D C:\Users\Lutz\Desktop\2
2013-11-12 12:50 - 2013-11-12 12:50 - 00001349 _____ C:\Users\Lutz\Desktop\November 2013 - Verknüpfung.lnk
2013-11-12 10:13 - 2013-11-12 10:13 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (3).exe
2013-11-12 10:12 - 2013-11-12 10:13 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (2).exe
2013-11-12 10:12 - 2013-11-12 10:12 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-12 10:04 - 2013-11-12 10:04 - 00001639 _____ C:\Users\Lutz\Desktop\Kopie Kasse1 Blatt 5 - Verknüpfung.lnk
2013-11-12 10:04 - 2013-11-12 10:04 - 00001639 _____ C:\Users\Lutz\Desktop\Kopie Kasse1 Blatt 4 - Verknüpfung.lnk
2013-11-12 10:04 - 2013-11-12 10:04 - 00001614 _____ C:\Users\Lutz\Desktop\Kopie von Blatt 3 - Verknüpfung.lnk
2013-11-12 09:22 - 2013-11-12 09:22 - 00915368 _____ (Oracle Corporation) C:\Users\Lutz\Downloads\jxpiinstall(1).exe
2013-11-12 08:43 - 2013-11-12 08:43 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0.exe
2013-11-12 07:59 - 2013-11-12 07:59 - 00000000 ____D C:\ProgramData\Nico Mak Computing
2013-11-12 07:56 - 2013-11-12 07:57 - 00273224 _____ C:\Windows\Minidump\111213-21013-01.dmp
2013-11-11 10:52 - 2013-11-14 09:09 - 00003116 _____ C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2013-11-11 10:51 - 2013-11-12 16:43 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Nico Mak Computing
2013-11-11 10:51 - 2013-11-12 16:43 - 00000000 ____D C:\Program Files (x86)\WinZip Malware Protector
2013-11-11 10:51 - 2013-11-11 10:51 - 04892480 _____ (WinZip International LLC                                    ) C:\Users\Lutz\Downloads\wzmp_8.exe
2013-11-11 10:51 - 2013-11-11 10:51 - 00001227 _____ C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2013-11-11 10:51 - 2013-03-15 17:10 - 00020480 _____ C:\Windows\system32\wsusnative64.exe
2013-11-11 10:26 - 2013-11-11 10:26 - 00269768 _____ C:\Windows\Minidump\111113-24616-01.dmp
2013-11-11 09:47 - 2013-11-11 09:47 - 00000977 _____ C:\Users\Lutz\Desktop\Kopfbogen neu - Verknüpfung.lnk
2013-11-11 09:31 - 2013-11-14 09:31 - 00001350 _____ C:\Windows\Tasks\SuperLyrics-16-updater.job
2013-11-11 09:31 - 2013-11-11 09:31 - 00004380 _____ C:\Windows\System32\Tasks\SuperLyrics-16-updater
2013-11-11 09:30 - 2013-11-14 09:31 - 00001156 _____ C:\Windows\Tasks\SuperLyrics-16-enabler.job
2013-11-11 09:30 - 2013-11-14 09:30 - 00001970 _____ C:\Windows\Tasks\SuperLyrics-16-chromeinstaller.job
2013-11-11 09:30 - 2013-11-14 09:30 - 00001894 _____ C:\Windows\Tasks\SuperLyrics-16-firefoxinstaller.job
2013-11-11 09:30 - 2013-11-14 09:30 - 00001256 _____ C:\Windows\Tasks\SuperLyrics-16-codedownloader.job
2013-11-11 09:30 - 2013-11-13 22:14 - 00000000 ____D C:\Program Files (x86)\SuperLyrics-16
2013-11-11 09:30 - 2013-11-12 16:43 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-11-11 09:30 - 2013-11-12 16:43 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-11-11 09:30 - 2013-11-12 16:42 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\DealPly
2013-11-11 09:30 - 2013-11-11 09:31 - 00004186 _____ C:\Windows\System32\Tasks\SuperLyrics-16-enabler
2013-11-11 09:30 - 2013-11-11 09:30 - 00004286 _____ C:\Windows\System32\Tasks\SuperLyrics-16-codedownloader
2013-11-11 09:30 - 2013-11-11 09:30 - 00003506 _____ C:\Windows\System32\Tasks\DealPly
2013-11-11 09:30 - 2013-11-11 09:30 - 00003364 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 ____D C:\Users\Lutz\AppData\Local\SearchProtect
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 _____ C:\END
2013-11-11 09:27 - 2013-11-11 09:28 - 00555728 _____ C:\Users\Lutz\Downloads\Java7.exe
2013-11-08 11:16 - 2013-11-08 11:16 - 00000156 _____ C:\Users\Lutz\Downloads\Kontoumsaetze_703_786503300_20131108_111622.csv
2013-11-07 15:25 - 2013-11-13 07:49 - 00000866 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-07 15:25 - 2013-11-07 15:25 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Iminent
2013-11-07 15:24 - 2013-11-07 15:24 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\SpeedTestAnalysis
2013-11-07 15:23 - 2013-11-07 15:24 - 17533552 _____ (Microsoft Corporation) C:\Users\Lutz\Desktop\visioviewer_14.0.4750.1000.exe
2013-11-07 15:22 - 2013-11-07 15:23 - 01628904 _____ (Bandoo Media Inc) C:\Users\Lutz\Downloads\iLividSetup-r887-n-bf.exe
2013-11-07 15:22 - 2013-11-07 15:22 - 00400736 _____ (Softonic                                        ) C:\Users\Lutz\Downloads\SoftonicDownloader_fuer_visio-viewer-2010.exe
2013-11-06 14:51 - 2013-11-06 14:51 - 00000000 ____D C:\Users\Lutz\AppData\Local\{F4E22B80-6DEE-493A-98EC-688CD0688D2A}
2013-11-06 12:10 - 2013-11-06 12:12 - 00000000 ____D C:\Program Files (x86)\Cutting Master 2 1.93
2013-11-06 12:10 - 1999-10-06 08:51 - 00471840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhupd.exe
2013-11-06 12:10 - 1999-10-06 08:51 - 00463392 _____ (Borland International) C:\Windows\SysWOW64\OWL250F.DLL
2013-11-06 12:10 - 1999-10-06 08:51 - 00073716 _____ C:\Windows\SysWOW64\SENTINEL.VXD
2013-11-06 12:10 - 1999-05-06 23:00 - 00244232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFLXGRD.OCX
2013-11-06 12:10 - 1999-04-23 21:22 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.DLL
2013-11-06 12:10 - 1997-01-15 23:00 - 01766160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBA5.DLL
2013-11-06 12:10 - 1997-01-15 23:00 - 00279098 _____ C:\Windows\SysWOW64\VB5.OLB
2013-11-06 12:09 - 2013-11-06 12:09 - 00000000 ____D C:\Users\Lutz\Downloads\CuttingMaster2_Win_latest
2013-11-06 12:08 - 2013-11-06 12:09 - 72321351 _____ C:\Users\Lutz\Downloads\CuttingMaster2_Win_latest.zip
2013-11-06 07:25 - 2013-11-06 07:25 - 00013303 _____ C:\Users\Lutz\Downloads\Kontoumsaetze_703_786503300_20131106_072537.csv
2013-11-05 07:08 - 2013-11-05 07:08 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Apple Computer
2013-11-04 14:57 - 2013-11-04 14:57 - 00857746 _____ C:\Users\Lutz\Downloads\DvmHIPCam.exe
2013-11-04 10:33 - 2013-11-04 10:33 - 00000000 ____D C:\Users\Lutz\AppData\Local\Apple Computer
2013-11-04 10:31 - 2013-11-04 10:31 - 00001855 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-11-04 10:31 - 2013-11-04 10:31 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Users\Lutz\AppData\Local\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\ProgramData\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-11-04 10:29 - 2013-11-04 10:30 - 41404760 _____ (Apple Inc.) C:\Users\Lutz\Downloads\QuickTimeInstaller.exe
2013-11-04 10:17 - 2013-11-04 14:56 - 00000000 ____D C:\DvmHIPCam
2013-10-31 09:02 - 2013-11-13 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-29 11:38 - 2013-10-29 11:38 - 00002954 _____ C:\Windows\System32\Tasks\{E9D54111-3134-4267-8F10-65C8B737B2BA}
2013-10-29 11:38 - 2013-10-29 11:38 - 00002954 _____ C:\Windows\System32\Tasks\{227BCBC7-FD75-40A4-8368-AEBDFDA4BCE3}
2013-10-29 11:32 - 2013-10-29 11:34 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\WordToPDF
2013-10-29 11:31 - 2013-10-29 11:31 - 01594813 _____ (Mario Noack                                                 ) C:\Users\Lutz\Downloads\SetupWordToPDF_237_v2.9.exe
2013-10-29 10:51 - 2013-11-01 10:17 - 00000000 ____D C:\Users\Lutz\Documents\Pdf2Word
2013-10-29 10:49 - 2013-10-29 10:49 - 00001126 _____ C:\Users\Public\Desktop\PDF2Word Konverter (7-PDF).lnk
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Pdf2Word
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\OpenCandy
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Program Files (x86)\BCL Technologies
2013-10-17 13:22 - 2013-10-17 13:22 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 08:26 - 2013-10-17 08:26 - 00000000 ____D C:\Users\Lutz\AppData\Local\Avg2014
2013-10-17 07:15 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-17 07:15 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-17 07:15 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-17 07:15 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-17 07:15 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-17 07:15 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-17 07:15 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-17 07:15 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-17 07:15 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-17 07:15 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-17 07:15 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-17 07:15 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-17 07:15 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-17 07:15 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-17 07:15 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-17 07:15 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-17 07:15 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-17 07:15 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-17 07:15 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-17 07:15 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-17 07:14 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-17 07:14 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-17 07:14 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-17 07:14 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-17 07:14 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-17 07:14 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-17 07:14 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-17 07:14 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-17 07:14 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-17 07:14 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-17 07:14 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-17 07:14 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-17 07:14 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-17 07:14 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-17 07:14 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-17 07:14 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-17 07:14 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-17 07:14 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-17 07:04 - 2013-10-17 07:04 - 00269768 _____ C:\Windows\Minidump\101713-19032-01.dmp

==================== One Month Modified Files and Folders =======

2013-11-14 11:30 - 2013-11-14 10:50 - 00043550 _____ C:\Users\Lutz\Downloads\FRST.txt
2013-11-14 11:30 - 2011-07-22 13:44 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Skype
2013-11-14 11:11 - 2011-07-22 07:57 - 01117790 _____ C:\Windows\WindowsUpdate.log
2013-11-14 10:57 - 2012-01-18 09:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-14 10:57 - 2011-07-22 08:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-14 10:55 - 2013-11-14 10:52 - 00040012 _____ C:\Users\Lutz\Downloads\Addition.txt
2013-11-14 10:48 - 2013-11-14 10:48 - 00000000 ____D C:\FRST
2013-11-14 10:47 - 2013-11-14 10:47 - 01957794 _____ (Farbar) C:\Users\Lutz\Downloads\FRST64.exe
2013-11-14 10:46 - 2013-11-14 10:46 - 01090529 _____ (Farbar) C:\Users\Lutz\Downloads\FRST.exe
2013-11-14 10:33 - 2012-03-08 14:33 - 00000000 ____D C:\Program Files\Java
2013-11-14 10:14 - 2013-11-13 11:52 - 00000000 ____D C:\Program Files (x86)\Advanced System Protector
2013-11-14 09:58 - 2013-11-14 09:58 - 00001174 _____ C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-11-14 09:58 - 2013-11-14 09:58 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-11-14 09:58 - 2013-11-14 09:56 - 05831344 _____ (TeamViewer GmbH) C:\Users\Lutz\Downloads\TeamViewer_Setup_de.exe
2013-11-14 09:47 - 2011-07-22 08:25 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Dropbox
2013-11-14 09:33 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-14 09:33 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-14 09:31 - 2013-11-11 09:31 - 00001350 _____ C:\Windows\Tasks\SuperLyrics-16-updater.job
2013-11-14 09:31 - 2013-11-11 09:30 - 00001156 _____ C:\Windows\Tasks\SuperLyrics-16-enabler.job
2013-11-14 09:30 - 2013-11-11 09:30 - 00001970 _____ C:\Windows\Tasks\SuperLyrics-16-chromeinstaller.job
2013-11-14 09:30 - 2013-11-11 09:30 - 00001894 _____ C:\Windows\Tasks\SuperLyrics-16-firefoxinstaller.job
2013-11-14 09:30 - 2013-11-11 09:30 - 00001256 _____ C:\Windows\Tasks\SuperLyrics-16-codedownloader.job
2013-11-14 09:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-14 09:09 - 2013-11-13 11:53 - 00003120 _____ C:\Windows\System32\Tasks\Advanced System Protector_startup
2013-11-14 09:09 - 2013-11-11 10:52 - 00003116 _____ C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2013-11-14 09:08 - 2011-07-22 08:27 - 00000000 ___RD C:\Users\Lutz\Dropbox
2013-11-14 09:07 - 2011-07-22 08:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-14 09:05 - 2013-10-07 07:20 - 00025754 _____ C:\Windows\setupact.log
2013-11-14 09:05 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-14 08:59 - 2013-07-29 06:42 - 00000000 ____D C:\Windows\system32\MRT
2013-11-14 08:56 - 2011-02-10 21:56 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 08:47 - 2013-07-09 07:31 - 00000000 ____D C:\Users\Lutz\AppData\Local\MigsUpdater
2013-11-14 07:21 - 2013-11-14 07:21 - 00000000 ____D C:\Users\Lutz\Desktop\5
2013-11-14 07:17 - 2013-11-14 07:17 - 00000000 ____D C:\Users\Lutz\Desktop\4
2013-11-14 07:12 - 2013-10-08 06:15 - 00203336 _____ C:\Windows\PFRO.log
2013-11-13 22:14 - 2013-11-13 12:43 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.3
2013-11-13 22:14 - 2013-11-13 12:43 - 00000000 ____D C:\Program Files (x86)\JFileManager
2013-11-13 22:14 - 2013-11-13 11:51 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Systweak
2013-11-13 22:14 - 2013-11-13 11:51 - 00000000 ____D C:\Program Files (x86)\RegClean Pro
2013-11-13 22:14 - 2013-11-11 09:30 - 00000000 ____D C:\Program Files (x86)\SuperLyrics-16
2013-11-13 22:14 - 2012-08-22 13:22 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-11-13 22:14 - 2011-09-27 10:50 - 00000000 ____D C:\Windows\VMUVC
2013-11-13 22:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2013-11-13 15:01 - 2013-11-13 11:52 - 00000274 _____ C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-11-13 14:58 - 2013-05-14 14:02 - 00000000 ____D C:\Users\Lutz\Desktop\Rechnungen
2013-11-13 14:20 - 2011-02-10 20:25 - 00763004 _____ C:\Windows\system32\perfh007.dat
2013-11-13 14:20 - 2011-02-10 20:25 - 00173870 _____ C:\Windows\system32\perfc007.dat
2013-11-13 14:20 - 2009-07-14 06:13 - 01801050 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-13 14:15 - 2013-11-13 14:15 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Avira
2013-11-13 14:12 - 2013-11-13 14:12 - 00002080 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-11-13 14:11 - 2013-11-13 14:11 - 00000000 ____D C:\Program Files (x86)\Avira
2013-11-13 14:11 - 2013-07-05 07:35 - 00000000 ____D C:\ProgramData\Avira
2013-11-13 13:54 - 2013-11-13 13:52 - 126764512 _____ C:\Users\Lutz\Downloads\avira_free_antivirus_de.exe
2013-11-13 13:37 - 2013-11-13 11:53 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-11-13 13:37 - 2011-07-22 08:03 - 00000000 ___RD C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-13 13:31 - 2013-11-13 13:31 - 00000000 ____D C:\ProgramData\Systweak
2013-11-13 13:30 - 2013-11-13 11:52 - 00000282 _____ C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-11-13 13:30 - 2011-07-22 08:03 - 00000000 ____D C:\Users\Lutz
2013-11-13 13:29 - 2013-11-13 13:29 - 00269768 _____ C:\Windows\Minidump\111313-26925-01.dmp
2013-11-13 13:29 - 2013-10-14 06:50 - 260611534 _____ C:\Windows\MEMORY.DMP
2013-11-13 13:29 - 2011-07-25 13:40 - 00000000 ____D C:\Windows\Minidump
2013-11-13 12:21 - 2013-11-13 12:21 - 00000000 ____D C:\Users\Lutz\SyncFolder
2013-11-13 12:14 - 2009-07-14 03:34 - 99614720 _____ C:\Windows\system32\config\software.bak
2013-11-13 12:14 - 2009-07-14 03:34 - 65011712 _____ C:\Windows\system32\config\system.bak
2013-11-13 12:14 - 2009-07-14 03:34 - 00024576 _____ C:\Windows\system32\config\security.bak
2013-11-13 12:09 - 2009-07-14 03:34 - 00028672 _____ C:\Windows\system32\config\sam.bak
2013-11-13 12:07 - 2013-11-13 12:07 - 00000000 ____D C:\Windows\system32\config\RCCBakup
2013-11-13 12:06 - 2013-11-13 07:32 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\TweakNow RegCleaner
2013-11-13 12:06 - 2013-11-13 07:32 - 00000000 ____D C:\Program Files (x86)\TweakNow RegCleaner
2013-11-13 11:52 - 2013-11-13 11:52 - 00003020 _____ C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2013-11-13 11:52 - 2013-11-13 11:52 - 00002864 _____ C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2013-11-13 11:52 - 2013-11-13 11:52 - 00001239 _____ C:\Users\Public\Desktop\Advanced System Protector.lnk
2013-11-13 11:51 - 2013-11-13 11:51 - 00001064 _____ C:\Users\Public\Desktop\RegClean Pro.lnk
2013-11-13 11:50 - 2013-11-13 11:50 - 00001161 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-11-13 11:50 - 2013-11-13 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-13 11:50 - 2013-10-31 09:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-13 11:43 - 2013-11-13 11:43 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0(1).exe
2013-11-13 08:07 - 2011-07-22 09:44 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Mozilla
2013-11-13 07:49 - 2013-11-07 15:25 - 00000866 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2013-11-13 07:48 - 2011-07-22 08:00 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-13 07:47 - 2013-11-13 07:46 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0 (2).exe
2013-11-13 07:46 - 2013-11-13 07:46 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0 (1).exe
2013-11-13 07:45 - 2013-11-13 07:45 - 23123208 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox_Setup_25.0.exe
2013-11-13 07:31 - 2013-11-13 07:31 - 07217632 _____ (TweakNow.com                                                ) C:\Users\Lutz\Downloads\RegCleaner730.exe
2013-11-12 16:43 - 2013-11-11 10:51 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Nico Mak Computing
2013-11-12 16:43 - 2013-11-11 10:51 - 00000000 ____D C:\Program Files (x86)\WinZip Malware Protector
2013-11-12 16:43 - 2013-11-11 09:30 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-11-12 16:43 - 2013-11-11 09:30 - 00000000 ____D C:\Program Files (x86)\DealPly
2013-11-12 16:43 - 2011-07-22 09:37 - 00000000 ____D C:\ProgramData\FLEXnet
2013-11-12 16:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2013-11-12 16:42 - 2013-11-11 09:30 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\DealPly
2013-11-12 15:41 - 2013-01-02 12:17 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Aquamarin Haushaltsbuch
2013-11-12 14:10 - 2013-11-12 14:10 - 00000000 ____D C:\Users\Lutz\Desktop\2
2013-11-12 12:50 - 2013-11-12 12:50 - 00001349 _____ C:\Users\Lutz\Desktop\November 2013 - Verknüpfung.lnk
2013-11-12 10:13 - 2013-11-12 10:13 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (3).exe
2013-11-12 10:13 - 2013-11-12 10:12 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (2).exe
2013-11-12 10:12 - 2013-11-12 10:12 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0 (1).exe
2013-11-12 10:09 - 2012-10-17 12:04 - 00000000 ____D C:\Program Files (x86)\PC Tools Registry Mechanic
2013-11-12 10:04 - 2013-11-12 10:04 - 00001639 _____ C:\Users\Lutz\Desktop\Kopie Kasse1 Blatt 5 - Verknüpfung.lnk
2013-11-12 10:04 - 2013-11-12 10:04 - 00001639 _____ C:\Users\Lutz\Desktop\Kopie Kasse1 Blatt 4 - Verknüpfung.lnk
2013-11-12 10:04 - 2013-11-12 10:04 - 00001614 _____ C:\Users\Lutz\Desktop\Kopie von Blatt 3 - Verknüpfung.lnk
2013-11-12 09:22 - 2013-11-12 09:22 - 00915368 _____ (Oracle Corporation) C:\Users\Lutz\Downloads\jxpiinstall(1).exe
2013-11-12 08:48 - 2012-01-18 09:36 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-11-12 08:48 - 2012-01-18 09:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-11-12 08:48 - 2011-07-22 09:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-11-12 08:48 - 2011-07-22 08:08 - 00000000 ____D C:\Users\Lutz\AppData\Local\Adobe
2013-11-12 08:43 - 2013-11-12 08:43 - 00283104 _____ (Mozilla) C:\Users\Lutz\Downloads\Firefox Setup Stub 25.0.exe
2013-11-12 07:59 - 2013-11-12 07:59 - 00000000 ____D C:\ProgramData\Nico Mak Computing
2013-11-12 07:57 - 2013-11-12 07:56 - 00273224 _____ C:\Windows\Minidump\111213-21013-01.dmp
2013-11-11 10:51 - 2013-11-11 10:51 - 04892480 _____ (WinZip International LLC                                    ) C:\Users\Lutz\Downloads\wzmp_8.exe
2013-11-11 10:51 - 2013-11-11 10:51 - 00001227 _____ C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2013-11-11 10:26 - 2013-11-11 10:26 - 00269768 _____ C:\Windows\Minidump\111113-24616-01.dmp
2013-11-11 09:47 - 2013-11-11 09:47 - 00000977 _____ C:\Users\Lutz\Desktop\Kopfbogen neu - Verknüpfung.lnk
2013-11-11 09:31 - 2013-11-11 09:31 - 00004380 _____ C:\Windows\System32\Tasks\SuperLyrics-16-updater
2013-11-11 09:31 - 2013-11-11 09:30 - 00004186 _____ C:\Windows\System32\Tasks\SuperLyrics-16-enabler
2013-11-11 09:30 - 2013-11-11 09:30 - 00004286 _____ C:\Windows\System32\Tasks\SuperLyrics-16-codedownloader
2013-11-11 09:30 - 2013-11-11 09:30 - 00003506 _____ C:\Windows\System32\Tasks\DealPly
2013-11-11 09:30 - 2013-11-11 09:30 - 00003364 _____ C:\Windows\System32\Tasks\DealPlyUpdate
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 ____D C:\Users\Lutz\AppData\Local\SearchProtect
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2013-11-11 09:28 - 2013-11-11 09:28 - 00000000 _____ C:\END
2013-11-11 09:28 - 2013-11-11 09:27 - 00555728 _____ C:\Users\Lutz\Downloads\Java7.exe
2013-11-11 09:24 - 2011-08-26 07:44 - 00002984 _____ C:\Windows\System32\Tasks\{077FCDA6-0958-4AA2-AE01-9A9553B99B75}
2013-11-08 11:16 - 2013-11-08 11:16 - 00000156 _____ C:\Users\Lutz\Downloads\Kontoumsaetze_703_786503300_20131108_111622.csv
2013-11-07 15:25 - 2013-11-07 15:25 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Iminent
2013-11-07 15:24 - 2013-11-07 15:24 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\SpeedTestAnalysis
2013-11-07 15:24 - 2013-11-07 15:23 - 17533552 _____ (Microsoft Corporation) C:\Users\Lutz\Desktop\visioviewer_14.0.4750.1000.exe
2013-11-07 15:24 - 2011-08-03 11:42 - 00000000 ____D C:\Program Files (x86)\MSECache
2013-11-07 15:23 - 2013-11-07 15:22 - 01628904 _____ (Bandoo Media Inc) C:\Users\Lutz\Downloads\iLividSetup-r887-n-bf.exe
2013-11-07 15:22 - 2013-11-07 15:22 - 00400736 _____ (Softonic                                        ) C:\Users\Lutz\Downloads\SoftonicDownloader_fuer_visio-viewer-2010.exe
2013-11-07 13:35 - 2013-08-13 06:33 - 00000000 ____D C:\Users\Lutz\Documents\Bowling
2013-11-06 14:51 - 2013-11-06 14:51 - 00000000 ____D C:\Users\Lutz\AppData\Local\{F4E22B80-6DEE-493A-98EC-688CD0688D2A}
2013-11-06 12:12 - 2013-11-06 12:10 - 00000000 ____D C:\Program Files (x86)\Cutting Master 2 1.93
2013-11-06 12:10 - 2011-03-14 23:29 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-06 12:09 - 2013-11-06 12:09 - 00000000 ____D C:\Users\Lutz\Downloads\CuttingMaster2_Win_latest
2013-11-06 12:09 - 2013-11-06 12:08 - 72321351 _____ C:\Users\Lutz\Downloads\CuttingMaster2_Win_latest.zip
2013-11-06 07:25 - 2013-11-06 07:25 - 00013303 _____ C:\Users\Lutz\Downloads\Kontoumsaetze_703_786503300_20131106_072537.csv
2013-11-05 07:08 - 2013-11-05 07:08 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Apple Computer
2013-11-04 14:57 - 2013-11-04 14:57 - 00857746 _____ C:\Users\Lutz\Downloads\DvmHIPCam.exe
2013-11-04 14:56 - 2013-11-04 10:17 - 00000000 ____D C:\DvmHIPCam
2013-11-04 10:33 - 2013-11-04 10:33 - 00000000 ____D C:\Users\Lutz\AppData\Local\Apple Computer
2013-11-04 10:32 - 2011-07-22 09:30 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-11-04 10:31 - 2013-11-04 10:31 - 00001855 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2013-11-04 10:31 - 2013-11-04 10:31 - 00000000 ____D C:\ProgramData\Apple Computer
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Users\Lutz\AppData\Local\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\ProgramData\Apple
2013-11-04 10:30 - 2013-11-04 10:30 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-11-04 10:30 - 2013-11-04 10:29 - 41404760 _____ (Apple Inc.) C:\Users\Lutz\Downloads\QuickTimeInstaller.exe
2013-11-01 10:17 - 2013-10-29 10:51 - 00000000 ____D C:\Users\Lutz\Documents\Pdf2Word
2013-11-01 07:22 - 2011-07-22 13:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-01 07:22 - 2011-07-22 13:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-31 19:25 - 2013-11-13 14:12 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-31 19:25 - 2013-11-13 14:11 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-31 19:25 - 2013-11-13 14:11 - 00106904 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-31 19:25 - 2013-11-13 14:11 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-31 08:12 - 2012-02-08 10:12 - 00000000 ____D C:\Program Files (x86)\Ask.com
2013-10-29 11:38 - 2013-10-29 11:38 - 00002954 _____ C:\Windows\System32\Tasks\{E9D54111-3134-4267-8F10-65C8B737B2BA}
2013-10-29 11:38 - 2013-10-29 11:38 - 00002954 _____ C:\Windows\System32\Tasks\{227BCBC7-FD75-40A4-8368-AEBDFDA4BCE3}
2013-10-29 11:34 - 2013-10-29 11:32 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\WordToPDF
2013-10-29 11:31 - 2013-10-29 11:31 - 01594813 _____ (Mario Noack                                                 ) C:\Users\Lutz\Downloads\SetupWordToPDF_237_v2.9.exe
2013-10-29 10:49 - 2013-10-29 10:49 - 00001126 _____ C:\Users\Public\Desktop\PDF2Word Konverter (7-PDF).lnk
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\Pdf2Word
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Users\Lutz\AppData\Roaming\OpenCandy
2013-10-29 10:49 - 2013-10-29 10:49 - 00000000 ____D C:\Program Files (x86)\BCL Technologies
2013-10-29 10:49 - 2011-08-09 14:25 - 00000000 ____D C:\Program Files (x86)\7-PDF
2013-10-21 12:58 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-21 06:20 - 2013-10-08 06:15 - 02514776 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-17 16:50 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-17 14:48 - 2012-01-17 09:10 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-17 14:48 - 2012-01-17 09:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-17 14:48 - 2011-08-17 08:10 - 01778008 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-17 13:22 - 2013-10-17 13:22 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-10-17 13:22 - 2012-08-22 13:22 - 00001941 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-10-17 08:26 - 2013-10-17 08:26 - 00000000 ____D C:\Users\Lutz\AppData\Local\Avg2014
2013-10-17 08:15 - 2013-10-02 06:28 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2013-10-17 07:04 - 2013-10-17 07:04 - 00269768 _____ C:\Windows\Minidump\101713-19032-01.dmp

Some content of TEMP:
====================
C:\Users\Lutz\AppData\Local\Temp\avgnt.exe
C:\Users\Lutz\AppData\Local\Temp\BackupSetup.exe
C:\Users\Lutz\AppData\Local\Temp\IminentSetup-1-.exe
C:\Users\Lutz\AppData\Local\Temp\install_helper.exe
C:\Users\Lutz\AppData\Local\Temp\SpeedTestSetup.exe
C:\Users\Lutz\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {current}
resumeobject            {b0236af3-b437-11e0-b3a2-ef1988222f3f}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {b0236af5-b437-11e0-b3a2-ef1988222f3f}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {b0236af3-b437-11e0-b3a2-ef1988222f3f}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {b0236af5-b437-11e0-b3a2-ef1988222f3f}
device                  ramdisk=[C:]\Recovery\b0236af5-b437-11e0-b3a2-ef1988222f3f\Winre.wim,{b0236af6-b437-11e0-b3a2-ef1988222f3f}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\b0236af5-b437-11e0-b3a2-ef1988222f3f\Winre.wim,{b0236af6-b437-11e0-b3a2-ef1988222f3f}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {b0236af3-b437-11e0-b3a2-ef1988222f3f}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {b0236af6-b437-11e0-b3a2-ef1988222f3f}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\b0236af5-b437-11e0-b3a2-ef1988222f3f\boot.sdi



LastRegBack: 2013-11-11 08:25

==================== End Of Log ============================
         
--- --- ---

Alt 14.11.2013, 12:00   #2
kleind
 
Advanced System Protector, my Backup & Regcleaner Pro - Standard

Advanced System Protector, my Backup & Regcleaner Pro



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2013
Ran by Lutz at 2013-11-14 11:31:19
Running from C:\Users\Lutz\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4)
64 Bit HP CIO Components Installer (Version: 7.2.9)
7-PDF Maker Version 1.2.0 (Build 119) (x32 Version: 7-PDF Maker - Version 1.2.0 (Build 119))
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acronis True Image Home (x32 Version: 13.0.6053)
Adobe Acrobat 9 Pro - English, Français, Deutsch (x32 Version: 9.4.0)
Adobe Acrobat 9.4.0 - CPSID_83708 (x32)
Adobe AIR (x32 Version: 3.9.0.1030)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe BridgeTalk Plugin CS3 (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0.1)
Adobe Color EU Recommended Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Extra Settings (x32 Version: 1.0)
Adobe Creative Suite 3 Design Premium (x32 Version: 1.0)
Adobe Creative Suite 3 Design Premium hinzufügen oder entfernen (x32 Version: 1.0)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe Dreamweaver CS3 (x32 Version: 9)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0.2)
Adobe Extension Manager CS3 (x32 Version: 1.8)
Adobe Flash CS3 (x32 Version: 9.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Flash Video Encoder (x32 Version: 2.0)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Illustrator CS3 (x32 Version: 13.0)
Adobe InDesign CS3 (x32 Version: 5.0)
Adobe InDesign CS3 Icon Handler (x32 Version: 5.0)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe MotionPicture Color Files (x32 Version: 1.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop 7.0 (x32 Version: 7.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Reader XI - Deutsch (x32 Version: 11.0.00)
Adobe Setup (x32 Version: 1.0)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Adobe SING CS3 (x32 Version: 0.1)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe Version Cue CS3 Server {ko_KR}  (x32 Version: 3.0.0.0 {ko_KR} )
Adobe WAS CS3 (x32 Version: 1.0)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
Advanced System Protector (x32 Version: 2.1.1000.12150)
AHV content for Acrobat and Flash (x32 Version: 1)
AMD APP SDK Runtime (Version: 2.4.595.10)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
Aquamarin Haushaltsbuch 2.9.2 b (x32)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.10.1.0)
ATI Catalyst Install Manager (Version: 3.0.825.0)
AutoCAD P&ID 2011 (Version: 5.0.37.00)
AutoCAD P&ID 2011 (x32 Version: 5.0.37.00)
AutoCAD P&ID 2011 Language Pack - English (Version: 5.0.37.00)
Autodesk Material Library 2011 (x32 Version: 2.0.0.49)
Autodesk Material Library 2011 Base Image library (x32 Version: 2.0.0.49)
Avira Free Antivirus (x32 Version: 14.0.1.719)
BCL easyConverter 3.0 Licensing Module (BCL License) (x32 Version: 3.0.18)
BCL easyConverter 3.0 Loader SDK Module (x32 Version: 3.0.18)
BCL easyConverter 3.0 Module (Loader, BCL License) (x32 Version: 3.0.18)
BCL easyConverter 3.0 Module (RTF, BCL License) (x32 Version: 3.0.18)
BCL easyConverter 3.0 RTF SDK Module (x32 Version: 3.0.18)
BCL easyConverter 3.0 SDK Module (x32 Version: 3.0.18)
Bejeweled 2 Deluxe 1.1.3.2523 (x32 Version: 1.1.3.2523)
Catalyst Control Center (x32 Version: 2011.0419.2218.38209)
Catalyst Control Center InstallProxy (x32 Version: 2011.0419.2218.38209)
Catalyst Control Center Localization All (x32 Version: 2011.0419.2218.38209)
CCC Help Danish (x32 Version: 2011.0419.2217.38209)
CCC Help Dutch (x32 Version: 2011.0419.2217.38209)
CCC Help English (x32 Version: 2011.0419.2217.38209)
CCC Help Finnish (x32 Version: 2011.0419.2217.38209)
CCC Help French (x32 Version: 2011.0419.2217.38209)
CCC Help German (x32 Version: 2011.0419.2217.38209)
CCC Help Italian (x32 Version: 2011.0419.2217.38209)
CCC Help Japanese (x32 Version: 2011.0419.2217.38209)
CCC Help Norwegian (x32 Version: 2011.0419.2217.38209)
CCC Help Spanish (x32 Version: 2011.0419.2217.38209)
CCC Help Swedish (x32 Version: 2011.0419.2217.38209)
ccc-utility64 (Version: 2011.0419.2218.38209)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
Conduit Engine (x32 Version: 6.3.30.0)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
CorelDRAW Graphics Suite 12 (x32 Version: 12.0.0.458)
Cutting Master 2 1.93 (x32 Version: 1.93)
CyberLink Power2Go (x32 Version: 6.1.3802)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.41.3.0173)
DealPly (remove only) (x32 Version: 4.8.6.3)
Dropbox (HKCU Version: 2.0.22)
FARO LS 1.1.406.58 (x32 Version: 4.6.58.2)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Free Opener (Version: 1.0)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Game Alarm (HKCU)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.165)
Haushaltsbuch 5.0 (x32 Version: 5.0)
HP Designjet T7100-Druckerserie (x32)
HP ICC Profiles_x64 (Version: 2.0.0)
HP Webregistrierung (x32 Version: 1.2.0.0)
IIS 7.5 Express (x32 Version: 7.5.1046)
iLivid (x32 Version: 4.0.0.3276)
IncrediMail (x32 Version: 6.2.9.5181)
IncrediMail 2.0 (x32 Version: 6.2.9.5181)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.0.1008)
J2SE Runtime Environment 5.0 Update 7 (x32 Version: 1.5.0.70)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 31 (64-bit) (Version: 6.0.310)
Java(TM) 6 Update 39 (x32 Version: 6.0.390)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
K-Lite Codec Pack 7.0.0 (Standard) (x32 Version: 7.0.0)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2)
Lansweeper 4.1 (x32 Version: 4.1)
McAfee Security Scan Plus (Version: 3.8.130.8)
McAfee SiteAdvisor (x32 Version: 3.6.187)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 (x32)
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.3.5500.0)
Microsoft SQL Server 2008 Setup Support Files  (x32 Version: 10.3.5500.0)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0)
Microsoft Visio Viewer 2010 (x32 Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303)
Migration System Updater RBP (x32 Version: 1.2.0.0)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 25.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero 7 Ultra Edition (x32 Version: 7.02.2760)
Olivetti Product Library (Version: 3.0.0219)
OpenOffice.org 3.3 (x32 Version: 3.3.9567)
PDF Settings (x32 Version: 1.0)
PDF24 Creator 5.2.0 (x32)
PDF2Word Converter Version 1.0.9 (Build 174, 7-PDF) (x32 Version: PDF2Word Converter - Version 1.0.9 (Build 174))
PlayReady PC Runtime amd64 (Version: 1.3.0)
Plus500 (x32)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
QuickTime (x32 Version: 7.74.80.86)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6285)
RegClean Pro (x32 Version: 6.21)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.1)
ReNo Freeware 2007 Add-In (x32 Version: 2.2.0.0)
Service Pack 3 für SQL Server 2008 (KB2546951) (x32 Version: 10.3.5500.0)
Ski Challenge 13 (DE) (HKCU)
Skype Click to Call (x32 Version: 5.10.9560)
Skype™ 6.9 (x32 Version: 6.9.106)
Spelling Dictionaries Support For Adobe Reader X (x32 Version: 10.0.0)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0)
SuperLyrics-16 (x32 Version: 1.30.153.0)
Sweex WC060 Series Driver (x32 Version: 1.01.0000)
swMSM (x32 Version: 12.0.0.1)
TeamViewer 8 (x32 Version: 8.0.22298)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.142)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.110)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4600.4)
TV 4.0 (x32 Version: 4.0)
Tv-Plug-In (x32 Version: 1.1.1.3)
TypeC3000 TWAIN Driver Ver.4 (x32 Version: 4.19.02)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3)
Updater Service (x32 Version: 15,9,28,27)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2)
Versandhelfer (x32 Version: 1.2.5)
ViewCompanion Pro v 6.20 (x32 Version: 6.20.0.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3508.1109)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinZip Malware Protector (x32 Version: 2.1.1000.10798)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922)

==================== Restore Points  =========================

11-11-2013 09:22:13 Removed Sentinel System Driver Installer 7.4.0
11-11-2013 10:31:12 Windows Update
12-11-2013 06:28:59 Windows Update
12-11-2013 06:31:21 Wiederherstellungsvorgang
12-11-2013 07:08:16 Windows Update
12-11-2013 09:10:23 Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις wird entfernt
12-11-2013 14:43:39 Windows Update
13-11-2013 11:01:46 RegClean Pro Mi, Nov 13, 13  12:01
13-11-2013 11:07:26 RegClean Pro Mi, Nov 13, 13  12:07
13-11-2013 11:43:45 Uniblue SpeedUpMyPC installation
14-11-2013 07:55:44 Windows Update
14-11-2013 09:30:26 Removed Java 7 Update 21 (64-bit)

==================== Hosts content: ==========================

2009-07-14 03:34 - 2010-10-19 17:39 - 00002768 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 serial.alcohol-soft.com  # Alcohol Brennsoftware
127.0.0.1 alcohol-soft.com
127.0.0.1 images.alcohol-soft.com
127.0.0.1 mermaidconsulting.dk 
127.0.0.1 im.adtech.de             # ICQ Banner Remover
127.0.0.1 adserver.adtech.de
127.0.0.1 adtech.de
127.0.0.1 atwola.com
127.0.0.1 adserver.71i.de
127.0.0.1 adicqserver.71i.de
127.0.0.1 71i.de
127.0.0.1 activate.adobe.com       # Adobe Acrobat Pro 9
127.0.0.1 practivate.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 Registration
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 activate.adobe.com:443
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 Registration
127.0.0.1 activate.adobe.com

There are 32 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {037ED430-1532-4225-9670-5DB76387227B} - System32\Tasks\{C7CB2AB3-DDA2-4075-A230-AA0AE55576A5} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-10-02] (Skype Technologies S.A.)
Task: {1AB0F6D5-4F8A-46EE-834E-32830735E133} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-12] (Adobe Systems Incorporated)
Task: {20ABD716-671E-4DE8-91A3-6671D9FDBC99} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {2286AA01-C23E-41BE-8A0B-A19AC20BA863} - System32\Tasks\{E9D54111-3134-4267-8F10-65C8B737B2BA} => C:\Program Files (x86)\WordToPDF\WordToPDF.exe
Task: {2B7516B3-B59C-433D-81BC-97BBD3B0C209} - System32\Tasks\SuperLyrics-16-firefoxinstaller => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-firefoxinstaller.exe [2013-11-11] (10superSoftabcd)
Task: {2E263742-2797-4BB7-B91D-11A3DD601931} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc)
Task: {46951A5A-EA96-4904-B2C1-10BAED82B92C} - System32\Tasks\SuperLyrics-16-enabler => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-enabler.exe [2013-11-11] (10superSoftabcd)
Task: {4C3F7B90-949B-4EF0-9CA5-F1EB4D213A19} - System32\Tasks\{227BCBC7-FD75-40A4-8368-AEBDFDA4BCE3} => C:\Program Files (x86)\WordToPDF\WordToPDF.exe
Task: {4E37AABF-2DF5-4CDC-89CE-CC087810E68B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-22] (Google Inc.)
Task: {51B8E45F-347A-413C-A66D-A4CDD0497A42} - System32\Tasks\SuperLyrics-16-updater => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-updater.exe [2013-11-11] (10superSoftabcd)
Task: {581A69E4-6232-4C22-90DC-A0D9920F11AF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20] (Adobe Systems Incorporated)
Task: {5B591E15-FC23-4DF2-8F1C-974847FC115E} - System32\Tasks\SuperLyrics-16-chromeinstaller => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-chromeinstaller.exe [2013-11-11] (10superSoftabcd)
Task: {6277B6AF-20B6-45E0-B9B5-2C2DF81FC5FE} - System32\Tasks\{077FCDA6-0958-4AA2-AE01-9A9553B99B75} => C:\Program Files (x86)\Microsoft Office\OFFICE11\POWERPNT.EXE [2011-04-20] (Microsoft Corporation)
Task: {735D2071-5B44-4C6C-A78B-BF6B5595FFAC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {75FF1F2E-483F-43D3-9529-152F50EFA95F} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {890C1CA9-578F-4BEE-A5CA-26DE9CBE1AFB} - System32\Tasks\SuperLyrics-16-codedownloader => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-codedownloader.exe [2013-11-11] (10superSoftabcd)
Task: {9CBF2C23-7836-4C50-B08B-95AC5FCC4284} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-22] (Google Inc.)
Task: {AC538755-BF70-4B44-8AB1-A2CB0C56D250} - System32\Tasks\MigrationUpdateTask => C:\Users\Lutz\AppData\Local\MigsUpdater\mupdater.exe [2013-05-05] ()
Task: {AD57DC33-19FA-4464-9B55-F1723601C87E} - System32\Tasks\DealPlyUpdate => C:\Program
Task: {B0677717-3E10-4418-99EA-16D186F0A4F0} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2013-10-04] (Systweak)
Task: {B1906013-36D4-4222-A3E5-8F42BC0A5806} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2013-08-22] (Systweak Inc)
Task: {B277CE0C-C4B4-46FD-BF1B-D0849EA645A2} - System32\Tasks\DealPly => C:\Users\Lutz\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe
Task: {BC3EEB3C-A4C4-4E42-AB05-0A286958CB15} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-09-09] (TuneUp Software)
Task: {F3EF51DB-0B58-4A03-814C-8E7F65B6631A} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: C:\Windows\Tasks\SuperLyrics-16-chromeinstaller.job => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-chromeinstaller.exe
Task: C:\Windows\Tasks\SuperLyrics-16-codedownloader.job => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-codedownloader.exe
Task: C:\Windows\Tasks\SuperLyrics-16-enabler.job => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-enabler.exe
Task: C:\Windows\Tasks\SuperLyrics-16-firefoxinstaller.job => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-firefoxinstaller.exe
Task: C:\Windows\Tasks\SuperLyrics-16-updater.job => C:\Program Files (x86)\SuperLyrics-16\SuperLyrics-16-updater.exe

==================== Loaded Modules (whitelisted) =============

2009-07-14 00:57 - 2009-07-14 02:40 - 00069120 _____ () C:\Windows\system32\BWContextHandler.dll
2011-04-19 21:16 - 2011-04-19 21:16 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-13 14:12 - 2013-10-31 19:25 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-11-13 11:52 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2013-11-13 11:52 - 2013-10-04 18:20 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2013-11-13 11:52 - 2012-07-25 12:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2013-11-11 10:51 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2013-11-11 10:51 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2013-11-11 10:51 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL
2012-03-28 09:04 - 2012-03-28 09:04 - 00032136 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
2012-03-28 09:04 - 2012-03-28 09:04 - 00071112 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
2012-03-28 09:04 - 2012-03-28 09:04 - 00267720 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
2012-03-11 17:18 - 2012-03-11 17:18 - 00107896 _____ () C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
2012-03-28 09:04 - 2012-03-28 09:04 - 00132552 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Lutz\AppData\Roaming\Dropbox\bin\libcef.dll
2012-03-28 09:04 - 2012-03-28 09:04 - 00079304 _____ () C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
2013-08-15 09:41 - 2013-08-15 09:41 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\dce3b0d46d4a215ab42bbc57ce3cd2a7\IsdiInterop.ni.dll
2011-05-25 20:01 - 2010-11-06 07:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-13 11:50 - 2013-10-26 02:53 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-07-23 08:21 - 2009-12-21 22:56 - 08683520 _____ () c:\program files (x86)\adobe\acrobat 9.0\acrobat\exlang32.deu
2013-07-23 08:21 - 2009-02-27 15:40 - 01712128 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\plug_ins\Annots.DEU
2013-07-23 08:21 - 2009-02-27 11:52 - 00258048 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\sqlite.dll
2013-07-23 08:21 - 2009-10-03 01:48 - 00106496 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\plug_ins\EScript.DEU
2013-07-23 08:21 - 2009-10-03 01:45 - 00012288 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\plug_ins\Updater.DEU
2013-07-23 08:21 - 2009-01-18 14:50 - 00417792 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\AdobeXMP.dll
2013-10-09 09:57 - 2013-11-12 08:48 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2013 10:27:00 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (11/14/2013 10:25:47 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (11/14/2013 10:25:47 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (11/14/2013 10:25:46 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (11/14/2013 10:25:45 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (11/14/2013 10:25:29 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (11/14/2013 10:25:29 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (11/14/2013 10:25:29 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (11/14/2013 10:25:28 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox

Error: (11/14/2013 10:25:25 AM) (Source: MsiInstaller) (User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox


System errors:
=============
Error: (11/14/2013 11:11:27 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (11/14/2013 10:03:10 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (11/14/2013 09:21:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/14/2013 09:08:08 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (11/14/2013 09:05:34 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Par1284" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/14/2013 09:05:34 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Program Files (x86)\Cutting Master 2 1.93\Program\Par128 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/14/2013 09:05:36 AM) (Source: SNMP) (User: )
Description: Beim Zugreifen auf den Registrierungsschlüssel SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration ist ein Fehler aufgetreten.

Error: (11/14/2013 08:55:27 AM) (Source: DCOM) (User: )
Description: {F2F6A7B0-0E74-49BF-ABDF-8A0778554472}

Error: (11/14/2013 08:55:15 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/14/2013 08:07:55 AM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


Microsoft Office Sessions:
=========================
Error: (11/14/2013 10:27:00 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 10:25:47 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 10:25:47 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 10:25:46 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 10:25:45 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 10:25:29 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 10:25:29 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 10:25:29 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 10:25:28 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (11/14/2013 10:25:25 AM) (Source: MsiInstaller)(User: Lutz-PC)
Description: Produkt: Avira SearchFree Toolbar -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren: 

Mozilla Firefox(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2013-11-14 09:05:34.707
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-14 09:05:34.660
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-14 07:15:37.884
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-14 07:15:37.734
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-13 14:02:25.405
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-13 14:02:25.345
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-13 13:32:00.497
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-13 13:32:00.419
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-13 12:36:59.611
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-13 12:36:59.121
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Cutting Master 2 1.93\Program\Par1284.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 59%
Total physical RAM: 4077.64 MB
Available physical RAM: 1659.93 MB
Total Pagefile: 8153.46 MB
Available Pagefile: 4492.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:890.41 GB) (Free:356.36 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:10.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=890 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
         
--- --- ---
__________________


Alt 14.11.2013, 12:45   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Advanced System Protector, my Backup & Regcleaner Pro - Standard

Advanced System Protector, my Backup & Regcleaner Pro



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
__________________

Alt 14.11.2013, 14:08   #4
kleind
 
Advanced System Protector, my Backup & Regcleaner Pro - Standard

Advanced System Protector, my Backup & Regcleaner Pro



Danke für die schnelle Antwort!
Es gab keinerlei Probleme beim durchlauf...hier die log-datei

Combofix Logfile:
Code:
ATTFilter
ComboFix 13-11-12.01 - Lutz 14.11.2013  13:45:27.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4078.2051 [GMT 1:00]
ausgeführt von:: c:\users\Lutz\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\1
c:\program files (x86)\1\AntiVir Desktop\about.htm
c:\program files (x86)\1\AntiVir Desktop\aebb.dll
c:\program files (x86)\1\AntiVir Desktop\aecore.dll
c:\program files (x86)\1\AntiVir Desktop\aeemu.dll
c:\program files (x86)\1\AntiVir Desktop\aeexp.dll
c:\program files (x86)\1\AntiVir Desktop\aegen.dll
c:\program files (x86)\1\AntiVir Desktop\aehelp.dll
c:\program files (x86)\1\AntiVir Desktop\aeheur.dll
c:\program files (x86)\1\AntiVir Desktop\aeheur.dll.tmp
c:\program files (x86)\1\AntiVir Desktop\aelidb.dat
c:\program files (x86)\1\AntiVir Desktop\aeoffice.dll
c:\program files (x86)\1\AntiVir Desktop\aepack.dll
c:\program files (x86)\1\AntiVir Desktop\aerdl.dll
c:\program files (x86)\1\AntiVir Desktop\aesbx.dll
c:\program files (x86)\1\AntiVir Desktop\aescn.dll
c:\program files (x86)\1\AntiVir Desktop\aescript.dll
c:\program files (x86)\1\AntiVir Desktop\aescript.dll.tmp
c:\program files (x86)\1\AntiVir Desktop\aeset.dat
c:\program files (x86)\1\AntiVir Desktop\aevdf.dat
c:\program files (x86)\1\AntiVir Desktop\aevdf.dll
c:\program files (x86)\1\AntiVir Desktop\alertcat.htm
c:\program files (x86)\1\AntiVir Desktop\alerttyp.htm
c:\program files (x86)\1\AntiVir Desktop\alertvir.htm
c:\program files (x86)\1\AntiVir Desktop\alldiscs.avp
c:\program files (x86)\1\AntiVir Desktop\alldrives.avp
c:\program files (x86)\1\AntiVir Desktop\antivir.oem
c:\program files (x86)\1\AntiVir Desktop\antivir0.rdf
c:\program files (x86)\1\AntiVir Desktop\apnic.dll
c:\program files (x86)\1\AntiVir Desktop\apnstub.exe
c:\program files (x86)\1\AntiVir Desktop\apntoolbarinstaller.exe
c:\program files (x86)\1\AntiVir Desktop\avacl.dll
c:\program files (x86)\1\AntiVir Desktop\avadmin.exe
c:\program files (x86)\1\AntiVir Desktop\avarkt.dll
c:\program files (x86)\1\AntiVir Desktop\avbb.dll
c:\program files (x86)\1\AntiVir Desktop\avcenter.exe
c:\program files (x86)\1\AntiVir Desktop\avconfig.cpl
c:\program files (x86)\1\AntiVir Desktop\avconfig.dll
c:\program files (x86)\1\AntiVir Desktop\avconfig.exe
c:\program files (x86)\1\AntiVir Desktop\avconfig.xml
c:\program files (x86)\1\AntiVir Desktop\avconfigrc.dll
c:\program files (x86)\1\AntiVir Desktop\avesvc.dll
c:\program files (x86)\1\AntiVir Desktop\avesvcr.dll
c:\program files (x86)\1\AntiVir Desktop\avevtlog.dll
c:\program files (x86)\1\AntiVir Desktop\avevtrc.dll
c:\program files (x86)\1\AntiVir Desktop\avghook.dll
c:\program files (x86)\1\AntiVir Desktop\avgio.dll
c:\program files (x86)\1\AntiVir Desktop\avgnt.exe
c:\program files (x86)\1\AntiVir Desktop\avgntflt.cat
c:\program files (x86)\1\AntiVir Desktop\avgntflt.inf
c:\program files (x86)\1\AntiVir Desktop\avguard.exe
c:\program files (x86)\1\AntiVir Desktop\avguard.xml
c:\program files (x86)\1\AntiVir Desktop\avhlp.exe
c:\program files (x86)\1\AntiVir Desktop\avinet.dll
c:\program files (x86)\1\AntiVir Desktop\avipbb.cat
c:\program files (x86)\1\AntiVir Desktop\avipbb.inf
c:\program files (x86)\1\AntiVir Desktop\avipc.dll
c:\program files (x86)\1\AntiVir Desktop\avipc64.dll
c:\program files (x86)\1\AntiVir Desktop\avkmgr.cat
c:\program files (x86)\1\AntiVir Desktop\avkmgr.inf
c:\program files (x86)\1\AntiVir Desktop\avmres.dll
c:\program files (x86)\1\AntiVir Desktop\avnotify.dll
c:\program files (x86)\1\AntiVir Desktop\avnotify.exe
c:\program files (x86)\1\AntiVir Desktop\avpref.dll
c:\program files (x86)\1\AntiVir Desktop\avreg.dll
c:\program files (x86)\1\AntiVir Desktop\avreg.yml
c:\program files (x86)\1\AntiVir Desktop\avrep.dll
c:\program files (x86)\1\AntiVir Desktop\avrestart.exe
c:\program files (x86)\1\AntiVir Desktop\avscan.dat
c:\program files (x86)\1\AntiVir Desktop\avscan.dll
c:\program files (x86)\1\AntiVir Desktop\avscan.exe
c:\program files (x86)\1\AntiVir Desktop\avscplr.dll
c:\program files (x86)\1\AntiVir Desktop\avsda.dll
c:\program files (x86)\1\AntiVir Desktop\avsda64.dll
c:\program files (x86)\1\AntiVir Desktop\avshadow.exe
c:\program files (x86)\1\AntiVir Desktop\avsmtp.dll
c:\program files (x86)\1\AntiVir Desktop\avupgsvc.exe
c:\program files (x86)\1\AntiVir Desktop\avwebgrc.dll
c:\program files (x86)\1\AntiVir Desktop\avwebgrd.exe
c:\program files (x86)\1\AntiVir Desktop\avwebloader.dll
c:\program files (x86)\1\AntiVir Desktop\avwebloader.exe
c:\program files (x86)\1\AntiVir Desktop\avwebloadergui.dll
c:\program files (x86)\1\AntiVir Desktop\avwin.chm
c:\program files (x86)\1\AntiVir Desktop\avwinll.dll
c:\program files (x86)\1\AntiVir Desktop\avwmi.dll
c:\program files (x86)\1\AntiVir Desktop\avwsc.exe
c:\program files (x86)\1\AntiVir Desktop\build.dat
c:\program files (x86)\1\AntiVir Desktop\ccavscanex.dll
c:\program files (x86)\1\AntiVir Desktop\ccavscanexrc.dll
c:\program files (x86)\1\AntiVir Desktop\ccev.dll
c:\program files (x86)\1\AntiVir Desktop\ccevrc.dll
c:\program files (x86)\1\AntiVir Desktop\ccevw.dll
c:\program files (x86)\1\AntiVir Desktop\ccgen.dll
c:\program files (x86)\1\AntiVir Desktop\ccgenrc.dll
c:\program files (x86)\1\AntiVir Desktop\ccgenw.dll
c:\program files (x86)\1\AntiVir Desktop\ccgrdrc.dll
c:\program files (x86)\1\AntiVir Desktop\ccgrdw.dll
c:\program files (x86)\1\AntiVir Desktop\ccguard.dll
c:\program files (x86)\1\AntiVir Desktop\cchips.dll
c:\program files (x86)\1\AntiVir Desktop\cchipsrc.dll
c:\program files (x86)\1\AntiVir Desktop\cclic.dll
c:\program files (x86)\1\AntiVir Desktop\cclicrc.dll
c:\program files (x86)\1\AntiVir Desktop\cclicw.dll
c:\program files (x86)\1\AntiVir Desktop\ccmainrc.dll
c:\program files (x86)\1\AntiVir Desktop\ccmsg.dll
c:\program files (x86)\1\AntiVir Desktop\ccmsgrc.dll
c:\program files (x86)\1\AntiVir Desktop\ccplg.xml
c:\program files (x86)\1\AntiVir Desktop\ccprofil.dll
c:\program files (x86)\1\AntiVir Desktop\ccquamgr.dll
c:\program files (x86)\1\AntiVir Desktop\ccquarc.dll
c:\program files (x86)\1\AntiVir Desktop\ccquaw.dll
c:\program files (x86)\1\AntiVir Desktop\ccreporc.dll
c:\program files (x86)\1\AntiVir Desktop\ccreport.dll
c:\program files (x86)\1\AntiVir Desktop\ccrepow.dll
c:\program files (x86)\1\AntiVir Desktop\ccscanrc.dll
c:\program files (x86)\1\AntiVir Desktop\ccscanw.dll
c:\program files (x86)\1\AntiVir Desktop\ccsched.dll
c:\program files (x86)\1\AntiVir Desktop\ccschedw.dll
c:\program files (x86)\1\AntiVir Desktop\ccscherc.dll
c:\program files (x86)\1\AntiVir Desktop\ccupdate.dll
c:\program files (x86)\1\AntiVir Desktop\ccupdrc.dll
c:\program files (x86)\1\AntiVir Desktop\ccupdw.dll
c:\program files (x86)\1\AntiVir Desktop\ccwgrd.dll
c:\program files (x86)\1\AntiVir Desktop\ccwgrdrc.dll
c:\program files (x86)\1\AntiVir Desktop\ccwgrdw.dll
c:\program files (x86)\1\AntiVir Desktop\ccwkrlib.dll
c:\program files (x86)\1\AntiVir Desktop\cfglib.dll
c:\program files (x86)\1\AntiVir Desktop\default.wav
c:\program files (x86)\1\AntiVir Desktop\defaults.ini
c:\program files (x86)\1\AntiVir Desktop\extdlgfw.dll
c:\program files (x86)\1\AntiVir Desktop\fact.exe
c:\program files (x86)\1\AntiVir Desktop\factrc.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aebb.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aecore.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aeemu.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aeexp.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aegen.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aehelp.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aeheur.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aelidb.dat
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aeoffice.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aepack.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aerdl.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aesbx.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aescn.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aescript.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aeset.dat
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aevdf.dat
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\aevdf.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\avreg.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\avreg.yml
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\avrep.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\avscplr.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\hbedv.key
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\unacev2.dll
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase000.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase001.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase002.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase003.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase004.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase005.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase006.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase007.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase008.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase009.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase010.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase011.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase012.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase013.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase014.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase015.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase016.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase017.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase018.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase019.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase020.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase021.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase022.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase023.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase024.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase025.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase026.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase027.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase028.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase029.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase030.vdf
c:\program files (x86)\1\AntiVir Desktop\FAILSAFE\vbase031.vdf
c:\program files (x86)\1\AntiVir Desktop\gavid.xsl
c:\program files (x86)\1\AntiVir Desktop\gpavgio.dll
c:\program files (x86)\1\AntiVir Desktop\gpevtlog.dll
c:\program files (x86)\1\AntiVir Desktop\gpgavid.dll
c:\program files (x86)\1\AntiVir Desktop\gpgen.dll
c:\program files (x86)\1\AntiVir Desktop\gpgenrep.dll
c:\program files (x86)\1\AntiVir Desktop\gpgrd.dll
c:\program files (x86)\1\AntiVir Desktop\gpgui.dll
c:\program files (x86)\1\AntiVir Desktop\gpipc.dll
c:\program files (x86)\1\AntiVir Desktop\gplegacy.dll
c:\program files (x86)\1\AntiVir Desktop\gpschd.dll
c:\program files (x86)\1\AntiVir Desktop\grdcore.dll
c:\program files (x86)\1\AntiVir Desktop\guardgui.exe
c:\program files (x86)\1\AntiVir Desktop\guardmsg.dll
c:\program files (x86)\1\AntiVir Desktop\hbedv.key
c:\program files (x86)\1\AntiVir Desktop\inetset.bin
c:\program files (x86)\1\AntiVir Desktop\inssda64.exe
c:\program files (x86)\1\AntiVir Desktop\ipmgui.exe
c:\program files (x86)\1\AntiVir Desktop\libdb44.dll
c:\program files (x86)\1\AntiVir Desktop\licmgr.dll
c:\program files (x86)\1\AntiVir Desktop\licmgr.exe
c:\program files (x86)\1\AntiVir Desktop\luke.dll
c:\program files (x86)\1\AntiVir Desktop\lukeres.dll
c:\program files (x86)\1\AntiVir Desktop\mgrs.dll
c:\program files (x86)\1\AntiVir Desktop\msgclient.dll
c:\program files (x86)\1\AntiVir Desktop\mydocs.avp
c:\program files (x86)\1\AntiVir Desktop\netnt.dll
c:\program files (x86)\1\AntiVir Desktop\onlcfg.dll
c:\program files (x86)\1\AntiVir Desktop\prefix_msg.avr
c:\program files (x86)\1\AntiVir Desktop\process.avp
c:\program files (x86)\1\AntiVir Desktop\prodinfo.dat
c:\program files (x86)\1\AntiVir Desktop\quicksysscan.avp
c:\program files (x86)\1\AntiVir Desktop\rchelp.dll
c:\program files (x86)\1\AntiVir Desktop\rcimage.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_de.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_en.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_es.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_fr.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_it.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_jp.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_ko.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_nl.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_pt.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_ru.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_tr.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_zhcn.dll
c:\program files (x86)\1\AntiVir Desktop\rcnwload_zhtw.dll
c:\program files (x86)\1\AntiVir Desktop\rctext.dll
c:\program files (x86)\1\AntiVir Desktop\readme.txt
c:\program files (x86)\1\AntiVir Desktop\redist.dll
c:\program files (x86)\1\AntiVir Desktop\restartrc.dll
c:\program files (x86)\1\AntiVir Desktop\rmdiscs.avp
c:\program files (x86)\1\AntiVir Desktop\scewxmlw.dll
c:\program files (x86)\1\AntiVir Desktop\sched.exe
c:\program files (x86)\1\AntiVir Desktop\sched.xml
c:\program files (x86)\1\AntiVir Desktop\schedr.dll
c:\program files (x86)\1\AntiVir Desktop\setup.dll
c:\program files (x86)\1\AntiVir Desktop\setup.exe
c:\program files (x86)\1\AntiVir Desktop\setupprf.dat
c:\program files (x86)\1\AntiVir Desktop\shlext64.dll
c:\program files (x86)\1\AntiVir Desktop\sqlite3.dll
c:\program files (x86)\1\AntiVir Desktop\sweb.zip
c:\program files (x86)\1\AntiVir Desktop\sysdir.avp
c:\program files (x86)\1\AntiVir Desktop\sysscan.avp
c:\program files (x86)\1\AntiVir Desktop\toolbar_eula.txt
c:\program files (x86)\1\AntiVir Desktop\unacev2.dll
c:\program files (x86)\1\AntiVir Desktop\update.dll
c:\program files (x86)\1\AntiVir Desktop\update.exe
c:\program files (x86)\1\AntiVir Desktop\updatemsg.avr
c:\program files (x86)\1\AntiVir Desktop\updaterc.dll
c:\program files (x86)\1\AntiVir Desktop\updext.dll
c:\program files (x86)\1\AntiVir Desktop\updgui.dll
c:\program files (x86)\1\AntiVir Desktop\updguirc.dll
c:\program files (x86)\1\AntiVir Desktop\updrgui.exe
c:\program files (x86)\1\AntiVir Desktop\vbase000.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase001.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase002.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase003.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase004.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase005.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase006.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase007.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase008.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase009.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase010.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase011.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase012.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase013.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase014.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase015.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase016.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase017.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase018.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase019.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase020.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase021.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase022.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase023.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase024.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase025.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase026.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase027.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase028.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase029.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase030.vdf
c:\program files (x86)\1\AntiVir Desktop\vbase031.vdf
c:\program files (x86)\1\AntiVir Desktop\webcat.dll
c:\program files (x86)\1\AntiVir Desktop\webcat0.dat
c:\program files (x86)\1\AntiVir Desktop\webcat1.dat
c:\program files (x86)\1\AntiVir Desktop\webcat2.dat
c:\program files (x86)\1\AntiVir Desktop\webcat3.dat
c:\program files (x86)\1\AntiVir Desktop\webcat4.dat
c:\program files (x86)\1\AntiVir Desktop\webcatrc.dll
c:\program files (x86)\1\AntiVir Desktop\weblink.url
c:\program files (x86)\1\AntiVir Desktop\wksstats.dll
c:\program files (x86)\1\AntiVir Desktop\wsctool.exe
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPly.xpi
c:\program files (x86)\DealPly\DealPlyIE64.dll
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\DealPlyUpdateVer.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\program files (x86)\SuperLyrics-16
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-bg.exe
c:\program files (x86)\SuperLyrics-16\SuPErlyrics-16-bho.dll
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-bho64.dll
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-buttonutil.dll
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-buttonutil.exe
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-buttonutil64.dll
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-buttonutil64.exe
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-chromeinstaller.exe
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-codedownloader.exe
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-enabler.exe
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-firefoxinstaller.exe
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-helper.exe
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-updater.exe
c:\program files (x86)\SuperLyrics-16\SuperLyrics-16.ico
c:\program files (x86)\SuperLyrics-16\Uninstall.exe
c:\program files (x86)\SuperLyrics-16\utils.exe
c:\program files (x86)\Versandhelfer\Versandhelfer.exe
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\background.html
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\crossriderManifest.json
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\extensionData\manifest.xml
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\extensionData\plugins.json
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\icons\actions\1.png
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\icons\icon128.png
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\icons\icon16.png
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\icons\icon48.png
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\manifest.json
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.25.94_0\popup.html
c:\users\Lutz\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
c:\users\Lutz\AppData\Local\TempDIR
c:\windows\IsUn0407.exe
c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-10-14 bis 2013-11-14  ))))))))))))))))))))))))))))))
.
.
2013-11-14 12:54 . 2013-11-14 12:54	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-14 09:48 . 2013-11-14 09:48	--------	d-----w-	C:\FRST
2013-11-14 08:58 . 2013-11-14 08:58	--------	d-----w-	c:\program files (x86)\TeamViewer
2013-11-14 06:30 . 2013-10-04 02:24	1930752	----a-w-	c:\windows\system32\authui.dll
2013-11-13 13:15 . 2013-11-13 13:15	--------	d-----w-	c:\users\Lutz\AppData\Roaming\Avira
2013-11-13 13:12 . 2013-10-31 18:25	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-11-13 13:11 . 2013-10-31 18:25	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-11-13 13:11 . 2013-10-31 18:25	132600	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-11-13 13:11 . 2013-10-31 18:25	106904	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-11-13 13:11 . 2013-11-13 13:11	--------	d-----w-	c:\program files (x86)\Avira
2013-11-13 12:31 . 2013-11-13 12:31	--------	d-----w-	c:\programdata\Systweak
2013-11-13 11:43 . 2013-11-13 21:14	--------	d-----w-	c:\program files (x86)\JFileManager
2013-11-13 11:43 . 2013-11-13 21:14	--------	d-----w-	c:\program files (x86)\Plus-HD-1.3
2013-11-13 11:21 . 2013-11-13 11:21	--------	d-----w-	c:\users\Lutz\SyncFolder
2013-11-13 11:06 . 2013-11-13 11:06	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A9E3413-67B7-4542-B599-75CC7F769293}\offreg.dll
2013-11-13 10:53 . 2013-11-13 12:37	--------	d-----w-	c:\program files (x86)\MyPC Backup
2013-11-13 10:52 . 2013-11-14 11:04	--------	d-----w-	c:\program files (x86)\Advanced System Protector
2013-11-13 10:52 . 2012-07-25 11:03	16896	----a-w-	c:\windows\system32\sasnative64.exe
2013-11-13 10:51 . 2013-11-14 11:04	--------	d-----w-	c:\users\Lutz\AppData\Roaming\Systweak
2013-11-13 10:51 . 2013-08-22 17:36	20312	----a-w-	c:\windows\system32\roboot64.exe
2013-11-13 10:51 . 2013-11-13 21:14	--------	d-----w-	c:\program files (x86)\RegClean Pro
2013-11-13 10:50 . 2013-11-13 10:50	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2013-11-13 06:32 . 2013-11-13 11:06	--------	d-----w-	c:\users\Lutz\AppData\Roaming\TweakNow RegCleaner
2013-11-13 06:32 . 2013-11-13 11:06	--------	d-----w-	c:\program files (x86)\TweakNow RegCleaner
2013-11-12 07:09 . 2013-10-14 07:12	10280728	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A9E3413-67B7-4542-B599-75CC7F769293}\mpengine.dll
2013-11-12 06:59 . 2013-11-12 06:59	--------	d-----w-	c:\programdata\Nico Mak Computing
2013-11-11 09:51 . 2013-11-12 15:43	--------	d-----w-	c:\users\Lutz\AppData\Roaming\Nico Mak Computing
2013-11-11 09:51 . 2013-11-12 15:43	--------	d-----w-	c:\program files (x86)\WinZip Malware Protector
2013-11-11 09:51 . 2013-03-15 16:10	20480	----a-w-	c:\windows\system32\wsusnative64.exe
2013-11-11 08:30 . 2013-11-12 15:42	--------	d-----w-	c:\users\Lutz\AppData\Roaming\DealPly
2013-11-11 08:28 . 2013-11-11 08:28	--------	d-----w-	c:\program files (x86)\SearchProtect
2013-11-11 08:28 . 2013-11-11 08:28	--------	d-----w-	c:\users\Lutz\AppData\Local\SearchProtect
2013-11-07 14:25 . 2013-11-07 14:25	--------	d-----w-	c:\users\Lutz\AppData\Roaming\Iminent
2013-11-07 14:24 . 2013-11-07 14:24	--------	d-----w-	c:\users\Lutz\AppData\Roaming\SpeedTestAnalysis
2013-11-05 06:08 . 2013-11-05 06:08	--------	d-----w-	c:\users\Lutz\AppData\Roaming\Apple Computer
2013-11-04 09:33 . 2013-11-04 09:33	--------	d-----w-	c:\users\Lutz\AppData\Local\Apple Computer
2013-11-04 09:32 . 2013-11-04 09:32	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2013-11-04 09:32 . 2013-11-04 09:32	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2013-11-04 09:32 . 2013-11-04 09:32	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2013-11-04 09:32 . 2013-11-04 09:32	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2013-11-04 09:32 . 2013-11-04 09:32	159744	----a-w-	c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2013-11-04 09:31 . 2013-11-04 09:31	--------	d-----w-	c:\programdata\Apple Computer
2013-11-04 09:30 . 2013-11-04 09:30	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2013-11-04 09:30 . 2013-11-04 09:30	--------	d-----w-	c:\users\Lutz\AppData\Local\Apple
2013-11-04 09:30 . 2013-11-04 09:30	--------	d-----w-	c:\program files (x86)\Apple Software Update
2013-11-04 09:30 . 2013-11-04 09:30	--------	d-----w-	c:\programdata\Apple
2013-11-04 09:17 . 2013-11-04 13:56	--------	d-----w-	C:\DvmHIPCam
2013-10-29 10:32 . 2013-10-29 10:34	--------	d-----w-	c:\users\Lutz\AppData\Roaming\WordToPDF
2013-10-29 09:49 . 2013-10-29 09:49	--------	d-----w-	c:\program files (x86)\BCL Technologies
2013-10-29 09:49 . 2013-10-29 09:49	--------	d-----w-	c:\users\Lutz\AppData\Roaming\Pdf2Word
2013-10-29 09:49 . 2013-10-29 09:49	--------	d-----w-	c:\users\Lutz\AppData\Roaming\OpenCandy
2013-10-17 12:22 . 2013-10-17 12:22	--------	d-----w-	c:\program files\McAfee Security Scan
2013-10-17 07:26 . 2013-10-17 07:26	--------	d-----w-	c:\users\Lutz\AppData\Local\Avg2014
2013-10-17 06:14 . 2013-08-29 02:17	5549504	----a-w-	c:\windows\system32\ntoskrnl.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-14 07:56 . 2011-02-10 20:56	82896128	----a-w-	c:\windows\system32\MRT.exe
2013-11-12 07:48 . 2011-07-22 08:47	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-14 07:12 . 2013-10-07 05:30	10280728	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\Backup\mpengine(818).dll
2013-09-09 13:29 . 2013-10-02 05:29	40760	----a-w-	c:\windows\system32\TURegOpt.exe
2013-09-09 13:29 . 2013-10-02 05:30	43320	----a-w-	c:\windows\system32\uxtuneup.dll
2013-09-09 13:29 . 2013-10-02 05:30	36152	----a-w-	c:\windows\SysWow64\uxtuneup.dll
2013-09-09 13:29 . 2013-10-02 05:29	29496	----a-w-	c:\windows\system32\authuitu.dll
2013-09-09 13:29 . 2013-10-02 05:29	25400	----a-w-	c:\windows\SysWow64\authuitu.dll
2013-09-03 12:35 . 2010-11-21 03:27	278800	------w-	c:\windows\system32\MpSigStub.exe
2013-08-29 01:48 . 2013-10-17 06:14	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-14 06:05	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-14 06:05	3155968	----a-w-	c:\windows\system32\win32k.sys
2013-06-21 06:43 . 2013-06-21 06:51	708168	----a-w-	c:\program files (x86)\5qUninstall Zwinky.dll
2013-06-21 06:43 . 2013-06-21 06:51	186736	----a-w-	c:\program files (x86)\5qres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-06-27 10:05	175912	----a-w-	c:\program files (x86)\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-06-27 175912]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-15 23:49	130736	----a-w-	c:\users\Lutz\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-15 23:49	130736	----a-w-	c:\users\Lutz\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-15 23:49	130736	----a-w-	c:\users\Lutz\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"IncrediMail"="c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2012-03-28 366024]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-02 20472992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CorelDRAW Graphics Suite 11b"="d:\corel\Corel Graphics 12\Languages\DE\Programs\Registration.exe" [2003-11-27 733184]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-04-19 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2009-11-12 5140960]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2012-12-12 163000]
"Tv-Plug-In"="c:\program files (x86)\Tv-Plug-In\Tv-Plug-In.exe" [2013-04-10 296744]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-10-31 683576]
"WinZip Malware Protector_startup"="c:\program files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe" [2013-07-15 6390448]
"Advanced System Protector_startup"="c:\program files (x86)\Advanced System Protector\AdvancedSystemProtector.exe" [2012-10-17 6625728]
.
c:\users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Lutz\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
Game Alarm.lnk - c:\games\Game Alarm\gamealarm.exe -silent 2 [2013-2-20 19721728]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-7-22 110592]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
Sweex WC060 series snapshot button monitor.lnk - c:\program files (x86)\Sweex\WC060\VMonitor.exe [2011-9-27 143360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0auto_reactivate \\?\Volume{cd54a046-b47a-11e0-b68c-806e6f6e6963}\bootwiz\asrm.bin
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 IISExpressSVC;IIS Express service;c:\program files (x86)\Lansweeper\IISExpress\IISexpressSVC.exe;c:\program files (x86)\Lansweeper\IISExpress\IISexpressSVC.exe [x]
R4 lansweeperservice;Lansweeper Server;c:\program files (x86)\Lansweeper\Service\Lansweeperservice.exe;c:\program files (x86)\Lansweeper\Service\Lansweeperservice.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$SQLLANSWEEPER2K8;SQL Server Agent (SQLLANSWEEPER2K8);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\DRIVERS\tdrpm258.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm258.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IBUpdaterService;Updater Service;c:\programdata\IBUpdaterService\ibsvc.exe;c:\programdata\IBUpdaterService\ibsvc.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 MSSQL$SQLLANSWEEPER2K8;SQL Server (SQLLANSWEEPER2K8);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLLANSWEEPER2K8\MSSQL\Binn\sqlservr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\Drivers\VMUVC.sys;c:\windows\SYSNATIVE\Drivers\VMUVC.sys [x]
S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys;c:\windows\SYSNATIVE\drivers\vvftUVC.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-18 07:48]
.
2013-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-22 07:00]
.
2013-11-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-07-22 07:00]
.
2013-11-13 c:\windows\Tasks\RegClean Pro_DEFAULT.job
- c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2013-11-13 17:36]
.
2013-11-13 c:\windows\Tasks\RegClean Pro_UPDATES.job
- c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2013-11-13 17:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-15 23:49	164016	----a-w-	c:\users\Lutz\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-15 23:49	164016	----a-w-	c:\users\Lutz\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-15 23:49	164016	----a-w-	c:\users\Lutz\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-15 23:49	164016	----a-w-	c:\users\Lutz\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-13 11774568]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2009-11-12 362032]
"XeroxEndeavorBackgroundTask"="xrWCbgnd.dll" [2009-07-14 58368]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=hp&installDate=11/11/2013
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuCR&co=DE&userid=0b6266ce-42d1-11ac-836e-8fc3faa9e18d&searchtype=ds&q={searchTerms}&installDate=11/11/2013
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
Trusted Zone: LUTZ-PC
TCP: DhcpNameServer = 192.168.0.10
FF - ProfilePath - c:\users\Lutz\AppData\Roaming\Mozilla\Firefox\Profiles\f0zwr6ci.default\
FF - prefs.js: browser.startup.homepage - N-TV.de
FF - ExtSQL: 2013-11-13 08:01; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files (x86)\McAfee\SiteAdvisor
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{11111111-1111-1111-1111-110411411162} - c:\program files (x86)\SuperLyrics-16\SuperLyrics-16-bho.dll
c:\users\Lutz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Versandhelfer.lnk - c:\program files (x86)\Versandhelfer\Versandhelfer.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{40C3CC16-7269-4B32-9531-17F2950FB06F} - (no file)
WebBrowser-{990AF1C2-5A27-4460-8149-ECC6BC122AF3} - (no file)
AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0407.EXE
AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe
AddRemove-SuperLyrics-16 - c:\program files (x86)\SuperLyrics-16\Uninstall.exe
AddRemove-{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\е2*]
"7040110900063D11C8EF10054038389C"="C?\\Windows\\SysWOW64\\FM20ENU.DLL"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-11-14  13:58:20
ComboFix-quarantined-files.txt  2013-11-14 12:58
.
Vor Suchlauf: 12 Verzeichnis(se), 380.992.241.664 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 381.145.702.400 Bytes frei
.
- - End Of File - - 6C36704163138434D3B70F4C70B292EE
         
--- --- ---

Alt 15.11.2013, 10:29   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Advanced System Protector, my Backup & Regcleaner Pro - Standard

Advanced System Protector, my Backup & Regcleaner Pro



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.11.2013, 14:29   #6
kleind
 
Advanced System Protector, my Backup & Regcleaner Pro - Standard

Advanced System Protector, my Backup & Regcleaner Pro



Danke für die Hilfe Schrauber,

der Nutzer hat ohne mein zutun jetzt einen wiederherstellungspunkt zurückgesetzt, was gestern angeblich nicht möglich war und das Problem ist somit aus der Welt!
Trotzdem vielen vielen Dank für deine Mühe und Zeit!

Grüße
kleind

Alt 16.11.2013, 12:04   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Advanced System Protector, my Backup & Regcleaner Pro - Standard

Advanced System Protector, my Backup & Regcleaner Pro



ok.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Advanced System Protector, my Backup & Regcleaner Pro
administrator, advanced, alten, avira searchfree toolbar, backup, bandoo, bereits, betreff, bootmgr, chromium, computer, durchgeführt, eintrag, entferne, explorer, farbar, farbar recovery scan tool, hdaudio.sys, home, konnte, minidump, nicht mehr, norma, programme, recovery, regclean, regcleaner, scan, service, system, systweak, thema, tool, usbvideo.sys, users, vcredist, version, winzip malware protector




Ähnliche Themen: Advanced System Protector, my Backup & Regcleaner Pro


  1. Advanced System Protector
    Log-Analyse und Auswertung - 04.01.2015 (23)
  2. Win7 64bit "Windows Version installer, Continue VuuPC Installation, MyPC Backup, Advanced System Protector,..."
    Log-Analyse und Auswertung - 03.07.2014 (21)
  3. Win7 mit Advanced System Protector, System Speedup und vielen weiteren Plagegeistern
    Plagegeister aller Art und deren Bekämpfung - 10.06.2014 (12)
  4. Advanced System Protector, Reg Clean Pro, MyPC Backup, Adware - hab ich sie schon wieder in Gänze los?
    Plagegeister aller Art und deren Bekämpfung - 15.04.2014 (9)
  5. WindowsXP: Advanced System Protector
    Log-Analyse und Auswertung - 23.12.2013 (3)
  6. RegClean Pro, Advanced System Protector und MyPC Backup sowie Video Converter
    Log-Analyse und Auswertung - 23.11.2013 (7)
  7. PC von Advanced System Protector befallen
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (15)
  8. Advanced system protector und RegClean Pro und my backup eingefangen
    Plagegeister aller Art und deren Bekämpfung - 14.11.2013 (13)
  9. win7 mit Befall:Systweak RegClean, Advanced System Protector und My PC Backup
    Log-Analyse und Auswertung - 01.11.2013 (15)
  10. Windows 7-Advanced System Protector
    Log-Analyse und Auswertung - 30.10.2013 (17)
  11. Advanced System Protector löchen
    Log-Analyse und Auswertung - 26.10.2013 (31)
  12. Advanced System Protector und Regcleaner Pro! Zweite Meinung?
    Plagegeister aller Art und deren Bekämpfung - 21.10.2013 (5)
  13. Reg Clean Pro, Advanced System Protector, My PC Backup, Wajam - durch Firefox Installation
    Plagegeister aller Art und deren Bekämpfung - 08.10.2013 (11)
  14. Advanced System Protector und Reg Clean Pro
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (7)
  15. Advanced System Protector entfernen
    Plagegeister aller Art und deren Bekämpfung - 26.09.2013 (42)
  16. Advanced System Protector deinstalieren
    Log-Analyse und Auswertung - 13.08.2013 (9)
  17. Advanced System Protector
    Log-Analyse und Auswertung - 21.06.2013 (21)

Zum Thema Advanced System Protector, my Backup & Regcleaner Pro - Hallo, es tut mir leid euch wieder mit diesem alten Thema belästigen zu müssen. Ich habe hierzu bereits einen Foreneintrag gefunden doch konnte mir dieser nicht helfen. Die im Betreff - Advanced System Protector, my Backup & Regcleaner Pro...
Archiv
Du betrachtest: Advanced System Protector, my Backup & Regcleaner Pro auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.