Mein Avira Browser Schutz meldet seit ein paar Tagen immer wieder einen Fund, wenn ich bei Ebay online bin: HTML/Infected.WebPage.Gen2

Code: Alles auswählenAufklappen

ATTFilter

Exportierte Ereignisse:

Exportierte Ereignisse:

03.05.2015 13:40 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QKMBfB-gwIAAAIA1gAFCJKSmKoFEOq7g-u18ve7Nxitu
      MPThtqztTIgASotCTlzXR_NcPI_EWwldJfE2e8_GSuHFtnO9wlAIVx_Dks9BvE_KWHavlCYtvM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4s7UDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDY1MzIwMik7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIUdDMXczQWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjR3A0cmdHQUFjQUNpQUdrQVpBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVdIYXZsQ1l0dk1feVFGdHBCSUJVNV82UDlrQk5zMDdUdEdSN0RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APB7OXB3S0lBQ
      S7YApUE4ALfuxDqAm9odHRwOi8vbXkuZWJheS5kZS93cy9lQmF5SVNBUEkuZGxsP015RWJheUJldGEmQ
      3VycmVudFBhZ2U9TXllQmF5TmV4dFNlbGxpbmcmc3NQYWdlTmFtZT1TVFJLJTNBTUUlM0FMTkxLJQEMy
      FNFWIADAIgDAZADAJgDDKADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&re
      ferrer=http%3A%2F%2Fmy.ebay.de%2Fws%2FeBayISAPI.dll%3FMyEbayBeta%26CurrentPage%3
      DMyeBayNextSelling%26ssPageName%3DSTRK%253AME%253ALNLK%253AMESEX"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

03.05.2015 13:39 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://nym1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCImSmKoFELbl4bOE4pesNhitu
      MPThtqztTIgASotCTlzXR_NcPI_EWwldJfE2e8_GSuHFtnO9wlAIVx_Dks9BvE_KWHavlCYtvM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4_LEDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDY1MzE5Myk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBITlpMFBBQWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjR3A0ckFHQUFjQUNpQUdrQVpBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVdIYXZsQ1l0dk1feVFIWEl5d3UzYzN5UDlrQk5zMDdUdEdSN0RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APBhOXB3S0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

03.05.2015 12:17 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QKcBfB-kwIAAAIA1gAFCLHrl6oFEIH3w6jtge_nRhitu
      MPThtqztTIgASotCQgnnb61F_I_Ec0gPrDjP-8_GZqZmZmZmQNAIVx_Dks9BvE_KWHavlCYtvM_MJnUP
      jjLA0DMEUgCULjv-wxYocASYABog4gDcAB4-NwDgAEBigEDVVNEkgUG8GOYAaABoAHYBKgBAbABALgBA
      sABBcgBANABANgBAOABAPABAPoBBTE4NjQ0igJXdWYoJ2EnLCAyNDgzODcsIDE0MzA2NDgyNDEpO3VmK
      CdjJywgNzYzNjg4NCwgMTQzMDY0ODI0DR0AcgE5GDcxOTUzMjA2HgDwxJICtQEhenkweXR3aVVqOUlER
      Uxqdi13d1lBQ0Nod0JJd0FEZ0FRQUJJekJGUW1kUS1XQUZnTldnQWNCNTRnQ3lBQWI0Q2lBRUlrQUVCb
      UFFQm9BRUJxQUVEc0FFQXVRR2FtWm1abVpueFA4RUJZZHEtVUppMjh6X0pBZW1iYjNfZG12SV8yUUUye
      lR0TzBaSHNQLUFCQU9vQkR6RXpNekl3TURBc01UTXpNakF3TnZVQkFBQUFBQS4umgIdIWFnWjZPd2lVL
      rgA8MFvY0FTSUFBLtgClQTgAt-7EOoCfmh0dHA6Ly93d3cuZWJheS5kZS9zY2gvaS5odG1sP19mcm9tP
      VI0MCZfdHJrc2lkPXAzOTg0Lm01NzAubDEzMTEuUjUuVFIxMS5UUkMxLkEwLkgxLlhuaWtvbiA1MCAuV
      FJTMCZfbmt3PW5pa29uIDUwIDEuOCZfc2FjYXQ9MIADAIgDAZADAJgDDKADAaoDALADALgDAMADrALIA
      wDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2Fi.ht
      ml%3F_from%3DR40%26_trksid%3Dp3984.m570.l1311.R5.TR11.TRC1.A0.H1.Xnikon+50+.TRS0
      %26_nkw%3Dnikon+50+1.8%26_sacat%3D0"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

03.05.2015 12:12 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK5BPB-MAIAAAIA1gAFCKbpl6oFEPG00K7vppXcJRitu
      MPThtqztTIgASotCdp1kGokzvA_ETgsDfyoBu0_GSuHFtnO9wlAIVx_Dks9BvE_KWHavlCYtvM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB42e0DgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDY0Nzk3NCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIXR5N0ZOd2lVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjR2g0NUN1QUFid0NpQUhrSzVBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVdIYXZsQ1l0dk1feVFIdlVHZGlHdlg5UDlrQk5zMDdUdEdSN0RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFad1pjT3dpVS64APBfb2NBU0lBQ
      S7YApUE4ALfuxDqAhx3d3cuZWJheS5kZS9pdG0vMTkxNTY4NjI1NTk4gAMAiAMBkAMAmAMMoAMBqgMAs
      AMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-AMD&dlo=1&referrer=www.ebay.de%2Fitm%2F19156
      8625598"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

01.05.2015 13:30 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCMHHjaoFENGc35WHveC2ZRitu
      MPThtqztTIgASotCeiy135uCu0_ET2a6sn8I-k_GYcW2c73Uw1AIV-HeoGcBfE_KWrwpqWgqfM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4kPsDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDQ3OTgwOSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIThTeENld2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjR1o0RElBQnVnS0lBUXlRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUZxOEthbG9LbnpQOGtCS1VzS3kyMXA5el9aQVliSlZNR29wT3dfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8F85cHdLSUFBLtgCl
      QTgAt-7EOoCHHd3dy5lYmF5LmRlL2l0bS8xNzE3MTgxNTAxMjOAAwCIAwGQAwCYAwygAwGqAwCwAwC4A
      wDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F171718150
      123"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

01.05.2015 13:23 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCM3EjaoFEKmjmtz6ubmQNRitu
      MPThtqztTIgASotCe2duFsKE_M_ETkNUYU_g_A_GYcW2c73Uw1AIV-HeoGcBfE_KWrwpqWgqfM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4n-gDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDQ3OTQzNyk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIW1pMmdpUWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjR1I0QW9BQnVBS0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUZxOEthbG9LbnpQOGtCbUtLVFphNG4tVF9aQVliSlZNR29wT3dfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8F9vY0FTSUFBLtgCl
      QTgAt-7EOoCHHd3dy5lYmF5LmRlL2l0bS8xNzE3MTgxNTAxOTmAAwCIAwGQAwCYAwygAwGqAwCwAwC4A
      wDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F171718150
      199"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

01.05.2015 13:22 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK5BPB-MAIAAAIA1gAFCOLDjaoFEKrJta2L5br9cBitu
      MPThtqztTIgASotCe2duFsKE_M_ETkNUYU_g_A_GYcW2c73Uw1AIV-HeoGcBfE_KWrwpqWgqfM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4tO8CgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDQ3OTMzMCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIXJTMmp2UWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjR0o0bWllQUFiWUNpQUVDa0FFQm1BRUJvQUVCcUFFR
      HNBRUF1UUdhbVptWm1abnhQOEVCYXZDbXBhQ3A4el9KQWIxNllHQlZFUHdfMlFHR3lWVEJxS1RzUC1BQ
      kFPb0JEekV6TXpJd01EQXNNVE16TWpBd052VUJBQUFBQUEuLpoCHSFad1pjT3dpVS64APBfb2NBU0lBQ
      S7YApUE4ALfuxDqAhx3d3cuZWJheS5kZS9pdG0vMjAxMzExMjMzODkwgAMAiAMBkAMAmAMMoAMBqgMAs
      AMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-AMD&dlo=1&referrer=www.ebay.de%2Fitm%2F20131
      1233890"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

01.05.2015 13:20 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QKDBvB--gIAAAIA1gAFCI_DjaoFEP2_qoW8jdCsSBitu
      MPThtqztTIgASotCfWZm10HpfM_Ea29T1WhAfE_GZqZmZmZmQNAIV-HeoGcBfE_KWrwpqWgqfM_MJnUP
      jjLA0DMEUgCULjv-wxY9pwKYABog4gDcAB4yZwDgAEBigEDVVNEkgUG8GOYAaABoAHYBKgBAbABALgBA
      sABBcgBANABANgBAOABAPABAPoBBTE4NjQ0igJXdWYoJ2EnLCAyNDgzODcsIDE0MzA0NzkyNDcpO3VmK
      CdjJywgNzYzNjg4NCwgMTQzMDQ3OTI0DR0AcgE5GDcxOTUzMjA2HgDwxJICtQEhT3lfTEx3aVVqOUlER
      Uxqdi13d1lBQ0QybkFvd0FEZ0FRQUJJekJGUW1kUS1XQUZnTldnQWNCeDRtanlBQWJRQ2lBR1lKNUFCQ
      VpnQkFhQUJBYWdCQTdBQkFMa0JtcG1abVptWjhUX0JBV3J3cHFXZ3FmTV95UUcyM3dEU3h3X3pQOWtCa
      HNsVXdhaWs3RF9nQVFEcUFROHhNek15TURBd0xERXpNekl3TURiMUFRQUFBQUEumgIdIWt3WjdQQWlVL
      rgA8E45cHdLSUFBLtgClQTgAt-7EOoC5AFodHRwOi8vd3d3LmViYXkuZGUvc2NoL0hlcnJlbm1vZGUtL
      zEwNTkvaS5odG1sP19zYXNsb3A9MSZfAQosPWF2YW50aW1lJl9zARbwTDAmX2RjYXQ9MTA1OSZydD1uY
      yZNYXJrZT1Cb2duZXIlN0NGYWxrZSU3Q0hVR08lMjUyMEJPU1MlN0NKT09QJTI1MjElN0NMYWNvc3RlA
      Qo8ZXZpJTI1MjdzJTdDTWFyYwENADAFOSw3UG9sbyU3Q1BlcGUFFgxKZWFuASfwQVJlcGxheSU3Q1N0c
      mVsbHNvboADAIgDAZADAJgDDKADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=
      1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2FHerrenmode-%2F1059%2Fi.html%3F_saslo
      p%3D1%26_sasl%3Davantime%26_sop%3D10%26_dcat%3D1059%26rt%3Dnc%26Marke%3DBogner%2
      57CFalke%257CHUGO%252520BOSS%257CJOOP%252521%257CLacoste%257CLevi%252527s%257CMa
      rc%252520O%252527Polo%257CPepe%252520Jeans%257CReplay%257CStrellson"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

29.04.2015 19:32 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCKOrhKoFEJ_ihpyJrYWxXxitu
      MPThtqztTIgASotCSiagdlG7_E_EZ5A2ClWDe8_Garx0k1iEBBAIatvAk6jBPE_KdvUTMmAqPM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB49K4DgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDMyODczOSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIUt5Nm5Cd2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjR0I0Z0JXQUFiSUNpQUdBRlpBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQWR2VVRNbUFxUE1feVFGbXVJdkp3bW40UDlrQlNudURMMHltN0RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APBhOXB3S0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

28.04.2015 20:58 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCOew_6kFEMT6yJueoPGeNhitu
      MPThtqztTIgASotCfhj4Opxxe4_Ef9YiA6Bo-o_Gd9PjZduEhFAIS8s7ZFktPA_KYm6yinPS_M_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4m5gCgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDI0NzUyNyk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBITBpeXBjUWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRng0RklBQnJBS0lBUlNRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUdKdXNvcHowdnpQOGtCUlhHcXZTTlg5VF9aQWF2UDFWYnNMLTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8F85cHdLSUFBLtgCl
      QTgAt-7EOoCHHd3dy5lYmF5LmRlL2l0bS8xOTE1Njc3OTM4OTeAAwCIAwGQAwCYAwygAwGqAwCwAwC4A
      wDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F191567793
      897"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

28.04.2015 20:47 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QKWBfB-jQIAAAIA1gAFCNir_6kFEJmE8oLmuZfVZBitu
      MPThtqztTIgASotCcszX2Nm4PI_EdaLoZxoV_A_Gd9PjZduEhFAIS8s7ZFktPA_KYm6yinPS_M_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4yPEDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDI0Njg3Mik7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIU5DMWF3QWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRnA0akJpQUFhb0NpQUdNR0pBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVltNnlpblBTX01feVFFQ0R5Z2EwZVh5UDlrQnE4X1ZWdXd2N1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFad1pjT3dpVS64APC8b2NBU0lBQ
      S7YApUE4ALfuxDqAnlodHRwOi8vd3d3LmViYXkuZGUvc2NoL2kuaHRtbD9fZnJvbT1SNDAmX3Rya3NpZ
      D1wMjA1NDg5Ny5tNTcwLmwxMzEzLlRSMTEuVFJDMS5BMC5IMC5Ybmlrb24gZDQuVFJTMCZfbmt3PW5pa
      29uIGQ0Jl9zYWNhdD0wgAMAiAMBkAMAmAMMoAMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-
      AMD&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2Fi.html%3F_from%3DR40%26_trks
      id%3Dp2054897.m570.l1313.TR11.TRC1.A0.H0.Xnikon+d4.TRS0%26_nkw%3Dnikon+d4%26_sac
      at%3D0"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

27.04.2015 19:05 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QLQBfB-xwIAAAIA1gAFCNjY-akFELLliNy4k7qGTxitu
      MPThtqztTIgASotCdarUL0K1e8_EUd3EDtTaOs_Gc3MzMzMzARAIQOsel5OjvA_KUJmuP-JOvM_MJnUP
      jjLA0DMEUgCULjv-wxYocASYABog4gDcAB4s_0DgAEBigEDVVNEkgUG8GOYAaABoAHYBKgBAbABALgBA
      sABBcgBANABANgBAOABAPABAPoBBTE4NjQ0igJXdWYoJ2EnLCAyNDgzODcsIDE0MzAxNTQzMjgpO3VmK
      CdjJywgNzYzNjg4NCwgMTQzMDE1NDMyDR0AcgE5GDcxOTUzMjA2HgDwxJICtQEhTXk2WUFRaVVqOUlER
      Uxqdi13d1lBQ0Nod0JJd0FEZ0FRQUJJekJGUW1kUS1XQUZnTldnQWNCWjRwRmlBQWFRQ2lBSDZBcEFCQ
      VpnQkFhQUJBYWdCQTdBQkFMa0JtcG1abVptWjhUX0JBVUptdVAtSk92TV95UUVZSl9yNmtvbnlQOWtCN
      3V2QU9TTks3VF9nQVFEcUFROHhNek15TURBd0xERXpNekl3TURiMUFRQUFBQUEumgIdIWFnWjZPd2lVL
      rgA8FxvY0FTSUFBLtgClQTgAt-7EOoCsQFodHRwOi8vd3d3LmViYXkuZGUvc2NoL2kuaHRtbD9fb2Rrd
      z1QaGlsbGlwcyBNYWdpYyAyJl9mcm9tPVI0MCZfb3NhY2F0PTAuFABwdHJrc2lkPXAyMDQ1NTczLm01N
      zAubDEzMTMuVFIBBCRDMS5BMC5IMC5YAVsAaRlaIC5UUlMwJl9uawl1HRoIJl9zCWm8gAMAiAMBkAMAm
      AMMoAMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-AMD&dlo=1&referrer=http%3A%2F%2F
      www.ebay.de%2Fsch%2Fi.html%3F_odkw%3DPhillips+Magic+2%26_from%3DR40%26_osacat%3D
      0%26_from%3DR40%26_trksid%3Dp2045573.m570.l1313.TR3.TRC1.A0.H0.XPhilips+Magic+2.
      TRS0%26_nkw%3DPhilips+Magic+2%26_sacat%3D0"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

27.04.2015 19:05 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QLQBfB-xwIAAAIA1gAFCNjY-akFEPHaysKmra2ZWRitu
      MPThtqztTIgASotCYZK7swtYfE_ET0nvW987e0_Gc3MzMzMzARAIQOsel5OjvA_KUJmuP-JOvM_MJnUP
      jjLA0DMEUgCULjv-wxYocASYABog4gDcAB45vQCgAEBigEDVVNEkgUG8GOYAaABoAHYBKgBAbABALgBA
      sABBcgBANABANgBAOABAPABAPoBBTE4NjQ0igJXdWYoJ2EnLCAyNDgzODcsIDE0MzAxNTQzMjgpO3VmK
      CdjJywgNzYzNjg4NCwgMTQzMDE1NDMyDR0AcgE5GDcxOTUzMjA2HgDwxJICtQEhT0M3d0FRaVVqOUlER
      Uxqdi13d1lBQ0Nod0JJd0FEZ0FRQUJJekJGUW1kUS1XQUZnTldnQWNCWjRwRmlBQWFRQ2lBSDZBcEFCQ
      VpnQkFhQUJBYWdCQTdBQkFMa0JtcG1abVptWjhUX0JBVUptdVAtSk92TV95UUVwcVFmTV9hNzFQOWtCN
      3V2QU9TTks3VF9nQVFEcUFROHhNek15TURBd0xERXpNekl3TURiMUFRQUFBQUEumgIdIWFnWjZPd2lVL
      rgA8FxvY0FTSUFBLtgClQTgAt-7EOoCsQFodHRwOi8vd3d3LmViYXkuZGUvc2NoL2kuaHRtbD9fb2Rrd
      z1QaGlsbGlwcyBNYWdpYyAyJl9mcm9tPVI0MCZfb3NhY2F0PTAuFABwdHJrc2lkPXAyMDQ1NTczLm01N
      zAubDEzMTMuVFIBBCRDMS5BMC5IMC5YAVsAaRlaIC5UUlMwJl9uawl1HRoIJl9zCWm8gAMAiAMBkAMAm
      AMMoAMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-AMD&dlo=1&referrer=http%3A%2F%2F
      www.ebay.de%2Fsch%2Fi.html%3F_odkw%3DPhillips+Magic+2%26_from%3DR40%26_osacat%3D
      0%26_from%3DR40%26_trksid%3Dp2045573.m570.l1313.TR3.TRC1.A0.H0.XPhilips+Magic+2.
      TRS0%26_nkw%3DPhilips+Magic+2%26_sacat%3D0"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

27.04.2015 19:05 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QLPBfB-xgIAAAIA1gAFCNjY-akFENDepMDohvSZSxitu
      MPThtqztTIgASotCduJFXkP__I_EdCbilQYW_A_GZqZmZmZmRFAIQOsel5OjvA_KUJmuP-JOvM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4sekDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDE1NDMyOCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIUp5MFo0Z2lVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRmg0LWdLQUFhUUNpQUg2QXBBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVVKbXVQLUpPdk1feVFGUlRUb1ZGUF8xUDlrQjd1dkFPU05LN1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFad1pjT3dpVS64APBcb2NBU0lBQ
      S7YApUE4ALfuxDqArEBaHR0cDovL3d3dy5lYmF5LmRlL3NjaC9pLmh0bWw_X29ka3c9UGhpbGxpcHMgT
      WFnaWMgMiZfZnJvbT1SNDAmX29zYWNhdD0wLhQAcHRya3NpZD1wMjA0NTU3My5tNTcwLmwxMzEzLlRSA
      QQkQzEuQTAuSDAuWAFbAGkZWiAuVFJTMCZfbmsJdR0aCCZfcwlpvIADAIgDAZADAJgDDKADAaoDALADA
      LgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%
      2Fsch%2Fi.html%3F_odkw%3DPhillips+Magic+2%26_from%3DR40%26_osacat%3D0%26_from%3D
      R40%26_trksid%3Dp2045573.m570.l1313.TR3.TRC1.A0.H0.XPhilips+Magic+2.TRS0%26_nkw%
      3DPhilips+Magic+2%26_sacat%3D0"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

27.04.2015 15:55 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QLwBPB-ZwIAAAIA1gAFCOD_-KkFEI_Onp7L_pS-UBitu
      MPThtqztTIgASotCfPUbFZCt-w_Ec3K9iFvueg_GZqZmZmZmRFAIe6WuWLyevA_KX4IresNJPM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4pp0DgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDE0Mjk0NCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIU15eVdzQWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRlo0ckJlQUFhSUNpQUdzRjVBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVg0SXJlc05KUE1feVFHTHpHbGxvVXY1UDlrQkJvR1ZRNHRzN1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APCWOXB3S0lBQ
      S7YApUE4ALfuxDqAlNodHRwOi8vd3d3LmViYXkuZGUvaXRtL1NvbW1lcmtvbXBsZXR0cmFlZGVyLUZvc
      mQtUy1NYXgtdXN3LW5ldXdlcnRpZy0vMTExNjU1ODgzMDc0P4ADAIgDAZADAJgDDKADAaoDALADALgDA
      MADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fit
      m%2FSommerkomplettraeder-Ford-S-Max-usw-neuwertig-%2F111655883074%3F"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

26.04.2015 15:01 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCI_D86kFEPvrj8S3m9iDWBitu
      MPThtqztTIgASotCSuqrKLKKu4_EZrrNNJS-ek_GZqZmZmZmRFAIe6WuWLyevA_KX4IresNJPM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB44PgDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDA1MzI2Myk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8L2SArEBIWRDczVJd2lVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRlI0QW9BQm9BS0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUYtQ0szckRTVHpQOGtCVnZYOGRsN3A5al9aQVFhQmxVT0xiTzBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPOrQA8F9vY0FTSUFBLtgClQTgA
      t-7EOoCHHd3dy5lYmF5LmRlL2l0bS8zNzEzMTQyNDAzOTmAAwCIAwGQAwCYAwygAwGqAwCwAwC4AwDAA
      6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F371314240399"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

26.04.2015 14:59 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCKvC86kFEMrjluCV39vKexitu
      MPThtqztTIgASotCdjuJHGJuvI_EQu0O6QYIPA_GZqZmZmZmRFAIe6WuWLyevA_KX4IresNJPM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4ze8CgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDA1MzE2Myk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8L2SArEBIWJ5cEdBd2lVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRko0S0lBQm5nS0lBU2lRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUYtQ0szckRTVHpQOGtCQTQyd1VKYVY4al9aQVFhQmxVT0xiTzBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPOrQA8F9vY0FTSUFBLtgClQTgA
      t-7EOoCHHd3dy5lYmF5LmRlL2l0bS8yNjE4NTk2ODgwNDiAAwCIAwGQAwCYAwygAwGqAwCwAwC4AwDAA
      6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F261859688048"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

26.04.2015 14:39 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCOK486kFEK7Eg9eZ0JDlORitu
      MPThtqztTIgASotCQ1veXTR7_I_EYElV7H4TfA_GZqZmZmZmRFAIe6WuWLyevA_KX4IresNJPM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4qrQDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDA1MTkzOCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIUNpa0wwd2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRkI0SW9BQm5BS0lBU0tRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUYtQ0szckRTVHpQOGtCY3hZX1NBTWw5el9aQVFhQmxVT0xiTzBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8F85cHdLSUFBLtgCl
      QTgAt-7EOoCHHd3dy5lYmF5LmRlL2l0bS8xNjE2NzgxNjc5NDeAAwCIAwGQAwCYAwygAwGqAwCwAwC4A
      wDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F161678167
      947"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

26.04.2015 14:25 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://nym1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCJyy86kFEOj2tJ3d4Mbndhitu
      MPThtqztTIgASotCQ1veXTR7_I_EYElV7H4TfA_GZqZmZmZmRFAIe6WuWLyevA_KX4IresNJPM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4v_ACgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQzMDA1MTEwMCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIVRTcmg4UWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRkI0Qm9BQm5BS0lBUWFRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUYtQ0szckRTVHpQOGtCNHdjVDdRanM5VF9aQVFhQmxVT0xiTzBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8F9vY0FTSUFBLtgCl
      QTgAt-7EOoCHHd3dy5lYmF5LmRlL2l0bS8yNzE4NDM0NDA1ODaAAwCIAwGQAwCYAwygAwGqAwCwAwC4A
      wDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F271843440
      586"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

25.04.2015 00:00 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QKMBfB-gwIAAAIA1gAFCIn66qkFEOLWnuP-vNeUbRitu
      MPThtqztTIgASotCbPc6SIa9PE_Ebou_OB86u4_Garx0k1iEBJAIXNcWr8cefA_KW1PxnbsIfM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB43ZMDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTkxMjg0MSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIUxTN3Ffd2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRXg0MGdXQUFaZ0NpQUhTQlpBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVcxUHhuYnNJZk1feVFGb1RES203bDMwUDlrQmotVHlIOUp2N1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APB7OXB3S0lBQ
      S7YApUE4ALfuxDqAm9odHRwOi8vbXkuZWJheS5kZS93cy9lQmF5SVNBUEkuZGxsP015RWJheUJldGEmQ
      3VycmVudFBhZ2U9TXllQmF5TmV4dFNlbGxpbmcmc3NQYWdlTmFtZT1TVFJLJTNBTUUlM0FMTkxLJQEMy
      FNFWIADAIgDAZADAJgDDKADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&re
      ferrer=http%3A%2F%2Fmy.ebay.de%2Fws%2FeBayISAPI.dll%3FMyEbayBeta%26CurrentPage%3
      DMyeBayNextSelling%26ssPageName%3DSTRK%253AME%253ALNLK%253AMESEX"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

24.04.2015 17:59 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCN_Q6akFEPzC8Kv0hrqoDxitu
      MPThtqztTIgASotCbPc6SIa9PE_Ebou_OB86u4_Garx0k1iEBJAIcSjtmhoYfA_KVn8q3NkBvM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4h6kDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTg5MTE2Nyk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBITB5My04UWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRXA0M2hPQUFaWUNpQUhlRTVBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVZuOHEzTmtCdk1feVFHYWdwa2ZwWG55UDlrQmZQS3dVR3VhN1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFad1pjT3dpVS64APBhb2NBU0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

23.04.2015 20:56 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCNiA5akFEJq_rv7I38-BRhitu
      MPThtqztTIgASotCS2zjUItyfE_EcoZijve5O4_GTMzMzMzMxNAIS4h-4_vhfA_KVn8q3NkBvM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4rpcDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTgxNTM4NCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIU9pMlFyUWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRWg0OGdLQUFaUUNpQUVDa0FFQm1BRUJvQUVCcUFFR
      HNBRUF1UUdhbVptWm1abnhQOEVCV2Z5cmMyUUc4el9KQVlTVFlvd2k5dlVfMlFGODhyQlFhNXJ0UC1BQ
      kFPb0JEekV6TXpJd01EQXNNVE16TWpBd052VUJBQUFBQUEuLpoCHSFrQVpkUEFpVS64APBhOXB3S0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

23.04.2015 20:54 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QKNBfB-hAIAAAIA1gAFCPv_5KkFELbVwdKFhJvVbBitu
      MPThtqztTIgASotCS2zjUItyfE_EcoZijve5O4_GZhuEoPAyghAIS4h-4_vhfA_KVn8q3NkBvM_MJnUP
      jjLA0DMEUgCULjv-wxY9pwKYABog4gDcAB4-voDgAEBigEDVVNEkgUG8GOYAaABoAHYBKgBAbABALgBA
      sABBcgBANABANgBAOABAPABAPoBBTE4NjQ0igJXdWYoJ2EnLCAyNDgzODcsIDE0Mjk4MTUyOTEpO3VmK
      CdjJywgNzYzNjg4NCwgMTQyOTgxNTI5DR0AcgE5GDcxOTUzMjA2HgDwxJICtQEhMkN5cnhnaVVqOUlER
      Uxqdi13d1lBQ0QybkFvd0FEZ0FRQUJJekJGUW1kUS1XQUZnTldnQWNCUjQwaGFBQVpJQ2lBSHVBcEFCQ
      VpnQkFhQUJBYWdCQTdBQkFMa0JtcG1abVptWjhUX0JBVm44cTNOa0J2TV95UUZEQlZsMDN4VDVQOWtCZ
      lBLd1VHdWE3VF9nQVFEcUFROHhNek15TURBd0xERXpNekl3TURiMUFRQUFBQUEumgIdIWt3WjdQQWlVL
      rgA8Hs5cHdLSUFBLtgClQTgAt-7EOoCb2h0dHA6Ly9teS5lYmF5LmRlL3dzL2VCYXlJU0FQSS5kbGw_T
      XlFYmF5QmV0YSZDdXJyZW50UGFnZT1NeWVCYXlOZXh0U2VsbGluZyZzc1BhZ2VOYW1lPVNUUkslM0FNR
      SUzQUxOTEslAQzIU0VYgAMAiAMBkAMAmAMMoAMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-
      AMD&dlo=1&referrer=http%3A%2F%2Fmy.ebay.de%2Fws%2FeBayISAPI.dll%3FMyEbayBeta%26C
      urrentPage%3DMyeBayNextSelling%26ssPageName%3DSTRK%253AME%253ALNLK%253AMESEX"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

23.04.2015 17:51 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QLBBPB-OAIAAAIA1gAFCO2p5KkFEM7kkr61-ZiLChitu
      MPThtqztTIgASotCS2zjUItyfE_EcoZijve5O4_GTMzMzMzMxNAIcs-h9QEY_A_Ke1zSE0w3vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4_egDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTgwNDI2OSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8L2SArEBIUlDM0piQWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRVo0QW9BQmtBS0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUh0YzBoTk1ON3lQOGtCcDVubXM4d0ctRF9aQVgydXRtSl8yZTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQOrQA8Gs5cHdLSUFBLtgClQTgA
      t-7EOoCKGh0dHA6Ly9mZWVkYmFjay5lYmF5LmRlL3dzL2VCYXlJU0FQSS5kbGyAAwCIAwGQAwCYAwygA
      wGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Ffeed
      back.ebay.de%2Fws%2FeBayISAPI.dll"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

23.04.2015 17:50 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCLCp5KkFEJnjuZiw69DrYBitu
      MPThtqztTIgASotCS2zjUItyfE_EcoZijve5O4_GTMzMzMzMxNAIcs-h9QEY_A_Ke1zSE0w3vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4wbQDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTgwNDIwOCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIXBpM3k3Z2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRVI0MUJPQUFZNENpQUhVRTVBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQWUxelNFMHczdklfeVFFZjZ1TUllZ1B5UDlrQmZhNjJZbl9aN1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APBhOXB3S0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

22.04.2015 20:51 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QL-BPB-dQIAAAIA1gAFCK7b36kFEMe14cOTnJCNeBitu
      MPThtqztTIgASotCdWtkm_SkPI_ER09fm_TH_A_GTMzMzMzMxNAIcs-h9QEY_A_Ke1zSE0w3vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4oZgCgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTcyODY4Nik7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8L2SArEBIWhTem5VQWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRUo0Q0lBQmpBS0lBUWlRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUh0YzBoTk1ON3lQOGtCTngtdTN1cEEtRF9aQVgydXRtSl8yZTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQOrQA8Kg5cHdLSUFBLtgClQTgA
      t-7EOoCZWh0dHA6Ly93d3cuZWJheS5kZS9zY2gvaS5odG1sP19zb3A9MSZfZnJvbT1SNDAlN0NSNDAmX
      3NhY2F0PTAmX25rdz1zYW5kc3BpZWx6ZXVnJl9wZ249MiZfc2tjPTUwJnJ0PW5jgAMAiAMBkAMAmAMMo
      AMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-AMD&dlo=1&referrer=http%3A%2F%2Fwww.
      ebay.de%2Fsch%2Fi.html%3F_sop%3D1%26_from%3DR40%257CR40%26_sacat%3D0%26_nkw%3Dsa
      ndspielzeug%26_pgn%3D2%26_skc%3D50%26rt%3Dnc"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

22.04.2015 20:48 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://nym1.ib.adnxs.com/if?e=wqT_3QLHBfB-vgIAAAIA1gAFCPrZ36kFEJ2cmdnj2oHfSxitu
      MPThtqztTIgASotCdWtkm_SkPI_ER09fm_TH_A_GTMzMzMzMxNAIcs-h9QEY_A_Ke1zSE0w3vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4zO8DgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTcyODUwNik7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIWt5MmxmUWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRUo0QW9BQmpBS0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUh0YzBoTk1ON3lQOGtCMHZTRlc4MnktVF9aQVgydXRtSl8yZTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8F45cHdLSUFBLtgCl
      QTgAt-7EOoCrQFodHRwOi8vd3d3LmViYXkuZGUvc2NoL2kuaHRtbD9fb2Rrdz1TaWt1IGJhZ2dlciZfc
      29wPTEmX2Zyb209UjQwJl9vc2FjYXQ9MC4UAPBSdHJrc2lkPXAyMDQ1NTczLm01NzAubDEzMTEuUjEuV
      FI5LlRSQzEuQTAuSDAuWHNhbmQgc3BpLlRSUzAmX25rdz1zYW5kc3BpZWx6ZXVnJl9zYWMBY7yAAwCIA
      wGQAwCYAwygAwGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%
      3A%2F%2Fwww.ebay.de%2Fsch%2Fi.html%3F_odkw%3DSiku+bagger%26_sop%3D1%26_from%3DR4
      0%26_osacat%3D0%26_from%3DR40%26_trksid%3Dp2045573.m570.l1311.R1.TR9.TRC1.A0.H0.
      Xsand+spi.TRS0%26_nkw%3Dsandspielzeug%26_sacat%3D0"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

22.04.2015 20:48 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://nym1.ib.adnxs.com/if?e=wqT_3QK_DPCBNgYAAAIA1gAFCPrZ36kFEKCBhsuDo-mXaRitu
      MPThtqztTIgASotCUdI7QipHfE_ETvfT42Xbu4_GcuhRbbzfRRAIZZ9DqkJxvA_Ke1zSE0w3vI_MI6jt
      QE45QJAzBFIAlC47_sMWL3IAWAAaIC-A3DbCXjWpQOAAQGKAQNVU0SSAQEG9AABmAGgAaAB2ASoAQGwA
      QC4AQLAAQXIAQDQAQDYAQDgAQDqAYcIaHR0cCUzQSUyRiUyRm94LWQuZWJheWRlYi5zZXJ2ZWRieW9wZ
      W54LmNvbSUyRnclMkYxLjAlMkZyYyUzRmVlJTNEYXBpX3N5bmNfd3JpdGUlMjZlZiUzRGJ0JTI1MkNkY
      iUyNnRzJTNEMWZISnBaRDB5TnpBMU5XSmxNUzA1WXpCbUxUUm1ZVGN0WW1RMk5TMDBPR1ExWkRkbU9EQ
      TBOamQ4Y25ROU1UUXlPVGN5T0RVd05ueGhkV2xrUFRVek56UTVOelEyTjN4aGRXMDlSRTFKUkM1WFJVS
      jhjMmwNJPB4RTROalUxTW54d2RXSTlOVE0zTVRBME16WXlmSEJqUFVWVlVueDRkRDFoY0dsZmMzbHVZM
      TkzY21sMFpYeHlZV2xrUFRZMk1EWmtZamswTFdJMU9HTXROR016WkMwNVpqZG1MV1kxT1dabVkyRTNPR
      GcwTkh4aGFXUQ1sdFUzTkRrNWZIUTlNVEo4WVhNOU1UWXdlRFl3TUh4cxkoIEkxTXpFMGZHOSEoiDFNe
      mN4TURFNU56RjhjRDA1TlRGOGNISTlOems0ZkdGa2RqBSTwdXdOekkwTURCOFlXTTlWVk5FZkhCdFBWQ
      lNTVU5KVGtjdVExQk5mRzA5TVh4aGFUMHhOVEprTURkaU1TMWtZVFF4TFRSak5EQXRZV1F4T0MxbVpUY
      zBZekkyT1RVek5HRjhiV005UjBKUWZHMXlQVGsxZkhCcFAB1PB1SHh0ZFdrOVpUUmxabU13WWprdE9HR
      mxaUzAwTWpnekxUZGhPRGN0TkRkbU5EUTFNVFV5TmpRMmZHMWhQV05sTmpCallURm1MVE0yWVRZdE5HU
      mxOaTA1TkRoakxUWTBaakJqTmpSaFpUSTRaWHh0Y25ROU1UUS4IAkx0Y21NOVUxSlVYMWRQVG54dGQyR
      Sl0qERjeU5EQXdmR05yUFRGOGJYZGlhVDB5TkRFM2ZHMTNZajAyT1RoOGJXRncB1DRNWHhsYkdjOU1Ye
      HRiMi1INEcxdmNqMDVOWHh0Y0dNMQSQd2NqMDFOelI4YlhCbVBUYzVPSHh0YldZOU5UYzBmRzF3Ym1ZO
      SXwCEcxdAEMDE16VTUBTFxQVTlZTFVkQ2ZHVmpQVEkzTVRrMU16SXcBNCxkVDA0TlRWOGJXTncNkAx0Z
      DJNCcwYVEF4T1RjeAG4BGNEJfQYeE1qVXpNVAGEBGRqAZAMTXpjeAGACE9UbAHsDHBjejAJMPBUSFE5Y
      jNoZmNISnZkRzk4ZFhJOVYyNDJNa1ZyY1VSa1J3JTI2ciUzRPABAPoBCHZlcnQtNjAzigJXdWYoJ2EnL
      CAyNDgzODcsIDE0Mjk3Mjg1MDYpOwEcKGMnLCA3NjM2ODg0Rh0ALHInLCAyNzE5NTMyMDYeAPCckgK1A
      SFGQzA5Y3dpVWo5SURFTGp2LXd3WUFDQzl5QUV3QURnQVFBQkl6QkZRanFPMUFWZ0JZRFZvQUhBVWVBU
      0FBWXdDaUFFQ2tBRUJtQUVCb0FFQnFBRURzQUVBdVFHYW1abVptWm54UDhFQjdYTklUVERlOGpfSkFaL
      XQ2TU9hSHZNXzJRRjlyclppZjludFAtQUJBT29CRHpFeiGOQE1EQXNNVE16TWpBd052VUJBBQEoLi6aA
      h0hZlFiek86uABwdmNnQklBQS7YAgDgAqXtGOoCEmh0dHA6Ly93d3elTMguZGWAAwCIAwGQAwCYAwugA
      wGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.
      ebay.de"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

22.04.2015 20:46 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCJnZ36kFEML7_Oz-y465Xxitu
      MPThtqztTIgASotCQROO-EvM_I_EY4-5gMCne8_GTMzMzMzMxNAIcs-h9QEY_A_Ke1zSE0w3vI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4yJoDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTcyODQwOSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIVRpdDdFQWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRUI0QW9BQmlnS0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUh0YzBoTk1ON3lQOGtCYTBTRVQwTkw5al9aQVgydXRtSl8yZTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8F9vY0FTSUFBLtgCl
      QTgAt-7EOoCHHd3dy5lYmF5LmRlL2l0bS8yMDEzMzMwNDQxOTiAAwCIAwGQAwCYAwygAwGqAwCwAwC4A
      wDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F201333044
      198"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

22.04.2015 20:45 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QKbBfB-kgIAAAIA1gAFCNzY36kFENz-pqeBzbzVWRitu
      MPThtqztTIgASotCdWtkm_SkPI_ER09fm_TH_A_GTMzMzMzMxNAIcs-h9QEY_A_Ke1zSE0w3vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4zpgCgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTcyODM0OCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBITN5Mms0Z2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRDU0bWhhQUFZWUNpQUdhRnBBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQWUxelNFMHczdklfeVFHWS1UcnNUeG41UDlrQmZhNjJZbl9aN1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APDBOXB3S0lBQ
      S7YApUE4ALfuxDqAn5odHRwOi8vd3d3LmViYXkuZGUvc2NoL2kuaHRtbD9fZnJvbT1SNDAmX3Rya3NpZ
      D1wMjA1MDYwMS5tNTcwLmwxMzEzLlRSNS5UUkMyLkEwLkgwLlhTaWt1IGJhZ2dlci5UUlMwJl9ua3c9U
      2lrdSBiYWdnZXImX3NhY2F0PTCAAwCIAwGQAwCYAwygAwGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoA
      wDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2Fi.html%3F_from%3DR40
      %26_trksid%3Dp2050601.m570.l1313.TR5.TRC2.A0.H0.XSiku+bagger.TRS0%26_nkw%3DSiku+
      bagger%26_sacat%3D0"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

22.04.2015 20:45 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK_DPCBNgYAAAIA1gAFCNzY36kFENzxu6LJ497oMxitu
      MPThtqztTIgASotCUdI7QipHfE_ETvfT42Xbu4_GcuhRbbzfRRAIZZ9DqkJxvA_Ke1zSE0w3vI_MI6jt
      QE45QJAzBFIAlC47_sMWL3IAWAAaIC-A3DbCXiTtQOAAQGKAQNVU0SSAQEG9AABmAGgAaAB2ASoAQGwA
      QC4AQLAAQXIAQDQAQDYAQDgAQDqAYcIaHR0cCUzQSUyRiUyRm94LWQuZWJheWRlYi5zZXJ2ZWRieW9wZ
      W54LmNvbSUyRnclMkYxLjAlMkZyYyUzRmVlJTNEYXBpX3N5bmNfd3JpdGUlMjZlZiUzRGJ0JTI1MkNkY
      iUyNnRzJTNEMWZISnBaRDAzWXpSak56SmhNQzFrT0RZNExUUXlZakl0T1dKbU5TMHlNakl4TURGaE4yU
      mpORGg4Y25ROU1UUXlPVGN5T0RNME9IeGhkV2xrUFRVek56UTVOelEyTjN4aGRXMDlSRTFKUkM1WFJVS
      jhjMmwNJPB4RTROalUxTW54d2RXSTlOVE0zTVRBME16WXlmSEJqUFVWVlVueDRkRDFoY0dsZmMzbHVZM
      TkzY21sMFpYeHlZV2xrUFRJek9UaGhNbU00TFdSbFpqTXROR0UwTUMwNE9ETXdMVGMzWXpjNFpUYzRNV
      EJtWlh4aGFXUQ1sdFUzTkRrNWZIUTlNVEo4WVhNOU1UWXdlRFl3TUh4cxkoIEkxTXpFMGZHOSEoiDFNe
      mN4TURFNU56RjhjRDA1TlRGOGNISTlOems0ZkdGa2RqBSTwdXdOekkwTURCOFlXTTlWVk5FZkhCdFBWQ
      lNTVU5KVGtjdVExQk5mRzA5TVh4aGFUMHhOVEprTURkaU1TMWtZVFF4TFRSak5EQXRZV1F4T0MxbVpUY
      zBZekkyT1RVek5HRjhiV005UjBKUWZHMXlQVGsxZkhCcFAB1PB1SHh0ZFdrOVpUUmxabU13WWprdE9HR
      mxaUzAwTWpnekxUZGhPRGN0TkRkbU5EUTFNVFV5TmpRMmZHMWhQVGczT0RNek1XVXlMVEl6WVRFdE5HU
      TJZeTA0TWpaaUxUWXdaRFppWTJFd05tRTVOWHh0Y25ROU1UUS4IAkx0Y21NOVUxSlVYMWRQVG54dGQyR
      Sl0qERjeU5EQXdmR05yUFRGOGJYZGlhVDB5TkRFM2ZHMTNZajAyT1RoOGJXRncB1DRNWHhsYkdjOU1Ye
      HRiMi1IFEcxdmNqMAl8BEdNMQSQd2NqMDFOelI4YlhCbVBUYzVPSHh0YldZOU5UYzBmRzF3Ym1ZOSXwC
      EcxdAEMDE16VTUBTFxQVTlZTFVkQ2ZHVmpQVEkzTVRrMU16SXcBNCxkVDA0TlRWOGJXTncNkAx0ZDJNC
      cwYVEF4T1RjeAG4BGNEJfQYeE1qVXpNVAGEBGRqAZAMTXpjeAGACE9UbAHsDHBjejAJMPBUSFE5YjNoZ
      mNISnZkRzk4ZFhJOVkxRlJTbkpoUWxWT1NRJTI2ciUzRPABAPoBCHZlcnQtNjAzigJXdWYoJ2EnLCAyN
      DgzODcsIDE0Mjk3MjgzNDgpOwEcKGMnLCA3NjM2ODg0Rh0ALHInLCAyNzE5NTMyMDYeAPDEkgK1ASFLQ
      zVoOVFpVWo5SURFTGp2LXd3WUFDQzl5QUV3QURnQVFBQkl6QkZRanFPMUFWZ0JZRFZvQUhBU2VKb1dnQ
      UdHQW9nQm1oYVFBUUdZQVFHZ0FRR29BUU93QVFDNUFacVptWm1abWZFX3dRSHRjMGhOTU43eVA4a0IwZ
      0EtemRUQjhqX1pBWDJ1dG1KXzJlMF80QUVBNmdFUE1UTXpNakF3TUN3eE16TXlNREEyOVFFQUFBQUGaA
      h0hZlFiek93aVUuuADwVHZjZ0JJQUEu2AIA4AKl7RjqAhJodHRwOi8vd3d3LmViYXkuZGWAAwCIAwGQA
      wCYAwugAwGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2
      F%2Fwww.ebay.de"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

21.04.2015 21:04 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QKTBfB-igIAAAIA1gAFCMy-2qkFEMerlL2o-7uxPhitu
      MPThtqztTIgASotCe8T67ySpfI_EYvgfyvZMfA_Ga5H4XoULhNAIV5RV9QVdfA_KRO-EpP98vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4rqkDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTY0MzA4NCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8L2SArEBIUdTM3ViQWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRHg0Q29BQmdnS0lBUXFRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUVUdmhLVF9mTHlQOGtCdE85dHNJeGY5VF9aQVNuTEVNZTZ1TzBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQOrQA8L05cHdLSUFBLtgClQTgA
      t-7EOoCemh0dHA6Ly93d3cuZWJheS5kZS9zY2gvaS5odG1sP19mcm9tPVI0MCZfdHJrc2lkPXAyMDUwN
      jAxLm01NzAubDEzMTMuVFI4LlRSQzEuQTAuSDAuWG5pa29uIGQzcy5UUlMwJl9ua3c9bmlrb24gZDNzJ
      l9zYWNhdD0wgAMAiAMBkAMAmAMMoAMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-AMD&dlo=
      1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2Fi.html%3F_from%3DR40%26_trksid%3Dp20
      50601.m570.l1313.TR8.TRC1.A0.H0.Xnikon+d3s.TRS0%26_nkw%3Dnikon+d3s%26_sacat%3D0"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

21.04.2015 21:04 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QLFDPCBPAYAAAIA1gAFCMy-2qkFEOCf-76QodOyfxitu
      MPThtqztTIgASotCYBAIBAIBPI_EWq8dJMYBPA_GS2yne-nxhVAIQxs5tOH2PA_KRO-EpP98vI_MI6jt
      QE45QJAzBFIAlC47_sMWL3IAWAAaIC-A3DbCXismQOAAQGKAQNVU0SSAQEG9AABmAGgAaAB2ASoAQGwA
      QC4AQLAAQXIAQDQAQDYAQDgAQDqAY0IaHR0cCUzQSUyRiUyRm94LWQuZWJheWRlYi5zZXJ2ZWRieW9wZ
      W54LmNvbSUyRnclMkYxLjAlMkZyYyUzRmVlJTNEYXBpX3N5bmNfd3JpdGUlMjZlZiUzRGJ0JTI1MkNkY
      iUyNnRzJTNEMWZISnBaRDFpT1RRNE5EQmtaUzA1TWpnNExUUXpaV0V0WW1Ga09TMHhZalpoTTJFMU9ER
      mhPRGw4Y25ROU1UUXlPVFkwTXpBNE5IeGhkV2xrUFRVek56UTVOelEyTjN4aGRXMDlSRTFKUkM1WFJVS
      jhjMmwNJPBARTROalUxTW54d2RXSTlOVE0zTVRBME16WXlmSEJqUFVWVlVueDRkRDFoY0dsZmMzbHVZM
      TkzY21sMFpYeHlZV2wBSNB3Wm1RMk1qSXhMV0prTkdZdE5EYzJaaTFpTjJZeUxXRm1NVFV3WldRNVl6S
      XhOSHhoYVdROQlsdFUzTkRrNWZIUTlNVEo4WVhNOU1UWXdlRFl3TUh4cxkowEkxTXpFMGZHOXBaRDAxT
      XpjeE1ERTVOekY4Y0QweE1EQXhmSEJ5UFRnek4zeGhaSFkJzPBsRGN5TkRBd2ZHRmpQVlZUUkh4d2JUM
      VFVa2xEU1U1SExrTlFUWHh0UFRGOFlXazlNVFV5WkRBM1lqRXRaR0UwTVMwMFl6UXdMV0ZrTVRndFptV
      TNOR015TmprMU16UmhmRzFqUFVkQ1VIeHRjagGI8J9COGNHazlOakF6ZkcxMWFUMWxOR1ZtWXpCaU9TM
      DRZV1ZsTFRReU9ETXROMkU0TnkwME4yWTBORFV4TlRJMk5EWjhiV0U5TkRobVlUQmpPRGt0TW1ZMk5DM
      DBNRE0xTFdJNU5qY3RaVEl5TmpZMVlUa3hZMlV6ZkcxeWREMHhOREk1TmpRek1EZzBmRzF5WXoxVFVsU
      mZWMDlPZkcxM1lUJTzgd056STBNREI4WTJzOU1YeHRkMkpwUFRJME1UZDhiWGRpUFRjd00zeHRZWEE5T
      VRBd01YeGxiR2M5ASw8YjJNOVZWTkVmRzF2Y2oweAFIBGJYQSwEZEMlCARISTEANHdaajAzT1RsOGJXM
      W1QIexAbnh0Y0c1bVBUUTVPWHh0YlcBDHRNMk1IeHRiejFQV0MxSFFueGxZejB5TnpFNU5UTXkBHBxjS
      FU5T1RBeCFwNfAQRzEzWXoF0FUMRGJYZHdQVFV6TnpFeU5UTXhOSAHcBE55DRQIMU56CXgMZDJseiH0A
      TDwY2REMXZlRjl3Y205MGIzeDFjajFKUkhOTVJURnFkVnB1JTI2ciUzRPABAPoBCHZlcnQtNjAzigJXd
      WYoJ2EnLCAyNDgzODcsIDE0Mjk2NDMwODQpO3VmKCdjJywgNzYzNjg4NCxCHQAAcgE5HDcxOTUzMjAsM
      h4A8MSSArUBIWtDMlV1d2lVajlJREVManYtd3dZQUNDOXlBRXdBRGdBUUFCSXpCRlFqcU8xQVZnQllEV
      m9BSEFRZUlCTGdBR0NBb2dCQ3BBQkFaZ0JBYUFCQWFnQkE3QUJBTGtCbXBtWm1abVo4VF9CQVJPLUVwU
      Dk4dklfeVFIbE9kTGlJM0x5UDlrQktjc1F4N3E0N1RfZ0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EY
      jFBUUFBQUFBLpoCHSFmUWJ6T3dpVS64AHB2Y2dCSUFBLtgCAOACpe0Y6gISaHR0cDovL3d3d6VSyC5kZ
      YADAIgDAZADAJgDC6ADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referr
      er=http%3A%2F%2Fwww.ebay.de"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

21.04.2015 20:59 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK5BPB-MAIAAAIA1gAFCPG72qkFEKCx-8e0wd70Xxitu
      MPThtqztTIgASotCW041z42qOw_EfTeGAKA4-g_Ga5H4XoULhNAIV5RV9QVdfA_KRO-EpP98vI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4rpMDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTY0MjczNyk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIWxpMksyUWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRHA0M0FLQUFZQUNpQUhjQXBBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVJPLUVwUDk4dklfeVFFUy1UNHZ1M24yUDlrQktjc1F4N3E0N1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFad1pjT3dpVS64APBfb2NBU0lBQ
      S7YApUE4ALfuxDqAhx3d3cuZWJheS5kZS9pdG0vMTkxNTYyNzg2NzA4gAMAiAMBkAMAmAMMoAMBqgMAs
      AMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-AMD&dlo=1&referrer=www.ebay.de%2Fitm%2F19156
      2786708"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

21.04.2015 18:04 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QKjBfB-mgIAAAIA1gAFCPjp2akFEILNz-TyoIGlHBitu
      MPThtqztTIgASotCR0JkImTd-Y_ES2T4Xg-g-M_Ga5H4XoULhNAITaIpIlFc_A_KeEp7Pvm8PI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4-fEDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTYzMjI0OCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIXlpX0dYd2lVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRGg0dGgtQUFmNEJpQUcySDVBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQWVFcDdQdm04UElfeVFFazBOeHJvc1g0UDlrQnNpNXVvd0c4N1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFad1pjT3dpVS64APDJb2NBU0lBQ
      S7YApUE4ALfuxDqAoUBaHR0cDovL3d3dy5lYmF5LmRlL2l0bS9Tb255LVhQRVJJQS1aMS1Db21wYWN0L
      UQ1NTAzLTE2LUdCLVNjaHdhcnotT2huZS1TaW1sb2NrLVNtYXJ0cGhvbmUtLzM3MTMwODczMTc0ND9zc
      1BhZ2VOYW1lPUFETUU6TDpMQ0E6REU6MTEyM4ADAIgDAZADAJgDDKADAaoDALADALgDAMADrALIAwDYA
      4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fitm%2FSony-XPE
      RIA-Z1-Compact-D5503-16-GB-Schwarz-Ohne-Simlock-Smartphone-%2F371308731744%3FssP
      ageName%3DADME%3AL%3ALCA%3ADE%3A1123"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

20.04.2015 08:32 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QLgBPB-VwIAAAIA1gAFCPW60qkFELuV6rKo2fOjeBitu
      MPThtqztTIgASotCRGd_EUE_fE_Edv8v-rIEe8_GT81XrpJjBFAIda7NcVAbPA_Kce42JNJBPM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4upYDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTUxMTU0MSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIUhTdDBMUWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRFo0QW9BQl9BR0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUhIdU5pVFNRVHpQOGtCcnBKWkNiaWs4al9aQVFSV0RpMnluZTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8IpvY0FTSUFBLtgCl
      QTgAt-7EOoCR2h0dHA6Ly93d3cuZWJheS5kZS9teWIvUHVyY2hhc2VIaXN0b3J5P015RWJheUJldGEmQ
      3VycmVudFBhZ2U9TXllQmF5V29ugAMAiAMBkAMAmAMMoAMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6
      AMA8AMA-AMD&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fmyb%2FPurchaseHistory%3FMy
      EbayBeta%26CurrentPage%3DMyeBayWon"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

20.04.2015 08:32 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://nym1.ib.adnxs.com/if?e=wqT_3QLcBPB-UwIAAAIA1gAFCOy60qkFEIaK9sinlvjoNBitu
      MPThtqztTIgASotCRGd_EUE_fE_Edv8v-rIEe8_GT81XrpJjBFAIda7NcVAbPA_Kce42JNJBPM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB47OsDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTUxMTUzMik7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIVB5elpad2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjRFo0QW9BQl9BR0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUhIdU5pVFNRVHpQOGtCWTJucWtQUzU5al9aQVFSV0RpMnluZTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8IY5cHdLSUFBLtgCl
      QTgAt-7EOoCQ2h0dHA6Ly93d3cuZWJheS5kZS9teWIvUHVyY2hhc2VIaXN0b3J5P190cmtzaWQ9cDIwN
      jAzNTMubTIwMzQubDMzOTGAAwCIAwGQAwCYAwygAwGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwA
      wD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fmyb%2FPurchaseHistory%3F_trksi
      d%3Dp2060353.m2034.l3391"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

19.04.2015 13:49 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QKWBfB-jQIAAAIA1gAFCLWszqkFENKApu_b_Mf3ahitu
      MPThtqztTIgASotCSYK_HSxz_I_EVch5SfVPvA_GQrXo3A9ihBAIda7NcVAbPA_Kce42JNJBPM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4_JUDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTQ0NDE0OSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBITdpcXJOd2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjREo0Rm9BQi1BR0lBUmFRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUhIdU5pVFNRVHpQOGtCVHVCNVBEeGw5RF9aQVFSV0RpMnluZTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8MA5cHdLSUFBLtgCl
      QTgAt-7EOoCfWh0dHA6Ly93d3cuZWJheS5kZS9zY2gvaS5odG1sP19mcm9tPVI0MCZfdHJrc2lkPXAyM
      DQ3Njc1Lm01NzAubDEzMTMuVFIxMC5UUkMwLkEwLkgwLlRSUzAmX25rdz1Tb255IHhwZXJpYSB6MSBjb
      21wYWN0Jl9zYWNhdD0wgAMAiAMBkAMAmAMMoAMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-
      AMD&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2Fi.html%3F_from%3DR40%26_trks
      id%3Dp2047675.m570.l1313.TR10.TRC0.A0.H0.TRS0%26_nkw%3DSony+xperia+z1+compact%26
      _sacat%3D0"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

19.04.2015 13:37 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK3BPB-LgIAAAIA1gAFCISnzqkFEPmDmoqRq6eGRxitu
      MPThtqztTIgASotCRGd_EUE_fE_Edv8v-rIEe8_GQrXo3A9ihBAIda7NcVAbPA_Kce42JNJBPM_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB48ZcDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTQ0MzQ2MCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIXl5ejVlQWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjREI0Rm9BQjlnR0lBUmFRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUhIdU5pVFNRVHpQOGtCZXQzeXlxdk45el9aQVFSV0RpMnluZTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8GFvY0FTSUFBLtgCl
      QTgAt-7EOoCHmh0dHA6Ly93d3cuZWJheS5kZS9teWIvU3VtbWFyeYADAIgDAZADAJgDDKADAaoDALADA
      LgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%
      2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

19.04.2015 13:25 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCLihzqkFEL7Lk4vD7oXaMRitu
      MPThtqztTIgASotCYFVjHS1Iu4_EaWFyypsBuo_GQrXo3A9ihBAIda7NcVAbPA_Kce42JNJBPM_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4raUDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTQ0Mjc0NCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIWlDa0c4d2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQzU0QW9BQjlBR0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUhIdU5pVFNRVHpQOGtCUGtnY1R3aFU5VF9aQVFSV0RpMnluZTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8F85cHdLSUFBLtgCl
      QTgAt-7EOoCHHd3dy5lYmF5LmRlL2l0bS8xODE3MTE0Mzk0NjmAAwCIAwGQAwCYAwygAwGqAwCwAwC4A
      wDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F181711439
      469"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

19.04.2015 13:24 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCPqgzqkFEMuvst6kntjzVhitu
      MPThtqztTIgASotCRGd_EUE_fE_Edv8v-rIEe8_GQrXo3A9ihBAIfPUl157YPA_KY22yDqo9vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4gagDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTQ0MjY4Mik7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIWdTMVhCUWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQ3g0MmhhQUFmSUJpQUhhRnBBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCb1hCaE5meU04VF9CQVkyMnlEcW85dklfeVFHaGNHRTFfSXp4UDlrQkJGWU9MYktkN1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APBhOXB3S0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

18.04.2015 13:11 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCOX3yKkFEMydjJnbqOLfdxitu
      MPThtqztTIgASotCS8z6PUvgPA_ES3ovTEEgOw_Gcl2vp8aLw9AIaXY3eYwVe0_KT3dLgSc-_A_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4jPIDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTM1NTQ5Myk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8L2SArEBIUVTcU52d2lVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQ3A0RG9BQjhBR0lBUTZRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWDlDSGxzSWh1OF93UUU5M1M0RW5QdndQOGtCZjBJZVd3aUc3el9aQWZ0Y2JjWC1zdTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPOrQA8F9vY0FTSUFBLtgClQTgA
      t-7EOoCHHd3dy5lYmF5LmRlL2l0bS8yMjE3Mzg1NDE4MzmAAwCIAwGQAwCYAwygAwGqAwCwAwC4AwDAA
      6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F221738541839"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

18.04.2015 13:04 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK3BPB-LgIAAAIA1gAFCKn0yKkFEM-Atejh-9vEDRitu
      MPThtqztTIgASotCREnZbcT9fE_ESbg10gSBO8_Gcl2vp8aLw9AIblBi6F5YPA_Kaw6cTem9vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB47pcDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTM1NTA0OSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8L2SArEBIUdTMXFkQWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQ2g0RklBQjdBR0lBUlNRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUdzT25FM3B2YnlQOGtCX2lzS0tuTzE4VF9aQWZ0Y2JjWC1zdTBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQOrQA8GE5cHdLSUFBLtgClQTgA
      t-7EOoCHmh0dHA6Ly93d3cuZWJheS5kZS9teWIvU3VtbWFyeYADAIgDAZADAJgDDKADAaoDALADALgDA
      MADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fmy
      b%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

18.04.2015 13:04 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK8BPB-MwIAAAIA1gAFCKn0yKkFEJDe5OmVrpPMXBitu
      MPThtqztTIgASotCdd7znfM9u8_ESaN0Tqqmus_Gbbz_dR46QFAIT2QoeHEw-s_KaQ-To0yE_A_MJnUP
      jjLA0DMEUgCULjv-wxYocASYABog4gDcAB4w_sDgAEBigEDVVNEkgUG8GOYAaABoAHYBKgBAbABALgBA
      sABBcgBANABANgBAOABAPABAPoBBTE4NjQ0igJXdWYoJ2EnLCAyNDgzODcsIDE0MjkzNTUwNDkpO3VmK
      CdjJywgNzYzNjg4NCwgMTQyOTM1NTA0DR0AcgE5GDcxOTUzMjA2HgDwxJICtQEheVMyanNBaVVqOUlER
      Uxqdi13d1lBQ0Nod0JJd0FEZ0FRQUJJekJGUW1kUS1XQUZnTldnQWNBNTQyaFNBQWV3QmlBRVVrQUVCb
      UFFQm9BRUJxQUVEc0FFQXVRSGJtWjRwb2RidFA4RUJwRDVPalRJVDhEX0pBZHVabmltaDF1MF8yUUg3W
      EczRl9yTHRQLUFCQU9vQkR6RXpNekl3TURBc01UTXpNakF3TnZVQkFBQUFBQS4umgIdIWFnWjZPd2lVL
      rgA8GFvY0FTSUFBLtgClQTgAt-7EOoCHmh0dHA6Ly93d3cuZWJheS5kZS9teWIvU3VtbWFyeYADAIgDA
      ZADAJgDDKADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%
      3A%2F%2Fwww.ebay.de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

18.04.2015 12:54 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QL7BPB-cgIAAAIA1gAFCM3vyKkFENSzjJOnm7rUVxitu
      MPThtqztTIgASotCUD8wIlUoOY_ETi_YaJBiuM_Gcl2vp8aLw9AIblBi6F5YPA_Kaw6cTem9vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4hugDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTM1NDQ0NSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIXZTN2RHZ2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQ1o0eGhTQUFlb0JpQUhHRkpBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQWF3NmNUZW05dklfeVFGTWpXQ1JZSFh6UDlrQi0xeHR4ZjZ5N1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APChOXB3S0lBQ
      S7YApUE4ALfuxDqAl5odHRwOi8vd3d3LmViYXkuZGUvaXRtLzIyMTczODU0MTgzOT9fdHJrc2lkPXAyM
      DYwMzUzLm0xNDM4LmwyNjQ5JnNzUGFnZU5hbWU9U1RSSyUzQU1FQklEWCUzQUlUgAMAiAMBkAMAmAMMo
      AMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-AMD&dlo=1&referrer=http%3A%2F%2Fwww.
      ebay.de%2Fitm%2F221738541839%3F_trksid%3Dp2060353.m1438.l2649%26ssPageName%3DSTR
      K%253AMEBIDX%253AIT"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

18.04.2015 12:53 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://nym1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCMHvyKkFEN6Bu5SgudTwMRitu
      MPThtqztTIgASotCREnZbcT9fE_ESbg10gSBO8_Gcl2vp8aLw9AIblBi6F5YPA_Kaw6cTem9vI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4nvIDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTM1NDQzMyk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIUZqRDhVZ2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQ1o0eGhTQUFlb0JpQUhHRkpBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQWF3NmNUZW05dklfeVFGX1c3SGZ6OEh4UDlrQi0xeHR4ZjZ5N1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APBhOXB3S0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

17.04.2015 14:58 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QL-BPB-dQIAAAIA1gAFCO6GxKkFEInmlPDdmqXqZxitu
      MPThtqztTIgASotCdn5u2lad_I_EeyGbYsyG_A_GTEIrBxaZA1AITh8NCaad_A_KWiU6i1M4fI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB47ewDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTI3NTUwMik7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBITFTcGZIZ2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQ1I0QW9BQjVnR0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUZvbE9vdFRPSHlQOGtCWXhGaS1VQUk5el9aQVRHWktoaVYxTzBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8HI5cHdLSUFBLtgCl
      QTgAt-7EOoCZWh0dHA6Ly93d3cuZWJheS5kZS9zY2gvaS5odG1sP19mcm9tPVI0MCZfc2FjYXQ9MCZMS
      F9JdGVtQ29uZGl0aW9uPTQmX25rdz1mcml0eiA0NTAmcnQ9bmMmTEhfQXVjBSLAMYADAIgDAZADAJgDD
      KADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2F%2F
      www.ebay.de%2Fsch%2Fi.html%3F_from%3DR40%26_sacat%3D0%26LH_ItemCondition%3D4%26_
      nkw%3Dfritz+450%26rt%3Dnc%26LH_Auction%3D1"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

17.04.2015 14:58 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QLFDPCBPAYAAAIA1gAFCO6GxKkFEPzK5aS_gva_Phitu
      MPThtqztTIgASotCSE-JFXcFfI_EX9qvHSTGPA_GXsUrkfh-hNAITSJBoWizfA_KWiU6i1M4fI_MI6jt
      QE45QJAzBFIAlC47_sMWL3IAWAAaIC-A3DbCXiLmwKAAQGKAQNVU0SSAQEG9AABmAGgAaAB2ASoAQGwA
      QC4AQLAAQXIAQDQAQDYAQDgAQDqAY0IaHR0cCUzQSUyRiUyRm94LWQuZWJheWRlYi5zZXJ2ZWRieW9wZ
      W54LmNvbSUyRnclMkYxLjAlMkZyYyUzRmVlJTNEYXBpX3N5bmNfd3JpdGUlMjZlZiUzRGJ0JTI1MkNkY
      iUyNnRzJTNEMWZISnBaRDAwTURnMk56Rm1OaTFpTnpRMUxUUXdPVGN0WVRFNE55MWxNbVptTnpNeE5tS
      XlZbVI4Y25ROU1UUXlPVEkzTlRVd01ueGhkV2xrUFRVek56UTVOelEyTjN4aGRXMDlSRTFKUkM1WFJVS
      jhjMmwNJPB4RTROalUxTW54d2RXSTlOVE0zTVRBME16WXlmSEJqUFVWVlVueDRkRDFoY0dsZmMzbHVZM
      TkzY21sMFpYeHlZV2xrUFRoa01UZGhOVFZqTFdJME9XSXROR016T1MwNVpUaG1MVFJtTTJVeE5tUTJOa
      lk0WW54aGFXUQ1sdFUzTnpBeGZIUTlNVEo4WVhNOU1UWXdlRFl3TUh4cxkoIEkxTXpFMGZHOSEokDFNe
      mN4TURFNU56RjhjRDB4TURBMmZIQnlQVGcwTlh4aFpIWTkFzPBsRGN5TkRBd2ZHRmpQVlZUUkh4d2JUM
      VFVa2xEU1U1SExrTlFUWHh0UFRGOFlXazlNVFV5WkRBM1lqRXRaR0UwTVMwMFl6UXdMV0ZrTVRndFptV
      TNOR015TmprMU16UmhmRzFqUFVkQ1VIeHRjagGI8J9GOGNHazlOakE0ZkcxMWFUMWxOR1ZtWXpCaU9TM
      DRZV1ZsTFRReU9ETXROMkU0TnkwME4yWTBORFV4TlRJMk5EWjhiV0U5TURrNE9UWTBOR1V0WldJM01DM
      DBObU5rTFdFME9UVXRZamd5TURrellUWmtOR0ZrZkcxeWREMHhOREk1TWpjMU5UQXlmRzF5WXoxVFVsU
      mZWMDlPZkcxM1lUJTzgd056STBNREI4WTJzOU1YeHRkMkpwUFRJME1UZDhiWGRpUFRjd05ueHRZWEE5T
      VRBd05ueGxiR2M5ASw0YjJNOVZWTkVmRzF2Y2oJ9ARiWEEsBGRDJQgESEkxADR3WmowM09UaDhiVzFtU
      CHsQEh4dGNHNW1QVFE1T1h4dGJXAQwETTEFDFx6MVBXQzFIUW54bFl6MHlOekU1TlRNeU0BNBhIVTlPV
      EExIXA18BBHMTNZegXQVQw8Ylhkd1BUVXpOekV5TlRNeAFwDGQyTnkNFBAxTnpjdwHEDGQybHoh9AEw8
      GNkRDF2ZUY5d2NtOTBiM3gxY2oxNVZubzNOemR0WjNGQyUyNnIlM0TwAQD6AQh2ZXJ0LTYwM4oCV3VmK
      CdhJywgMjQ4Mzg3LCAxNDI5Mjc1NTAyKTt1ZignYycsIDc2MzY4ODQsQh0AAHIBORw3MTk1MzIwLDIeA
      PDEkgK1ASFwaXdRd0FpVWo5SURFTGp2LXd3WUFDQzl5QUV3QURnQVFBQkl6QkZRanFPMUFWZ0JZRFZvQ
      UhBTWVQNDlnQUhtQVlnQkFwQUJBWmdCQWFBQkFhZ0JBN0FCQUxrQm1wbVptWm1aOFRfQkFXaVU2aTFNN
      GZJX3lRRXlvRVpfaDRYeVA5a0JNWmtxR0pYVTdUX2dBUURxQVE4eE16TXlNREF3TERFek16SXdNRGIxQ
      VFBQUFBQS6aAh0hZlFiek93aVUuuABwdmNnQklBQS7YAgDgAqXtGOoCEmh0dHA6Ly93d3elUsguZGWAA
      wCIAwGQAwCYAwugAwGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=h
      ttp%3A%2F%2Fwww.ebay.de"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

17.04.2015 14:57 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK1BPB-LAIAAAIA1gAFCKyGxKkFEPKYrqWh95j5cxitu
      MPThtqztTIgASotCTu8nq6h5_E_ETv_dtmvO-8_GTEIrBxaZA1AITh8NCaad_A_KWiU6i1M4fI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4gZkDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTI3NTQzNik7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBITh5c2NSUWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQ0o0RElBQjVBR0lBUXlRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUZvbE9vdFRPSHlQOGtCVmZfeUZrcXE5VF9aQVRHWktoaVYxTzBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8F9vY0FTSUFBLtgCl
      QTgAt-7EOoCHHd3dy5lYmF5LmRlL2l0bS8yMjE3NDIxOTUyODWAAwCIAwGQAwCYAwygAwGqAwCwAwC4A
      wDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=www.ebay.de%2Fitm%2F221742195
      285"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

17.04.2015 14:56 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://nym1.ib.adnxs.com/if?e=wqT_3QK_DPCBNgYAAAIA1gAFCPaFxKkFENjgusbT8_yBXRitu
      MPThtqztTIgASotCevzOGGjtO4_EYcW2c73U-s_GXsUrkfh-hNAIQMcoZLUlOw_Kfny2y-UDvA_MI6jt
      QE45QJAzBFIAlC47_sMWL3IAWAAaIC-A3DbCXj42wOAAQGKAQNVU0SSAQEG9AABmAGgAaAB2ASoAQGwA
      QC4AQLAAQXIAQDQAQDYAQDgAQDqAYcIaHR0cCUzQSUyRiUyRm94LWQuZWJheWRlYi5zZXJ2ZWRieW9wZ
      W54LmNvbSUyRnclMkYxLjAlMkZyYyUzRmVlJTNEYXBpX3N5bmNfd3JpdGUlMjZlZiUzRGJ0JTI1MkNkY
      iUyNnRzJTNEMWZISnBaRDB3Wm1FMk5tVmpOQzFsTWpSbUxUUTNaRFl0WVRFd1pTMHhPVEF6TmpobE16T
      TRaak44Y25ROU1UUXlPVEkzTlRNNE1YeGhkV2xrUFRVek56UTVOelEyTjN4aGRXMDlSRTFKUkM1WFJVS
      jhjMmwNJPB4RTROalUxTW54d2RXSTlOVE0zTVRBME16WXlmSEJqUFVWVlVueDRkRDFoY0dsZmMzbHVZM
      TkzY21sMFpYeHlZV2xrUFdJek9EUXhNbVk0TFdWak1XSXRORFV5WmkxaFl6YzJMV05rT0RnMU56Z3dOM
      kkwWlh4aGFXUQ1sdFUzTkRrNWZIUTlNVEo4WVhNOU1UWXdlRFl3TUh4cxkoIEkxTXpFMGZHOSEoiDFNe
      mN4TURFNU56RjhjRDA0TlRSOGNISTlOekU0ZkdGa2RqBSTwyHdOekkwTURCOFlXTTlWVk5FZkhCdFBWQ
      lNTVU5KVGtjdVExQk5mRzA5TVh4aGFUMHhOVEprTURkaU1TMWtZVFF4TFRSak5EQXRZV1F4T0MxbVpUY
      zBZekkyT1RVek5HRjhiV005UjBKUWZHMXlQVGcxZkhCcFBUVXhOM3h0ZFdrOVpUUmxabU13WWprdE9HR
      mxaUzAwTWpnekxUZGhPRGN0TkRkbU5EUTFNVFV5TmpRMmZHMWhQVFJsT0RWak9ETmlMVFE1TmpNdCEkd
      FpTMDRORFJqTFRFMU1EUm1Namd4TXpRMU0zeHRjbiFAAFEuCAJMdGNtTTlVMUpVWDFkUFRueHRkMkUpd
      KhEY3lOREF3ZkdOclBURjhiWGRpYVQweU5ERTNmRzEzWWowMU9UaDhiV0Z3AdQ0Tkh4bGJHYzlNWHh0Y
      jItSDRHMXZjajA0Tlh4dGNHTTEEkHdjajAxTVRkOGJYQm1QVGM1T0h4dGJXWTlOVGMwZkcxd2JtWTkBz
      AxmRzF0AQwITXpVAQxgdlBVOVlMVWRDZkdWalBUSTNNVGsxTXpJdwE0OGRUMDNOamw4YldOd1BUZwGQD
      HRkMk0JzBhUQXhPVGN4AbgEY0Ql9Bx4TWpVek1UUgHYAGoFkAh6Y3gBgAhPVGwBFAxwY3owCTDwVEhRO
      WIzaGZjSEp2ZEc5OGRYSTlVR1JtVDJwRFNGSTBNQSUyNnIlM0TwAQD6AQh2ZXJ0LTYwM4oCV3VmKCdhJ
      ywgMjQ4Mzg3LCAxNDI5Mjc1MzgyKTsBHChjJywgNzYzNjg4NEYdACxyJywgMjcxOTUzMjA2HgDwqJICt
      QEhaUMwRzV3aVVqOUlERUxqdi13d1lBQ0M5eUFFd0FEZ0FRQUJJekJGUWpxTzFBVmdCWURWb0FIQU1lU
      G85Z0FIa0FZZ0JDcEFCQVpnQkFhQUJBYWdCQTdBQkFMa0JzR1k5WXNQdjdUX0JBZm55MnktVUR2QV95U
      Ud3WmoxaXctX3RQOWtCTVprcUdKWFU3VF9nQVFEcUFROHhNek15TURBd0xERXohmhhNRGIxQVFBAQEkL
      poCHSFmUWJ6Tzq4AHB2Y2dCSUFBLtgCAOACpe0Y6gISaHR0cDovL3d3d6VMyC5kZYADAIgDAZADAJgDC
      6ADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2F%2F
      www.ebay.de"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

17.04.2015 14:51 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QLOBPB-RQIAAAIA1gAFCLyDxKkFEMTI_qiRzLjJchitu
      MPThtqztTIgASotCU76uRz20uw_EZ7t0RvuI-k_GTEIrBxaZA1AITh8NCaad_A_KWiU6i1M4fI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB40K4DgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTI3NTA2OCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIWJTdlpOZ2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQ0I0QklBQjRnR0lBUVNRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUZvbE9vdFRPSHlQOGtCQXRIbUdPUUI5RF9aQVRHWktoaVYxTzBfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8Hg5cHdLSUFBLtgCl
      QTgAt-7EOoCNWh0dHA6Ly93d3cuZWJheS5kZS9pdG0vdmF1ZGUtYXJjdGljLWZveC0vMTgxNzE5MjAyM
      jY4gAMAiAMBkAMAmAMMoAMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA-AMD&dlo=1&referr
      er=http%3A%2F%2Fwww.ebay.de%2Fitm%2Fvaude-arctic-fox-%2F181719202268"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

17.04.2015 14:48 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCKGCxKkFEInE1u_KtsepOBitu
      MPThtqztTIgASotCREDhdmDqPE_EVRVaCCWze4_GTEIrBxaZA1AITh8NCaad_A_KWiU6i1M4fI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4wpoCgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTI3NDkxMyk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBITdpeEkwUWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQjU0dENXQUFlQUJpQUcwSlpBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVdpVTZpMU00ZklfeVFIVm5BZEVnSDMxUDlrQk1aa3FHSlhVN1RfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFad1pjT3dpVS64APBhb2NBU0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

15.04.2015 22:54 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCImgu6kFEO-e3vHb36jLRBitu
      MPThtqztTIgASotCSZ-pJpdSPE_EZXyWgndJe4_GUw3iUFg5QpAISYUe3L7XfA_KfmO7nTsw_I_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4n90DgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTEzMTI3Myk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIVpDOUtVZ2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQng0dGhpQUFkNEJpQUcyR0pBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQWZtTzduVHN3X0lfeVFHZXhMRDNDTHY0UDlrQmlHTmQzRVlEN2pfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APBhOXB3S0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

14.04.2015 20:51 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QKsBfB-owIAAAIA1gAFCJLDtakFEPbd6KyMlsv1OBitu
      MPThtqztTIgASotCVBoV3dXPvI_EW3n-6nx0u8_GScxCKwcWglAISYUe3L7XfA_KfmO7nTsw_I_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4wPADgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTAzNzQ1OCk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIWJTMkJqUWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQnA0QW9BQjJBR0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUg1anU1MDdNUHlQOGtCNmlXeW51aGQ4al9aQVloalhkeEdBLTRfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8NZvY0FTSUFBLtgCl
      QTgAt-7EOoCkgFodHRwOi8vd3d3LmViYXkuZGUvc2NoL0hhbmR5cy1vaG5lLVZlcnRyYWctLzkzNTUva
      S5odG1sP19mcm9tPVI0MCZMSF9CSU49MSZfc29wPTE1Jl9ua3c9c29ueSB4cGVyaWEgY29tcGFjdCZfZ
      GNhdD05MzU1JnJ0PW5jJkxIX0l0ZW1Db25kaXRpb249MTAwMIADAIgDAZADAJgDDKADAaoDALADALgDA
      MADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsc
      h%2FHandys-ohne-Vertrag-%2F9355%2Fi.html%3F_from%3DR40%26LH_BIN%3D1%26_sop%3D15%
      26_nkw%3Dsony+xperia+compact%26_dcat%3D9355%26rt%3Dnc%26LH_ItemCondition%3D1000"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

14.04.2015 20:51 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QKxBfB-qAIAAAIA1gAFCJPDtakFEI_y7d2o5Jf2Hxitu
      MPThtqztTIgASotCdS-ypfbsPA_Ea8I_reSHe0_GVyPwvUoXP8_ISxOgHFsK-8_KZHAk_RO3vE_MJnUP
      jjLA0DMEUgCULjv-wxY9pwKYABog4gDcAB4ha8DgAEBigEDVVNEkgUG8GOYAaABoAHYBKgBAbABALgBA
      sABBcgBANABANgBAOABAPABAPoBBTE4NjQ0igJXdWYoJ2EnLCAyNDgzODcsIDE0MjkwMzc0NTkpO3VmK
      CdjJywgNzYzNjg4NCwgMTQyOTAzNzQ1DR0AcgE5GDcxOTUzMjA2HgDwxJICtQEhd1N3eXB3aVVqOUlER
      Uxqdi13d1lBQ0QybkFvd0FEZ0FRQUJJekJGUW1kUS1XQUZnTldnQWNBaDQwak9BQWRnQmlBRUNrQUVCb
      UFFQm9BRUJxQUVEc0FFQXVRSGdyUXB1UHNMd1A4RUJrY0NUOUU3ZThUX0pBZUN0Q200LXd2QV8yUUdJW
      TEzY1JnUHVQLUFCQU9vQkR6RXpNekl3TURBc01UTXpNakF3TnZVQkFBQUFBQS4umgIdIWt3WjdQQWlVL
      rgA8NY5cHdLSUFBLtgClQTgAt-7EOoCkgFodHRwOi8vd3d3LmViYXkuZGUvc2NoL0hhbmR5cy1vaG5lL
      VZlcnRyYWctLzkzNTUvaS5odG1sP19mcm9tPVI0MCZMSF9CSU49MSZfc29wPTE1Jl9ua3c9c29ueSB4c
      GVyaWEgY29tcGFjdCZfZGNhdD05MzU1JnJ0PW5jJkxIX0l0ZW1Db25kaXRpb249MTAwMIADAIgDAZADA
      JgDDKADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAPgDAw..&dlo=1&referrer=http%3A%2
      F%2Fwww.ebay.de%2Fsch%2FHandys-ohne-Vertrag-%2F9355%2Fi.html%3F_from%3DR40%26LH_
      BIN%3D1%26_sop%3D15%26_nkw%3Dsony+xperia+compact%26_dcat%3D9355%26rt%3Dnc%26LH_I
      temCondition%3D1000"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

14.04.2015 20:50 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QLFDPCBPAYAAAIA1gAFCJPDtakFENnfrozEt_L2Bhitu
      MPThtqztTIgASotCSUrWclKVvI_EVK4HoXrUfA_GaRwPQrXoxRAIcTqbfd9s_A_KfmO7nTsw_I_MI6jt
      QE45QJAzBFIAlC47_sMWL3IAWAAaIC-A3DbCXiokwOAAQGKAQNVU0SSAQEG8OCYAaABoAHYBKgBAbABA
      LgBAsABBcgBANABANgBAOABAOoBjQhodHRwJTNBJTJGJTJGb3gtZC5lYmF5ZGViLnNlcnZlZGJ5b3Blb
      nguY29tJTJGdyUyRjEuMCUyRnJjJTNGZWUlM0RhcGlfc3luY193cml0ZSUyNmVmJTNEYnQlMjUyQ2RiJ
      TI2dHMlM0QxZkhKcFpEMWtNRFl4TnpSbFppMHhaRFZrTFRSaFpqSXRPVFpqWmkwMk1EaG1NemMxTWpKb
      E56ZDhjblE5TVRReU9UQXpOelExT1h4aGRXbGtQVFUBEGw1TnpRMk4zeGhkVzA5UkUxSlJDNVhSVUo4Y
      zJsDSTweEU0TmpVMU1ueHdkV0k5TlRNM01UQTBNell5ZkhCalBVVlZVbng0ZEQxaGNHbGZjM2x1WTE5M
      2NtbDBaWHh5WVdsa1BXRTVZalZsWTJKbExXSmhObVV0TkdRMllTMWhOakprTFRrMFpURm1OR1ZrTlRZM
      VpYeGhhV1ENbHRVM056QXhmSFE5TVRKOFlYTTlNVFl3ZURZd01IeHMZKKBJMU16RTBmRzlwWkQwMU16Y
      3hNREU1TnpGOGNEMHhNREl3ZkhCeVBUZwXwCFpIWQlg8GxEY3lOREF3ZkdGalBWVlRSSHh3YlQxUVVrb
      ERTVTVITGtOUVRYeHRQVEY4WVdrOU1UVXlaREEzWWpFdFpHRTBNUzAwWXpRd0xXRmtNVGd0Wm1VM05HT
      XlOamsxTXpSaGZHMWpQVWRDVUh4dGNqAYjwn0o4Y0drOU5qSTNmRzExYVQxbE5HVm1ZekJpT1MwNFlXV
      mxMVFF5T0RNdE4yRTROeTAwTjJZME5EVXhOVEkyTkRaOGJXRTlaalkyTmpZek1Ea3RaR1ZqWmkwMFpXT
      TJMV0ZoTkRRdE1EZGxNakl4TW1Kall6TmpmRzF5ZEQweE5ESTVNRE0zTkRVNWZHMXlZejFUVWxSZlYwO
      U9mRzEzWVQlPJB3TnpJME1EQjhZMnM5TVh4dGQySnBQVEkwTVRkOGJYZGlQVGN4ARg4WVhBOU1UQXlNS
      HhsYkdjBSw0YjJNOVZWTkVmRzF2Y2oJ9ARiWEEsBGRDJQgESEkxAIh3WmowMU5EbDhiVzFtUFRNNU4ze
      HRjRzVtUFRRNU9YeHRiVwEMBE0yAWxYYnoxUFdDMUhRbnhsWXoweU56RTVOVE0BfBx0Y0hVOU9URSFUA
      Go18BBHMTNZegXQVQxEYlhkd1BUVXpOekV5TlRNeE5IAdwETnkNFBAxTnpjdwFsDGQybHoh9AEw8GNkR
      DF2ZUY5d2NtOTBiM3gxY2owM04xQXpkV3BtUVVOeiUyNnIlM0TwAQD6AQh2ZXJ0LTYwM4oCV3VmKCdhJ
      ywgMjQ4Mzg3LCAxNDI5MDM3NDU5KTt1ZignYycsIDc2MzY4ODQsQh0AAHIBORw3MTk1MzIwLDIeAPDEk
      gK1ASE2QzZqSkFpVWo5SURFTGp2LXd3WUFDQzl5QUV3QURnQVFBQkl6QkZRanFPMUFWZ0JZRFZvQUhBS
      WVOSXpnQUhZQVlnQkFwQUJBWmdCQWFBQkFhZ0JBN0FCQUxrQm1wbVptWm1aOFRfQkFmbU83blRzd19JX
      3lRRzQzWk1OOHE3NVA5a0JpR05kM0VZRDdqX2dBUURxQVE4eE16TXlNREF3TERFek16SXdNRGIxQVFBQ
      UFBQS6aAh0hZlFiek93aVUuuABwdmNnQklBQS7YAgDgAqXtGOoCEmh0dHA6Ly93d3elUsguZGWAAwCIA
      wGQAwCYAwugAwGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%
      3A%2F%2Fwww.ebay.de"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

14.04.2015 20:49 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK7BPB-MgIAAAIA1gAFCMDCtakFEOm09q6ciNftOhitu
      MPThtqztTIgASotCd_no9RhQPE_EZELzuDvF-4_GScxCKwcWglAISYUe3L7XfA_KfmO7nTsw_I_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4hugDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyOTAzNzM3Nik7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIWt5LVJVQWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQmg0eUJlQUFkWUJpQUhJRjVBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQWZtTzduVHN3X0lfeVFIcmJwVk44T1gyUDlrQmlHTmQzRVlEN2pfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFad1pjT3dpVS64APBhb2NBU0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwD4AwM.&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

13.04.2015 19:41 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK4BPB-LwIAAAIA1gAFCM3_r6kFEIeQ5rj98rXMBRitu
      MPThtqztTIgASotCfR_vvesV_E_EbOZQ1ILJe4_GUw3iUFg5QdAIf0uRE7qMfA_KfYqo8xaovI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB42_sDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyODk0Njg5Myk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIWl5eUJ2UWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQlo0bEFHQUFkUUJpQUdVQVpBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQWZZcW84eGFvdklfeVFIczhsb19Fa255UDlrQjAwMWlFRmc1N2pfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFrQVpkUEFpVS64APBeOXB3S0lBQ
      S7YApUE4ALfuxDqAh5odHRwOi8vd3d3LmViYXkuZGUvbXliL1N1bW1hcnmAAwCIAwGQAwCYAwygAwGqA
      wCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwA.&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%
      2Fmyb%2FSummary"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

13.04.2015 18:27 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QLRBfB-yAIAAAIA1gAFCNncr6kFEI_A34jj-LydOBitu
      MPThtqztTIgASotCX0jiAXrVvI_Eam8HeG04O8_GQ439pyBjAJAIQD68JsJMfA_KXXVjUJYofI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4r5sCgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyODk0MjQyNSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBITRDMnJnQWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQlI0QW9BQjBnR0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUYxMVkxQ1dLSHlQOGtCcC0ycW9tcnU5el9aQVpmX2tINzdPdTRfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8K5vY0FTSUFBLtgCl
      QTgAt-7EOoCugFodHRwOi8vd3d3LmViYXkuZGUvc2NoL1NjaHVoZS1mJUMzJUJDci1KdW5nZW4tLzU3O
      TI5L2kuaHRtbD9fZnJvbT1SNDAmU2NodWhnciUyNUMzJTI1QjYlMjVDMyUyNTlGZT1FVVIlMjUyMDIzJ
      TdDRVVSJTI1MjAyNCU3Q0VVUiUyNTIwMjUmX25rdz1jcm9jcyZfZGNhdD01AWrwSCZydD1uYyZMSF9Jd
      GVtQ29uZGl0aW9uPTMwMDCAAwCIAwGQAwCYAwygAwGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwA
      wA.&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2FSchuhe-f%25C3%25BCr-Jungen-%
      2F57929%2Fi.html%3F_from%3DR40%26Schuhgr%2525C3%2525B6%2525C3%25259Fe%3DEUR%2525
      2023%257CEUR%25252024%257CEUR%25252025%26_nkw%3Dcrocs%26_dcat%3D57929%26rt%3Dnc%
      26LH_ItemCondition%3D3000"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

13.04.2015 18:26 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QL4BPB-bwIAAAIA1gAFCJvcr6kFEPeOv-rKzqKrWxitu
      MPThtqztTIgASotCf-TFQJVUfE_ESE6BI4EGu4_GUw3iUFg5QdAIQD68JsJMfA_KXXVjUJYofI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4prQDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyODk0MjM2Myk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MSSArUBIXpTLU1UQWlVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQko0OEJxQUFkQUJpQUh3R3BBQkFaZ0JBYUFCQWFnQ
      kE3QUJBTGtCbXBtWm1abVo4VF9CQVhYVmpVSllvZklfeVFINHpySFpzeGIzUDlrQmxfLVFmdnM2N2pfZ
      0FRRHFBUTh4TXpNeU1EQXdMREV6TXpJd01EYjFBUUFBQUFBLpoCHSFad1pjT3dpVS64APCeb2NBU0lBQ
      S7YApUE4ALfuxDqAl5odHRwOi8vd3d3LmViYXkuZGUvaXRtLzI1MTkxNzkzOTQyMT9fdHJrc2lkPXAyM
      DYwMzUzLm0xNDM4LmwyNjYxJnNzUGFnZU5hbWU9U1RSSyUzQU1FQklEWCUzQUlUgAMAiAMBkAMAmAMMo
      AMBqgMAsAMAuAMAwAOsAsgDANgDh8wa4AMA6AMA8AMA&dlo=1&referrer=http%3A%2F%2Fwww.ebay
      .de%2Fitm%2F251917939421%3F_trksid%3Dp2060353.m1438.l2661%26ssPageName%3DSTRK%25
      3AMEBIDX%253AIT"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

12.04.2015 13:45 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QK7BfB-sgIAAAIA1gAFCNm1qakFEMP25PDk_JiOXhitu
      MPThtqztTIgASotCX0jiAXrVvI_Eam8HeG04O8_GajGSzeJQQdAIQD68JsJMfA_KXXVjUJYofI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4i7IDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyODgzOTEyOSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8L2SArEBIXdTd2tUd2lVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQkI0QW9BQnpBR0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUYxMVkxQ1dLSHlQOGtCcW9pV0JwLTEtRF9aQVpmX2tINzdPdTRfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPOrQA8EBvY0FTSUFBLtgClQTgA
      t-7EOoCpAFodHRwOi8vd3d3LmViYXkuZGUvc2NoL1JlaWZlbi0vOTg5MS9pLmh0bWw_UgUUKGFydD1Tb
      21tZXJyBRAEJlIFB_A-bWFya2U9TWljaGVsaW4mX2RjYXQ9OTg5MSZMSF9JdGVtQ29uZGl0aW9uPTEwM
      DAmX25rdz0yMTUgNjAgMTYgLlIAACAZRshzb3A9MTWAAwCIAwGQAwCYAwygAwGqAwCwAwC4AwDAA6wCy
      AMA2AOHzBrgAwDoAwDwAwA.&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2FReifen-%
      2F9891%2Fi.html%3FReifenart%3DSommerreifen%26Reifenmarke%3DMichelin%26_dcat%3D98
      91%26LH_ItemCondition%3D1000%26_nkw%3D215%2060%2016%20Sommerreifen%20Michelin%26
      _sop%3D15"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

12.04.2015 13:45 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QK7BfB-sgIAAAIA1gAFCNq1qakFEJ2HvMDqoeRBGK24w
      9OG2rO1MiABKi0JQ66MSFvH8D8RfGEyVTAq7T8ZXI_C9Shc_z8hAPrwmwkx8D8pddWNQlih8j8wmdQ-O
      MsDQMwRSAJQuO_7DFj2nApgAGiDiANwAHjk3AOAAQGKAQNVU0SSAQEG8GOYAaABoAHYBKgBAbABALgBA
      sABBcgBANABANgBAOABAPABAPoBBTE4NjQ0igJXdWYoJ2EnLCAyNDgzODcsIDE0Mjg4MzkxMzApO3VmK
      CdjJywgNzYzNjg4NCwgMTQyODgzOTEzDR0AcgE5GDcxOTUzMjA2HgDwvZICsQEhWGkzNWRBaVVqOUlER
      Uxqdi13d1lBQ0QybkFvd0FEZ0FRQUJJekJGUW1kUS1XQUZnTldnQWNBWjRCSUFCekFHSUFRS1FBUUdZQ
      VFHZ0FRR29BUU93QVFDNUFacVptWm1abWZFX3dRRjExWTFDV0tIeVA4a0JyZk9MS1h6UzhUX1pBWmZfa
      0g3N091NF80QUVBNmdFUE1UTXpNakF3TUN3eE16TXlNREEyOVFFQUFBQUGaAh0ha3daN1A6tADwQDlwd
      0tJQUEu2AKVBOAC37sQ6gKkAWh0dHA6Ly93d3cuZWJheS5kZS9zY2gvUmVpZmVuLS85ODkxL2kuaHRtb
      D9SBRQoYXJ0PVNvbW1lcnIFEAQmUgUH8D5tYXJrZT1NaWNoZWxpbiZfZGNhdD05ODkxJkxIX0l0ZW1Db
      25kaXRpb249MTAwMCZfbmt3PTIxNSA2MCAxNiAuUgAAIBlGyHNvcD0xNYADAIgDAZADAJgDDKADAaoDA
      LADALgDAMADrALIAwDYA4fMGuADAOgDAPADAA..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%
      2Fsch%2FReifen-%2F9891%2Fi.html%3FReifenart%3DSommerreifen%26Reifenmarke%3DMiche
      lin%26_dcat%3D9891%26LH_ItemCondition%3D1000%26_nkw%3D215%2060%2016%20Sommerreif
      en%20Michelin%26_sop%3D15"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

12.04.2015 13:44 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QKyBPB-KQIAAAIA1gAFCJG1qakFEL2KvZ71jbHATxitu
      MPThtqztTIgASotCaP8apeNCew_EXALluoCXug_GajGSzeJQQdAIQD68JsJMfA_KXXVjUJYofI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB48PACgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyODgzOTA1Nyk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIVV5eFBSUWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQTU0QW9BQnlnR0lBUUtRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUYxMVkxQ1dLSHlQOGtCR3hoUmxjRzU5RF9aQVpmX2tINzdPdTRfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8Fw5cHdLSUFBLtgCl
      QTgAt-7EOoCHHd3dy5lYmF5LmRlL2l0bS8xMzA5NjQ1NzQzMTaAAwCIAwGQAwCYAwygAwGqAwCwAwC4A
      wDAA6wCyAMA2AOHzBrgAwDoAwDwAwA.&dlo=1&referrer=www.ebay.de%2Fitm%2F130964574316"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

11.04.2015 15:23 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QLhBPB-WAIAAAIA1gAFCKvApKkFELLhp8Th-Y7dLhitu
      MPThtqztTIgASotCSq7mlnqZPI_EX6MuWsJ-e8_GbgehetRuAhAIaQHgPeMNPA_KRPHLBNjpfI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4s-8CgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyODc1ODU3MSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIXh5cWU5Z2lVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQXA0Q0lBQndBR0lBUWlRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUVUeHl3VFk2WHlQOGtCVjlVaU1kQ3g5al9aQVlZNDFzVnROTzRfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8ItvY0FTSUFBLtgCl
      QTgAt-7EOoCS2h0dHA6Ly93d3cuZWJheS5kZS9zY2gvS29tcGxldHRyJUMzJUE0ZGVyLS85ODkyL2kua
      HRtbD9fZnJvbT1SNDAmX25rdz1zLW1heIADAIgDAZADAJgDDKADAaoDALADALgDAMADrALIAwDYA4fMG
      uADAOgDAPADAA..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2FKomplettr%25C3%2
      5A4der-%2F9892%2Fi.html%3F_from%3DR40%26_nkw%3Ds-max"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

11.04.2015 15:22 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QLiBPB-WQIAAAIA1gAFCKvApKkFEL3s8c35v5T1Vhitu
      MPThtqztTIgASotCZ4jHvws1PA_ERzTE5Z4QO0_GbgehetRuP4_IfJFkE9WMfA_KZZem4OwofI_MJnUP
      jjLA0DMEUgCULjv-wxYocASYABog4gDcAB4jPwDgAEBigEDVVNEkgUG8GOYAaABoAHYBKgBAbABALgBA
      sABBcgBANABANgBAOABAPABAPoBBTE4NjQ0igJXdWYoJ2EnLCAyNDgzODcsIDE0Mjg3NTg1NzEpO3VmK
      CdjJywgNzYzNjg4NCwgMTQyODc1ODU3DR0AcgE5GDcxOTUzMjA2HgDwwJICsQEheENrVnZBaVVqOUlER
      Uxqdi13d1lBQ0Nod0JJd0FEZ0FRQUJJekJGUW1kUS1XQUZnTldnQWNBQjRBSUFCd0FHSUFRaVFBUUdZQ
      VFHZ0FRR29BUU93QVFDNUFVX21LQ1FjbHZFX3dRR1dYcHVEc0tIeVA4a0JULVlvSkJ5VzhUX1pBWVk0M
      XNWdE5PNF80QUVBNmdFUE1UTXpNakF3TUN3eE16TXlNREEyOVFFQUFBQUGaAh0hYWdaNk93aVUutADwi
      29jQVNJQUEu2AKVBOAC37sQ6gJLaHR0cDovL3d3dy5lYmF5LmRlL3NjaC9Lb21wbGV0dHIlQzMlQTRkZ
      XItLzk4OTIvaS5odG1sP19mcm9tPVI0MCZfbmt3PXMtbWF4gAMAiAMBkAMAmAMMoAMBqgMAsAMAuAMAw
      AOsAsgDANgDh8wa4AMA6AMA8AMA&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2FKomp
      lettr%25C3%25A4der-%2F9892%2Fi.html%3F_from%3DR40%26_nkw%3Ds-max"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

11.04.2015 15:22 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QLCDPCBOQYAAAIA1gAFCKvApKkFEI3jltiJ3_TxWhitu
      MPThtqztTIgASotCRYxTtYxUfI_ET0K16NwPfA_Gf0B7dtk5PE_IVN-mL0ViPA_KRPHLBNjpfI_MI6jt
      QE45QJAzBFIAlC47_sMWL3IAWAAaIC-A3DbCXjukgOAAQGKAQNVU0SSAQEG9AABmAGgAaAB2ASoAQGwA
      QC4AQLAAQXIAQDQAQDYAQDgAQDqAY0IaHR0cCUzQSUyRiUyRm94LWQuZWJheWRlYi5zZXJ2ZWRieW9wZ
      W54LmNvbSUyRnclMkYxLjAlMkZyYyUzRmVlJTNEYXBpX3N5bmNfd3JpdGUlMjZlZiUzRGJ0JTI1MkNkY
      iUyNnRzJTNEMWZISnBaRDFrWTJVMk1EVTBOaTB5TVRVeUxUUXlNR010WWpneU5DMHhOVEl4WkRVNE9EZ
      zVNVFI4Y25ROU1UUXlPRGMxT0RVM01YeGhkV2xrUFRVek56UTVOelEyTjN4aGRXMDlSRTFKUkM1WFJVS
      jhjMmwNJPB4RTROalUxTW54d2RXSTlOVE0zTVRBME16WXlmSEJqUFVWVlVueDRkRDFoY0dsZmMzbHVZM
      TkzY21sMFpYeHlZV2xrUFdJNFlqWTJObUU0TFRJek4yTXROR1pqWWkwNE9EUXlMVE0yWW1OaU1EUTNaV
      EEyTm54aGFXUQ1sdFUzTkRrNWZIUTlNVEo4WVhNOU1UWXdlRFl3TUh4cxkocEkxTXpFMGZHOXBaRDAxT
      XpjeE1ERTVOekY4Y0QwAQw8MWZIQnlQVGcyTUh4aFpIWQlg8GxEY3lOREF3ZkdGalBWVlRSSHh3YlQxU
      VVrbERTVTVITGtOUVRYeHRQVEY4WVdrOU1UVXlaREEzWWpFdFpHRTBNUzAwWXpRd0xXRmtNVGd0Wm1VM
      05HTXlOamsxTXpSaGZHMWpQVWRDVUh4dGNqAYjgRjhjR2s5TmpJemZHMTFhVDFsTkdWbVl6QmlPUzA0W
      VdWbExUUXlPRE10TjJFNE55MDBOMlkwTkRVIdzwTDJORFo4YldFOU1ERmhNMlZsTTJRdE9ERm1aQzAwW
      kdWbExXRXpOalV0WWprd1kyUTFNMlF5TlRkaWZHMXlkRDB4TkRJNE56VTROVGN4ARREWXoxVFVsUmZWM
      DlPZkcxM1lUJTzgd056STBNREI4WTJzOU1YeHRkMkpwUFRJME1UZDhiWGRpUFRjd01ueHRZWEE5TVRBe
      E5YeGxiR2M5ASw0YjJNOVZWTkVmRzF2Y2oJ9ARiWEEsBGRDJQgESEkxAFx3WmowM09UbDhiVzFtUFRVM
      09YeHRjRzUBDCHgCHRiVwEMBE0yAWygYnoxUFdDMUhRbnhsWXoweU56RTVOVE15TUh4dGNIVTlPVEUwZ
      kcxamMx8AHQAHoF0EEARQxEYlhkd1BUVXpOekV5TlRNeE5IAdwETnkNFBAxTnpRNQGEDGQybHoh9AEw8
      GNkRDF2ZUY5d2NtOTBiM3gxY2oxNWIyRkRSbFJ1Um1GcSUyNnIlM0TwAQD6AQh2ZXJ0LTYwM4oCV3VmK
      CdhJywgMjQ4Mzg3LCAxNDI4NzU4NTcxKTt1ZignYycsIDc2MzY4ODQsQh0AAHIBORw3MTk1MzIwLDIeA
      PDEkgK1ASFRaXRhSkFpVWo5SURFTGp2LXd3WUFDQzl5QUV3QURnQVFBQkl6QkZRanFPMUFWZ0JZRFZvQ
      UhBQWVBQ0FBY0FCaUFFSWtBRUJtQUVCb0FFQnFBRURzQUVBdVFHYW1abVptWm54UDhFQkU4Y3NFMk9sO
      GpfSkFWeHFJWmZDOXZzXzJRR0dPTmJGYlRUdVAtQUJBT29CRHpFek16SXdNREFzTVRNek1qQXdOdlVCQ
      UFBQUFBLi6aAh0hZlFiek93aVUuuABwdmNnQklBQS7YAgDgAqXtGOoCEmh0dHA6Ly93d3elUrwuZGWAA
      wCIAwGQAwCYAwugAwGqAwCwAwC4AwDAA6wCyAMA2AOHzBrgAwDoAwDwAwA.&dlo=1&referrer=http%
      3A%2F%2Fwww.ebay.de"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

11.04.2015 15:18 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QKsBfB-owIAAAIA1gAFCKm-pKkFEPbp4NaPg7WHTBitu
      MPThtqztTIgASotCSq7mlnqZPI_EX6MuWsJ-e8_GbgehetRuAhAIaQHgPeMNPA_KRPHLBNjpfI_MJnUP
      jjLA0DMEUgCULXv-wxYocASYABog4gDcAB4spcDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyODc1ODMxMyk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIUl5c1ZBZ2lVajlJREVMWHYtd3dZQUNDa
      HdCSXdBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQWg0QklBQnZnR0lBUVNRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUVUeHl3VFk2WHlQOGtCSW14ZzRhcnEtel9aQVlZNDFzVnROTzRfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIVp3WmNPd2lVLrQA8FxvY0FTSUFBLtgCl
      QTgAt-7EOoClQFodHRwOi8vd3d3LmViYXkuZGUvc2NoL0F1dG9yZWlmZW4tRmVsZ2VuLS8xNDc3MC9pL
      mh0bWw_Wm9sbGdyJTI1QzMlMjVCNiUNCvByOUZlPTE3JkxIX0l0ZW1Db25kaXRpb249MzAwMCZRdWVyc
      2Nobml0dD01MCZfZnJvbT1SNDAlN0NSNDAmX25rdz1zLW1heIADAIgDAZADAJgDDKADAaoDALADALgDA
      MADrALIAwDYA4fMGuADAOgDAPADAA..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2F
      Autoreifen-Felgen-%2F14770%2Fi.html%3FZollgr%2525C3%2525B6%2525C3%25259Fe%3D17%2
      6LH_ItemCondition%3D3000%26Querschnitt%3D50%26_from%3DR40%257CR40%26_nkw%3Ds-max
      "
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

11.04.2015 15:18 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://nym1.ib.adnxs.com/if?e=wqT_3QLCDPCBOQYAAAIA1gAFCKq-pKkFEMKQxJyMwYOvEhitu
      MPThtqztTIgASotCRYxTtYxUfI_ET0K16NwPfA_GVpkO99PjRlAIVN-mL0ViPA_KRPHLBNjpfI_MI6jt
      QE45QJAzBFIAlC47_sMWL3IAWAAaIC-A3DbCXjwgQOAAQGKAQNVU0SSAQEG9AABmAGgAaAB2ASoAQGwA
      QC4AQLAAQXIAQDQAQDYAQDgAQDqAY0IaHR0cCUzQSUyRiUyRm94LWQuZWJheWRlYi5zZXJ2ZWRieW9wZ
      W54LmNvbSUyRnclMkYxLjAlMkZyYyUzRmVlJTNEYXBpX3N5bmNfd3JpdGUlMjZlZiUzRGJ0JTI1MkNkY
      iUyNnRzJTNEMWZISnBaRDB3T0RGbFkyTTBOUzA0WWpBd0xUUTNOV1l0T1dNME15MDROalJpWm1GbU5EU
      mhZMlo4Y25ROU1UUXlPRGMxT0RNeE5IeGhkV2xrUFRVek56UTVOelEyTjN4aGRXMDlSRTFKUkM1WFJVS
      jhjMmwNJPB4RTROalUxTW54d2RXSTlOVE0zTVRBME16WXlmSEJqUFVWVlVueDRkRDFoY0dsZmMzbHVZM
      TkzY21sMFpYeHlZV2xrUFRrd05Ea3lNamhtTFRJek16TXRORGd5TVMwNU1EbGpMVGt6TjJVek9HRTNNV
      013Tkh4aGFXUQ1sdFUzTkRrNWZIUTlNVEo4WVhNOU1UWXdlRFl3TUh4cxkoIEkxTXpFMGZHOSEoPDFNe
      mN4TURFNU56RjhjRDABDDwxZkhCeVBUZzJNSHhoWkhZCWDwbERjeU5EQXdmR0ZqUFZWVFJIeHdiVDFRV
      WtsRFNVNUhMa05RVFh4dFBURjhZV2s5TVRVeVpEQTNZakV0WkdFME1TMDBZelF3TFdGa01UZ3RabVUzT
      kdNeU5qazFNelJoZkcxalBVZENVSHh0Y2oBiPCfRjhjR2s5TmpJemZHMTFhVDFsTkdWbVl6QmlPUzA0W
      VdWbExUUXlPRE10TjJFNE55MDBOMlkwTkRVeE5USTJORFo4YldFOU5EWTVOalV5TVdRdE5UYzROQzAwT
      VRRMExXSmpOek10TjJGbE5EY3hZV0V6TnpNMmZHMXlkRDB4TkRJNE56VTRNekUwZkcxeVl6MVRVbFJmV
      jA5T2ZHMTNZVCU84HdOekkwTURCOFkyczlNWHh0ZDJKcFBUSTBNVGQ4YlhkaVBUY3dNbnh0WVhBOU1UQ
      XhOWHhsYkdjOQEsNGIyTTlWVk5FZkcxdmNqCfQEYlhBLARkQyUIBEhJMQBcd1pqMDNPVGw4YlcxbVBUV
      TNPWHh0Y0c1AQwh4Ah0YlcBDARNMgFsqGJ6MVBXQzFIUW54bFl6MHlOekU1TlRNeU1IeHRjSFU5T1RFM
      GZHMWpjRDAp8BBHMTNZegXQARBFDDhiWGR3UFRVek56RXlOVE1hEBB0ZDJOeQ0UEDFOelE1AYQMZDJse
      iH0ATDwY2REMXZlRjl3Y205MGIzeDFjajF2VVhSUWRVWnhTVnBKJTI2ciUzRPABAPoBCHZlcnQtNjAzi
      gJXdWYoJ2EnLCAyNDgzODcsIDE0Mjg3NTgzMTQpO3VmKCdjJywgNzYzNjg4NCxCHQAAcgE5HDcxOTUzM
      jAsMh4A8MSSArUBIWhpcHpCZ2lVajlJREVManYtd3dZQUNDOXlBRXdBRGdBUUFCSXpCRlFqcU8xQVZnQ
      llEVm9BSEFBZUFDQUFiNEJpQUVFa0FFQm1BRUJvQUVCcUFFRHNBRUF1UUdhbVptWm1abnhQOEVCRThjc
      0UyT2w4al9KQVZXS2RRbl9MZklfMlFHR09OYkZiVFR1UC1BQkFPb0JEekV6TXpJd01EQXNNVE16TWpBd
      052VUJBQUFBQUEuLpoCHSFmUWJ6T3dpVS64AHB2Y2dCSUFBLtgCAOACpe0Y6gISaHR0cDovL3d3d6VSv
      C5kZYADAIgDAZADAJgDC6ADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAA..&dlo=1&referr
      er=http%3A%2F%2Fwww.ebay.de"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

11.04.2015 15:16 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://fra1.ib.adnxs.com/if?e=wqT_3QL0BfB-6wIAAAIA1gAFCJG9pKkFEM2Fq6jh9buDYBitu
      MPThtqztTIgASotCSq7mlnqZPI_EX6MuWsJ-e8_GbgehetRuAhAIaQHgPeMNPA_KRPHLBNjpfI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB405gDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyODc1ODE2MSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8MCSArEBIWF5dGlIUWlVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQVo0QklBQnZBR0lBUVNRQVFHWUFRR2dBUUdvQVFPd
      0FRQzVBWnFabVptWm1mRV93UUVUeHl3VFk2WHlQOGtCak16ZXBhMEQ5al9aQVlZNDFzVnROTzRfNEFFQ
      TZnRVBNVE16TWpBd01Dd3hNek15TURBMjlRRUFBQUFBmgIdIWtBWmRQQWlVLrQA8E45cHdLSUFBLtgCl
      QTgAt-7EOoC3QFodHRwOi8vd3d3LmViYXkuZGUvc2NoL2kuaHRtbD9fb2Rrdz1zLW1heCZab2xsZ3IlM
      jVDMyUyNUI2EQrwTDlGZT0xNyZMSF9JdGVtQ29uZGl0aW9uPTMwMDAmUXVlcnNjaG5pdHQ9NTAmX2Zyb
      209UjQwJl9kY2F0PTk4OTImX29zYWNhdD05ODkyLiIAkHRya3NpZD1wMjA0NTU3My5tNTcwLmwxMzEzL
      lRSMC5UUkMwLkgBCBRTMCZfbmsRqABfGU6wgAMAiAMBkAMAmAMMoAMBqgMAsAMAuAMAwAOsAsgDANgDh
      8wa4AMA6AMA8AMA&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2Fi.html%3F_odkw%3
      Ds-max%26Zollgr%2525C3%2525B6%2525C3%25259Fe%3D17%26LH_ItemCondition%3D3000%26Qu
      erschnitt%3D50%26_from%3DR40%26_dcat%3D9892%26_osacat%3D9892%26_from%3DR40%26_tr
      ksid%3Dp2045573.m570.l1313.TR0.TRC0.H0.TRS0%26_nkw%3Ds-max%26_sacat%3D9892"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert

11.04.2015 15:16 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://nym1.ib.adnxs.com/if?e=wqT_3QLCDPCBOQYAAAIA1gAFCJK9pKkFELj9qsWBycHGShitu
      MPThtqztTIgASotCRYxTtYxUfI_ET0K16NwPfA_GVpkO99PjRlAIVN-mL0ViPA_KRPHLBNjpfI_MI6jt
      QE45QJAzBFIAlC47_sMWL3IAWAAaIC-A3DbCXis6wOAAQGKAQNVU0SSAQEG9AABmAGgAaAB2ASoAQGwA
      QC4AQLAAQXIAQDQAQDYAQDgAQDqAY0IaHR0cCUzQSUyRiUyRm94LWQuZWJheWRlYi5zZXJ2ZWRieW9wZ
      W54LmNvbSUyRnclMkYxLjAlMkZyYyUzRmVlJTNEYXBpX3N5bmNfd3JpdGUlMjZlZiUzRGJ0JTI1MkNkY
      iUyNnRzJTNEMWZISnBaRDAwWm1FNVlUSXhNaTB6T0RkbUxUUXlaV1V0WVdZNE9DMWtOVGN3WW1VNU9XV
      mtNR1Y4Y25ROU1UUXlPRGMxT0RFMk1YeGhkV2xrUFRVek56UTVOelEyTjN4aGRXMDlSRTFKUkM1WFJVS
      jhjMmwNJPB4RTROalUxTW54d2RXSTlOVE0zTVRBME16WXlmSEJqUFVWVlVueDRkRDFoY0dsZmMzbHVZM
      TkzY21sMFpYeHlZV2xrUFRFM01qRTFPVE15TFRnMU1qRXROR1ExWVMwNFptVTBMVE5pTURJME1EazVNe
      lJtTUh4aGFXUQ1sdFUzTkRrNWZIUTlNVEo4WVhNOU1UWXdlRFl3TUh4cxkoIEkxTXpFMGZHOSEoPDFNe
      mN4TURFNU56RjhjRDABDDwxZkhCeVBUZzJNSHhoWkhZCWDwbERjeU5EQXdmR0ZqUFZWVFJIeHdiVDFRV
      WtsRFNVNUhMa05RVFh4dFBURjhZV2s5TVRVeVpEQTNZakV0WkdFME1TMDBZelF3TFdGa01UZ3RabVUzT
      kdNeU5qazFNelJoZkcxalBVZENVSHh0Y2oBiPCfRjhjR2s5TmpJemZHMTFhVDFsTkdWbVl6QmlPUzA0W
      VdWbExUUXlPRE10TjJFNE55MDBOMlkwTkRVeE5USTJORFo4YldFOU5UY3laakV5WTJRdFkyWTRZeTAwW
      TJFM0xUaG1PR1l0TlRrM1l6ZzVOR1JoTURkamZHMXlkRDB4TkRJNE56VTRNVFl4ZkcxeVl6MVRVbFJmV
      jA5T2ZHMTNZVCU84HdOekkwTURCOFkyczlNWHh0ZDJKcFBUSTBNVGQ4YlhkaVBUY3dNbnh0WVhBOU1UQ
      XhOWHhsYkdjOQEsNGIyTTlWVk5FZkcxdmNqCfQEYlhBLARkQyUIBEhJMQBcd1pqMDNPVGw4YlcxbVBUV
      TNPWHh0Y0c1AQwh4Ah0YlcBDARNMgFsqGJ6MVBXQzFIUW54bFl6MHlOekU1TlRNeU1IeHRjSFU5T1RFM
      GZHMWpjRDAp8BBHMTNZegXQARBFDERiWGR3UFRVek56RXlOVE14TkgB3AROeQ0UEDFOelE1AYQMZDJse
      iH0ATDwY2REMXZlRjl3Y205MGIzeDFjajFXUlZvemVWVnFOVEIxJTI2ciUzRPABAPoBCHZlcnQtNjAzi
      gJXdWYoJ2EnLCAyNDgzODcsIDE0Mjg3NTgxNjIpO3VmKCdjJywgNzYzNjg4NCxCHQAAcgE5HDcxOTUzM
      jAsMh4A8MSSArUBIU55d1RVQWlVajlJREVManYtd3dZQUNDOXlBRXdBRGdBUUFCSXpCRlFqcU8xQVZnQ
      llEVm9BSEFBZUFDQUFid0JpQUVFa0FFQm1BRUJvQUVCcUFFRHNBRUF1UUdhbVptWm1abnhQOEVCRThjc
      0UyT2w4al9KQWVIZDVkVm9XZlVfMlFHR09OYkZiVFR1UC1BQkFPb0JEekV6TXpJd01EQXNNVE16TWpBd
      052VUJBQUFBQUEuLpoCHSFmUWJ6T3dpVS64AHB2Y2dCSUFBLtgCAOACpe0Y6gISaHR0cDovL3d3d6VSv
      C5kZYADAIgDAZADAJgDC6ADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDAPADAA..&dlo=1&referr
      er=http%3A%2F%2Fwww.ebay.de"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Datei in Quarantäne verschieben

11.04.2015 15:13 [Browser-Schutz] Malware gefunden
      Beim Zugriff auf Daten der URL 
      "hxxp://ams1.ib.adnxs.com/if?e=wqT_3QKYBfB-jwIAAAIA1gAFCI28pKkFEKjliPa4p8WwPRitu
      MPThtqztTIgASotCSq7mlnqZPI_EX6MuWsJ-e8_GbgehetRuAhAIaQHgPeMNPA_KRPHLBNjpfI_MJnUP
      jjLA0DMEUgCULXv-wxY9pwKYABog4gDcAB4mNkDgAEBigEDVVNEkgUG8EiYAdgFoAFaqAEBsAEAuAECw
      AEFyAEA0AEA2AEA4AEA8AEA-gEFMTg2NDSKAld1ZignYScsIDI0ODM4NywgMTQyODc1ODAyOSk7ARwoY
      ycsIDc2MzY4ODRGHQAscicsIDI3MTk1MzE3Nh4A8EiSArkBIW9pNzlmZ2lVajlJREVMWHYtd3dZQUNEM
      m5Bb3dBRGdBUUFCSXpCRlFtZFEtV0FGZ05XZ0FjQVI0NnVNQmdBRzZBWWdCAQxka0FFQm1BRUJvQUVCc
      UFFRHNBRUF1UUdhbVoBAvBebnhQOEVCRThjc0UyT2w4al9KQWU0Ykh6YjU0UEVfMlFHR09OYkZiVFR1U
      C1BQkFPb0JEekV6TXpJd01EQXNNVE16TWpBd052VUJBQUFBQUEuLpoCHSFrQVpkUEFpVWodvPC6OXB3S
      0lBQS7YApUE4ALfuxDqAnpodHRwOi8vd3d3LmViYXkuZGUvc2NoL2kuaHRtbD9fZnJvbT1SNDAmX3Rya
      3NpZD1wMjA1MDYwMS5tNTcwLmwyNjMyLlIyLlRSMTIuVFJDMi5BMC5IMC5Ycy1tYXguVFJTMCZfbmt3P
      XMtbWF4Jl9zYWNhdD0xNDc3MIADAIgDAZADAJgDDKADAaoDALADALgDAMADrALIAwDYA4fMGuADAOgDA
      PADAA..&dlo=1&referrer=http%3A%2F%2Fwww.ebay.de%2Fsch%2Fi.html%3F_from%3DR40%26_
      trksid%3Dp2050601.m570.l2632.R2.TR12.TRC2.A0.H0.Xs-max.TRS0%26_nkw%3Ds-max%26_sa
      cat%3D14770"
      wurde ein Virus oder unerwünschtes Programm 'HTML/Infected.WebPage.Gen2' 
      [virus] gefunden.
      Durchgeführte Aktion: Der Zugriff auf die Datei wurde blockiert
         

Könnt Ihr mir helfen? Wie werde ich das nervige Teil wieder los? Danke Euch!

Hier noch das was Malwarebytes sagt:

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 03.05.2015
Suchlauf-Zeit: 11:44:34
Logdatei: MA.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.05.01.02
Rootkit Datenbank: v2015.04.21.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ToDaKo

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 356295
Verstrichene Zeit: 8 Min, 57 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by ToDaKo (administrator) on TODAKO-PC on 03-05-2015 17:46:17
Running from C:\Users\ToDaKo\Desktop
Loaded Profiles: ToDaKo &  (Available profiles: ToDaKo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
(Spotify Ltd) C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(CMedia) C:\Program Files\ASUS Xonar D2X Audio\Customapp\AsusAudioCenter.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-11-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [371864 2012-04-05] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Run: [EA Core] => "D:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Run: [Spotify Web Helper] => C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Run: [Spotify] => C:\Users\ToDaKo\AppData\Roaming\Spotify\spotify.exe [7168568 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\MountPoints2: {30265913-bbde-11e3-b4a0-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\MountPoints2: {59b2c4eb-6d4d-11e3-8b5a-002683161b73} - H:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\MountPoints2: {ca688933-e337-11e4-b25a-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EA Core] => "D:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\ToDaKo\AppData\Roaming\Spotify\spotify.exe [7168568 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {30265913-bbde-11e3-b4a0-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {59b2c4eb-6d4d-11e3-8b5a-002683161b73} - H:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {ca688933-e337-11e4-b25a-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [EA Core] => "D:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify Web Helper] => C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Spotify] => C:\Users\ToDaKo\AppData\Roaming\Spotify\spotify.exe [7168568 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {30265913-bbde-11e3-b4a0-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {59b2c4eb-6d4d-11e3-8b5a-002683161b73} - H:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\MountPoints2: {ca688933-e337-11e4-b25a-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [EA Core] => "D:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [Spotify Web Helper] => C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Run: [Spotify] => C:\Users\ToDaKo\AppData\Roaming\Spotify\spotify.exe [7168568 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: {30265913-bbde-11e3-b4a0-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: {59b2c4eb-6d4d-11e3-8b5a-002683161b73} - H:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\MountPoints2: {ca688933-e337-11e4-b25a-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [EA Core] => "D:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [Spotify Web Helper] => C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Run: [Spotify] => C:\Users\ToDaKo\AppData\Roaming\Spotify\spotify.exe [7168568 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\MountPoints2: {30265913-bbde-11e3-b4a0-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\MountPoints2: {59b2c4eb-6d4d-11e3-8b5a-002683161b73} - H:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\MountPoints2: {ca688933-e337-11e4-b25a-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [EA Core] => "D:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [Spotify Web Helper] => C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Run: [Spotify] => C:\Users\ToDaKo\AppData\Roaming\Spotify\spotify.exe [7168568 2015-04-26] (Spotify Ltd)
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\MountPoints2: {30265913-bbde-11e3-b4a0-002683161b73} - L:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\MountPoints2: {59b2c4eb-6d4d-11e3-8b5a-002683161b73} - H:\Startme.exe
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\MountPoints2: {ca688933-e337-11e4-b25a-002683161b73} - L:\Startme.exe
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [257176 2012-04-05] (Citrix Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: CtxIEInterceptorBHO Class -> {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} -> C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll [2012-04-05] (Citrix Systems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default
FF NewTab: about:blank
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Google (SSL)
FF Homepage: https://maps.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-04-05] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\google-default.xml [2014-03-25]
FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\google-ssl.xml [2014-05-03]
FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\ixquick-ssl.xml [2014-03-26]
FF Extension: German Dictionary - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-10]
FF Extension: Move Media Player - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\moveplayer@movenetworks.com [2013-11-30]
FF Extension: NoScript - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-30]
FF Extension: Adblock Plus - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-30]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-12-08]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-10-11]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "E:\Program Files (x86)\MediaGoDetector.crx" [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-02] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-02] (Electronic Arts)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1267200 2010-10-28] (C-Media Inc)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-02-23] (Sony Mobile Communications)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-04-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-03 17:46 - 2015-05-03 17:46 - 00029091 _____ () C:\Users\ToDaKo\Desktop\FRST.txt
2015-05-03 17:46 - 2015-05-03 17:46 - 00000000 ____D () C:\FRST
2015-05-03 17:45 - 2015-05-03 17:45 - 02101248 _____ (Farbar) C:\Users\ToDaKo\Desktop\FRST64.exe
2015-04-23 21:17 - 2015-04-23 21:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-04-23 21:17 - 2015-04-23 21:17 - 00002047 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-04-22 21:00 - 2015-04-22 21:00 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-TODAKO-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-22 21:00 - 2015-04-22 21:00 - 00000000 ____D () C:\RegBackup
2015-04-22 20:56 - 2015-04-22 20:56 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-04-22 20:02 - 2015-04-22 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 08:21 - 2015-04-15 08:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-14 22:07 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 22:07 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 22:07 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 22:07 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 22:07 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 22:07 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 22:07 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 22:07 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 22:07 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 22:07 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 22:07 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 22:07 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 22:07 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 22:07 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 22:07 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 22:07 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 22:07 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 22:07 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 22:07 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 22:07 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 22:07 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 22:07 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 22:07 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 22:07 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 22:07 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 22:07 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 22:07 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 22:07 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 22:07 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 22:07 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 22:07 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:07 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 22:07 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 22:07 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 22:07 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 22:07 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 22:07 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 22:07 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 22:07 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 22:07 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 22:07 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 22:07 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 22:07 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 22:07 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 22:07 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 22:07 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 22:07 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 22:07 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:07 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 22:07 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 22:07 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 22:07 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:07 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 22:07 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 22:07 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 22:07 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 22:07 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 22:07 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 22:07 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 22:07 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 22:07 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 22:07 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 22:07 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 22:07 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 22:07 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 22:07 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 22:07 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 22:07 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 22:07 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 22:07 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 22:07 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 22:07 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:07 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 22:07 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 22:07 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 22:07 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 22:07 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 22:07 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 22:07 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 22:07 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 22:07 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 22:07 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 22:07 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 22:07 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 22:07 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 22:07 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 22:07 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 22:07 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 22:07 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 22:07 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 22:07 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 22:07 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 22:07 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 22:07 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:07 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-14 22:06 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:06 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 22:06 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-11 23:59 - 2015-04-11 23:59 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-11 23:59 - 2015-04-11 23:59 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-11 16:10 - 2015-04-12 13:37 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-03 17:43 - 2014-10-11 14:42 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job
2015-05-03 17:43 - 2014-10-11 14:42 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job
2015-05-03 17:43 - 2013-12-11 22:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-03 17:43 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-05-03 16:57 - 2014-10-27 10:57 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job
2015-05-03 16:57 - 2014-10-27 10:57 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job
2015-05-03 16:36 - 2013-12-11 23:09 - 00000000 ____D () C:\Users\ToDaKo\Documents\BFBC2
2015-05-03 16:34 - 2011-04-12 09:43 - 00699090 _____ () C:\Windows\system32\perfh007.dat
2015-05-03 16:34 - 2011-04-12 09:43 - 00149230 _____ () C:\Windows\system32\perfc007.dat
2015-05-03 16:34 - 2009-07-14 07:13 - 01619272 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-03 16:33 - 2015-02-19 16:26 - 00000000 ____D () C:\Users\ToDaKo\.dvdcss
2015-05-03 16:33 - 2015-02-04 22:33 - 00000000 ____D () C:\Users\ToDaKo\Documents\Command and Conquer Generals Zero Hour Data
2015-05-03 16:33 - 2015-02-04 22:33 - 00000000 ____D () C:\Users\ToDaKo\Documents\Command and Conquer Generals Data
2015-05-03 16:33 - 2013-12-11 23:13 - 00000000 ____D () C:\Users\ToDaKo\Documents\NFS SHIFT
2015-05-03 16:33 - 2013-12-03 23:02 - 00000000 ____D () C:\Users\ToDaKo\Documents\Arma 3
2015-05-03 16:33 - 2013-11-29 23:22 - 00000000 ____D () C:\Users\ToDaKo
2015-05-03 16:32 - 2014-03-15 17:09 - 00000000 ____D () C:\AdwCleaner
2015-05-03 16:32 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-03 16:31 - 2014-03-15 22:25 - 00000000 ____D () C:\Users\ToDaKo\Desktop\Sicherheit
2015-05-03 16:31 - 2013-12-01 23:43 - 00000000 ____D () C:\Users\ToDaKo\Desktop\Spiele
2015-05-03 16:30 - 2014-10-15 21:57 - 00000000 ____D () C:\Users\ToDaKo\Desktop\EPSON Drucker
2015-05-03 16:30 - 2014-06-30 15:54 - 00000000 ____D () C:\Users\ToDaKo\Desktop\Reflecting Team
2015-05-03 16:25 - 2014-05-02 00:04 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-03 16:25 - 2013-11-29 23:22 - 01155729 _____ () C:\Windows\WindowsUpdate.log
2015-05-01 14:43 - 2013-12-01 23:34 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-05-01 12:33 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-01 12:33 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-27 21:32 - 2013-12-01 23:37 - 00000020 ____H () C:\ProgramData\PKP_DLbw.DAT
2015-04-27 21:32 - 2013-12-01 23:35 - 00000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2015-04-27 21:32 - 2013-12-01 23:21 - 00000020 ____H () C:\ProgramData\PKP_DLbz.DAT
2015-04-27 21:30 - 2009-07-14 06:51 - 00117836 _____ () C:\Windows\setupact.log
2015-04-26 22:48 - 2015-01-20 00:16 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\Spotify
2015-04-26 22:38 - 2014-02-16 21:03 - 00000641 _____ () C:\Windows\wiso.ini
2015-04-26 20:35 - 2015-01-20 00:15 - 00000000 ____D () C:\Users\ToDaKo\AppData\Roaming\Spotify
2015-04-26 18:24 - 2013-11-29 23:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-26 18:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-26 18:19 - 2013-12-08 19:52 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\CrashDumps
2015-04-26 14:00 - 2009-07-14 06:45 - 02348288 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-26 13:59 - 2013-11-30 19:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-26 13:59 - 2010-11-21 05:47 - 00242484 _____ () C:\Windows\PFRO.log
2015-04-25 00:07 - 2014-08-21 15:24 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\Adobe
2015-04-23 23:32 - 2013-11-30 22:16 - 00109760 _____ () C:\Users\ToDaKo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-23 21:40 - 2013-11-30 23:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-23 21:18 - 2014-12-27 11:56 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-04-23 21:17 - 2013-12-02 15:48 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-23 21:17 - 2013-12-02 15:48 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-19 04:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-18 21:32 - 2013-12-11 19:55 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-04-18 13:03 - 2014-04-05 12:51 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2015-04-17 17:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-15 08:21 - 2014-04-30 23:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 08:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-14 23:03 - 2013-12-01 01:02 - 01591936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-14 23:02 - 2013-12-01 00:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-14 23:01 - 2013-12-01 00:58 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 20:14 - 2013-12-11 22:47 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 20:14 - 2013-12-01 00:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 20:14 - 2013-12-01 00:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-12-01 23:34 - 2013-12-01 23:41 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Alerts
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Contextual Menu Items
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Core Data Application
2013-12-01 23:21 - 2013-12-01 23:21 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\CustomDataViews
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\filter
2013-12-01 23:35 - 2013-12-01 23:35 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\grep
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\howto
2014-03-21 00:51 - 2014-03-21 00:51 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\laserjet
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\ToDaKo\AppData\Local\setup.txt
2013-12-01 23:34 - 2013-12-01 23:41 - 0000268 ___RH () C:\ProgramData\Analog Pad
2013-12-01 23:35 - 2013-12-01 23:35 - 0000012 ___RH () C:\ProgramData\Analog Sync
2013-12-01 23:34 - 2013-12-01 23:34 - 0000012 ___RH () C:\ProgramData\Applause and Laugher
2014-03-21 00:51 - 2014-03-21 00:51 - 0000012 ___RH () C:\ProgramData\Audio
2013-12-01 23:34 - 2013-12-01 23:41 - 0000012 ___RH () C:\ProgramData\Bundle
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\ProgramData\Dance Kit
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\ProgramData\Database
2013-12-01 23:21 - 2013-12-01 23:21 - 0000268 ___RH () C:\ProgramData\Definition Bundle
2013-12-01 23:37 - 2013-12-01 23:37 - 0000012 ___RH () C:\ProgramData\Jingles
2013-12-01 23:37 - 2013-12-01 23:37 - 0000012 ___RH () C:\ProgramData\Keyboard Layouts
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\ProgramData\laserjet
2013-12-01 23:21 - 2013-12-01 23:21 - 0000012 ___RH () C:\ProgramData\LaserPrinter
2013-12-01 23:35 - 2013-12-01 23:35 - 0000268 ___RH () C:\ProgramData\libiconv
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\ProgramData\manual
2013-12-01 23:37 - 2015-04-27 21:32 - 0000020 ____H () C:\ProgramData\PKP_DLbw.DAT
2013-12-01 23:35 - 2015-04-27 21:32 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2013-12-01 23:21 - 2015-04-27 21:32 - 0000020 ____H () C:\ProgramData\PKP_DLbz.DAT
2013-12-01 23:34 - 2013-12-01 23:41 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-12-01 23:35 - 2014-06-10 10:17 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-12-01 23:34 - 2015-05-01 14:43 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-12-01 23:34 - 2014-06-16 15:54 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-03-21 00:51 - 2014-03-21 00:51 - 0000020 ____H () C:\ProgramData\PKP_DLex.DAT
2013-12-01 23:41 - 2013-12-01 23:41 - 0000000 _____ () C:\ProgramData\User Pictures
2014-03-21 00:51 - 2014-03-21 00:51 - 0000268 ___RH () C:\ProgramData\vhosts

Some content of TEMP:
====================
C:\Users\ToDaKo\AppData\Local\Temp\avgnt.exe
C:\Users\ToDaKo\AppData\Local\Temp\ose00000.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-26 19:54

==================== End Of Log ============================
         

--- --- ---

--- --- ---

[/CODE]

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by ToDaKo at 2015-05-03 17:46:37
Running from C:\Users\ToDaKo\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1252915199-2368019422-3184813152-500 - Administrator - Disabled)
Gast (S-1-5-21-1252915199-2368019422-3184813152-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1252915199-2368019422-3184813152-1002 - Limited - Enabled)
ToDaKo (S-1-5-21-1252915199-2368019422-3184813152-1000 - Administrator - Enabled) => C:\Users\ToDaKo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.5 - Futuremark Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.03 - ASUSTeK Computer Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
AVNavigator 2012.II (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\AVNavigator 2012.II) (Version: 1.13.1.009.1 - PIONEER CORPORATION)
AVNavigator 2012.II (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\AVNavigator 2012.II) (Version: 1.13.1.009.1 - PIONEER CORPORATION)
AVNavigator 2012.II (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\AVNavigator 2012.II) (Version: 1.13.1.009.1 - PIONEER CORPORATION)
AVNavigator 2012.II (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\AVNavigator 2012.II) (Version: 1.13.1.009.1 - PIONEER CORPORATION)
AVNavigator 2012.II (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\AVNavigator 2012.II) (Version: 1.13.1.009.1 - PIONEER CORPORATION)
AVNavigator 2012.II (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\AVNavigator 2012.II) (Version: 1.13.1.009.1 - PIONEER CORPORATION)
Battlefield Vietnam(TM) (HKLM-x32\...\{E35B3C63-E958-4E31-A178-95D22024109A}) (Version:  - )
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Capture NX (HKLM-x32\...\Capture NX) (Version: 1.3.0 - NIKON CORPORATION)
Capture NX 2 (HKLM\...\Capture NX 2) (Version: 2.4.5 - NIKON CORPORATION)
Capture NX-D (HKLM\...\{56E8726C-8674-4715-8535-011DE67F2A6D}) (Version: 0.9.1 - Nikon)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.200.22 - Citrix Systems, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{AC663F85-A421-4127-A507-8E24F64D4523}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}) (Version: 2.5.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.34.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-710 Series Printer Uninstall (HKLM\...\EPSON XP-710 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FOTOParadies (HKLM-x32\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 3.5.9.45 - Foto Online Service GmbH)
Free MP4 Video Converter version 5.0.56.128 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.56.128 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.12.107.06300 (HKLM-x32\...\{12CEF785-A93B-15F6-1604-79E51E920A06}) (Version: 2.12.107.06300 - Sony)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MozBackup 1.4.10 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11300.14.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.11200.16.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.11400.18.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.12300.23.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.11400.15.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.14800.28.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{7D0A13FA-56BC-4755-8BAF-45A69BA6A5C8}) (Version: 10.0.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.12600.30.100 - Nero AG)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Online Plug-in (x32 Version: 13.1.200.22 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoDose 5.3 (HKLM-x32\...\Photo Dose_is1) (Version:  - )
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.0.2 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.0 - Nikon)
PunkBuster für Battlefield Vietnam (HKLM-x32\...\{D07643A3-CE41-4286-8C78-EB9C83E76DDB}) (Version:  - )
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Self-Service Plug-in (x32 Version: 3.2.0.24226 - Citrix Systems, Inc.) Hidden
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.5.201504081732 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Spotify (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Spotify (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Spotify (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Spotify (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Spotify (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Spotify (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB 3.0 Boost (HKLM-x32\...\{015CFA5F-1377-48B2-84DB-F4D3DE8EBAF7}) (Version:  - )
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.2 - Nikon)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-04-2015 13:03:50 Installed Sony Mobile Drivers
18-04-2015 21:31:40 Installed Media Go Network Downloader
26-04-2015 20:01:52 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1014E010-161D-460D-A6F8-34F65D63B67F} - System32\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {16C5D130-937F-4F39-B850-3D59A7F20F2F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {25474452-2E29-4AF9-8A20-EC6B5DC457BA} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {37F19027-04B1-4DF5-9583-4B08FE74009A} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {53E3A758-6494-421D-9124-1EB9E2FB33DC} - System32\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {561DCE80-9E35-4597-8026-B9279F8D5F07} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {65D0CD6E-358F-4B1B-8401-7CDCD8865BF2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7E6F31F0-5FC9-4273-8060-7A209EEEDFAA} - System32\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8AACB2B0-328F-426C-B73F-2BF78404F377} - System32\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {94E0642C-73DB-458E-B93C-2EC6135447FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {9AFD54E0-BFE9-4590-AC72-0D1DF1DDB372} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {A82CE5F6-9FC6-4626-B2A3-6D5FCDCDACD3} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {C571FD7C-2224-4698-AF0D-610AD66FCA1F} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-11-25] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE
Task: C:\Windows\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE
Task: C:\Windows\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE:/EXE:{15C2B58D-DD7B-408C-B94A-320BF2D63349} /F:UpdateSYSTEM

Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE:/EXE:{FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA} /F:UpdateSYSTEM

Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Loaded Modules (whitelisted) ==============

2013-11-30 22:15 - 2012-02-17 21:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2013-11-30 22:19 - 2011-06-13 17:36 - 00922240 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2013-11-30 22:16 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2013-11-30 22:16 - 2008-07-11 16:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2013-11-30 22:19 - 2010-12-02 11:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2013-11-30 22:19 - 2010-10-21 18:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-30 22:19 - 2015-04-26 18:24 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2013-11-30 22:19 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2013-11-30 22:16 - 2009-05-11 19:01 - 00143360 ____N () C:\Program Files\ASUS Xonar D2X Audio\Customapp\VmixP8.dll
2013-11-30 22:21 - 2011-03-04 17:33 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00061440 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00703488 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
2013-11-30 22:21 - 2009-05-21 11:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2013-11-30 22:19 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2013-11-30 22:19 - 2011-02-24 11:19 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-11-30 22:19 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-11-30 22:19 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-11-30 22:19 - 2011-02-09 10:02 - 00873472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2013-11-30 22:20 - 2010-10-15 18:40 - 01031680 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2013-11-30 22:19 - 2011-05-16 18:35 - 00965632 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-11-30 22:20 - 2011-01-19 22:23 - 01655296 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
2013-11-30 22:20 - 2010-12-01 13:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-11-30 22:21 - 2011-01-06 11:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-11-30 22:19 - 2011-05-20 10:12 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-11-30 22:19 - 2011-04-07 18:33 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-11-30 22:19 - 2011-01-07 17:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-11-30 22:19 - 2010-08-06 19:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-11-30 22:19 - 2010-08-06 19:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-11-30 22:19 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-3\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-4\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\startupfolder: C:^Users^ToDaKo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: SamsungRapidApp => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
MSCONFIG\startupreg: USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{88944958-D192-4883-A4BE-D90515895DAA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
FirewallRules: [{42AED191-1BDE-48D2-AD4C-7885644FB22F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe
FirewallRules: [{BD0A69BB-636D-4E6A-92C4-6DB96C4E3388}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{EF4315FD-A540-4454-B97E-01619EF9379D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{94B710B0-263A-4B52-A677-AE77F6CDDB2F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{CE9722A4-A393-4968-A107-0E953576DB4B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{6658AD7C-EC0D-4AB6-A296-5ADB1E57ED54}] => (Allow) D:\Spiele\Arma3\Steam.exe
FirewallRules: [{0F10F9F6-CAE6-45DA-A17B-D58DBB5CDE5B}] => (Allow) D:\Spiele\Arma3\Steam.exe
FirewallRules: [{A17177CE-F444-4B3E-82AD-88403809D422}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{6BFD7633-B28E-4999-8AA2-1894A2BB70D6}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{CFABD0A7-FC36-40E9-89B2-171D94B3B8FE}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{1CE0A6CD-79DE-4166-A8E0-58A061F58E52}] => (Allow) D:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{468C91E4-1F5C-49BF-B8E9-5F88AD38D9E1}] => (Allow) D:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [TCP Query User{3F2F13EC-08D7-4509-B842-9BF712869E9E}D:\program files (x86)\electronic arts\eadm\core.exe] => (Block) D:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{39AFE621-AA64-4454-A8D6-4C29BA1D0D2B}D:\program files (x86)\electronic arts\eadm\core.exe] => (Block) D:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{34B34D76-13ED-4FFB-B56B-3F1FBB5BA23B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B9075C17-469D-4FB0-919B-18575C113093}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{59D9A2EA-2D51-4812-A15A-D7F150983B8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{258A291E-234A-47C8-8D55-9C121927ADD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{514799C4-247B-4F5F-BF9C-00204B5F3601}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D1E3ED35-7697-44AC-8443-54C02F563CE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{32D8965B-ADAD-42FA-A4B2-846C3FB736D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{55D6B8EA-C4D0-40A0-8B7E-2D72552068B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B81008A1-5B96-464D-9DBB-E57F0C41DF56}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DCB7E7E6-DDCF-40BC-AD7B-5E2483D6FD70}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B8365DD2-5242-4E18-AF70-FBCABDC5A622}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{642A4D35-8630-4407-9E4C-1FDA1DCD4CA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{229CB68F-8730-4904-BE44-C89530530310}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E37F7891-D6A4-4FB2-A794-AD151232ECD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{86B6C7F3-5A0E-4423-A197-2841700909DF}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BFDC0735-5C1E-4FD8-B91B-F434C343AEE5}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{59077F84-5F4D-4019-A2AD-85760CF69A3B}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{30ED07F0-EF56-424A-8221-246FEEE315A5}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{A017C8E7-9C79-4883-B2A3-F8A2FFD6AD82}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{322CEF2F-5A79-4D06-92F6-FD687E03959E}] => (Allow) LPort=2869
FirewallRules: [{AB39E4B4-4982-4190-9946-48C34535AE33}] => (Allow) LPort=1900
FirewallRules: [{376FF272-3974-479A-A396-1552DFCB87EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{183DD9A6-86A4-436B-8D32-79E0FE305D12}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5DEFF7C6-1C09-4FDD-89A9-434B90DB83A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AFCAE7B9-471A-43C2-8758-ED8EFED35B9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{08621709-BCD0-49B5-A9D7-9AFF3794BEF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CEE4E182-E4AA-46D5-AD20-FC21AAAA4683}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C202E124-177A-4CE2-A50F-85654C7117BF}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{D6F23C01-6822-4F7B-8817-B7D1E938F4CB}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{02945E1D-4F4F-400F-83FF-C563193FDE85}] => (Allow) D:\Spiele\Arma3\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{F05B0B49-C227-4316-83F4-1D41D94BBBFA}] => (Allow) D:\Spiele\Arma3\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{5F6BD532-C8D3-43C8-BEC6-2AFDF650B76D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{634157A4-734D-4C74-AE8C-90044D6E407A}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{8A4BFB23-AF55-487F-A2EE-F12201544436}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{A47B861F-EBD4-4BDD-8F46-012B58E3DAE9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{573EA0FD-9694-49C2-B2A2-3858E4EC9330}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{A1D10C3D-44A5-4DC7-B66A-898E1B61DD0F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4BC5B309-7005-40FF-8D96-14B1298A2386}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DE30234B-AB04-4408-B237-1B5BE85AD850}] => (Allow) D:\Spiele\Arma3\bin\steamwebhelper.exe
FirewallRules: [{EDEBB10F-B91B-4759-8927-1D7154D39688}] => (Allow) D:\Spiele\Arma3\bin\steamwebhelper.exe
FirewallRules: [{A06C99FF-654B-43E5-9294-CCE70F14C13B}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{71CF3512-867B-4368-A925-EA184502B8C9}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{64DCF49B-99E6-4AE2-A06E-542FDC1ECB01}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{71C62962-0500-4F02-A370-9590D34541CC}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{3FAC1D8A-74AD-4A86-B35E-23125441A50C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BDBF58CA-A73E-4DEF-BF4E-948722651996}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F86318D0-5767-4CB0-A485-87AFE43A0255}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{69763976-5304-46D3-9530-8295363A3BFD}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C347DC06-F3B6-47FB-9001-DE21E0E13210}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{463030F7-8927-451E-A500-A6261A55F2B5}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1C0386F0-E8A2-43C7-9F25-617EBC43BC4B}E:\spiele\battlefield vietnam\bfvietnam.exe] => (Allow) E:\spiele\battlefield vietnam\bfvietnam.exe
FirewallRules: [UDP Query User{72830006-63EC-47BF-8BDD-DB499982AE4E}E:\spiele\battlefield vietnam\bfvietnam.exe] => (Allow) E:\spiele\battlefield vietnam\bfvietnam.exe
FirewallRules: [{29EA26DA-3D79-4E43-9E62-963208CCCFDF}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{4D0976EA-2B18-4923-A97B-603EF513768C}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{ABD1DAAA-2A0F-402D-97AB-2CBC694CCD94}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{0AA06B59-5A58-49EB-980D-71F2FE00A8CA}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{1D8C8303-DACC-4DE6-9F89-66DF45072340}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{82DC0A4F-53BE-4C99-93E9-378A28349940}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [TCP Query User{98A021FA-BE72-4894-8497-D38C21D6E430}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{962B76BD-3538-47A2-ABB1-2202AC018F5B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{54FC67D2-89D4-47DF-91DA-0B723ECED47D}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{1740E8D6-2014-48C4-84AB-CB51D658E4EB}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/03/2015 00:06:30 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (05/03/2015 11:56:39 AM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (05/03/2015 11:51:41 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/01/2015 11:52:21 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "N:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (05/01/2015 02:14:47 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (05/01/2015 02:13:58 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (05/01/2015 00:35:22 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/01/2015 00:37:27 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (04/28/2015 08:14:28 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (04/28/2015 08:11:31 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 


System errors:
=============
Error: (05/03/2015 11:53:44 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/03/2015 11:53:44 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/01/2015 01:18:35 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/01/2015 00:38:20 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/01/2015 00:38:20 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (04/28/2015 05:08:39 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (04/28/2015 05:08:39 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (04/28/2015 03:49:04 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (04/28/2015 03:49:04 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (04/28/2015 03:48:17 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 40%
Total physical RAM: 8159.15 MB
Available physical RAM: 4887.89 MB
Total Pagefile: 8357.34 MB
Available Pagefile: 4816.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:209.37 GB) (Free:116.98 GB) NTFS
Drive d: (Spiele) (Fixed) (Total:55.68 GB) (Free:8.48 GB) NTFS
Drive e: (Daten und Programme) (Fixed) (Total:931.39 GB) (Free:623.63 GB) NTFS
Drive f: (Foto) (Fixed) (Total:931.51 GB) (Free:405.39 GB) NTFS
Drive j: (Musik und Video) (Fixed) (Total:465.76 GB) (Free:217.23 GB) NTFS
Drive l: (DASI) (Fixed) (Total:2794.39 GB) (Free:441.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 55.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: ACF28C5F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 0790078F)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 2794.5 GB) (Disk ID: 5135FD8F)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Okay, hier der Logfile. Obwohl ich Avira ausgeschaltet habe (hoffentlich richtig?) meldet Avira beim Start von ComboFix "Registry blockiert"....

Code: Alles auswählenAufklappen

ATTFilter

Combofix Logfile:

	
Code: 

Alles auswählenAufklappen 
ATTFilter

  
	
ComboFix 15-04-28.01 - ToDaKo 04.05.2015  20:24:25.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8159.6199 [GMT 2:00]
ausgeführt von:: c:\users\ToDaKo\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ToDaKo\AppData\Local\Microsoft\Windows\Temporary Internet Files\3b7a.ica
c:\users\ToDaKo\AppData\Local\Microsoft\Windows\Temporary Internet Files\4011.ica
c:\users\ToDaKo\AppData\Local\Microsoft\Windows\Temporary Internet Files\a275.ica
c:\users\ToDaKo\AppData\Local\Microsoft\Windows\Temporary Internet Files\ae35.ica
c:\windows\Temp\log.txt
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-04-04 bis 2015-05-04  ))))))))))))))))))))))))))))))
.
.
2015-05-04 18:27 . 2015-05-04 18:27	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-05-03 15:46 . 2015-05-03 15:46	--------	d-----w-	C:\FRST
2015-04-22 19:00 . 2015-04-22 19:00	--------	d-----w-	C:\RegBackup
2015-04-22 18:56 . 2015-04-22 18:56	43664	----a-w-	c:\windows\system32\drivers\hitmanpro37.sys
2015-04-15 06:21 . 2015-04-15 06:21	--------	d-----w-	c:\windows\system32\appraiser
2015-04-14 20:06 . 2015-03-04 04:55	367552	----a-w-	c:\windows\system32\clfs.sys
2015-04-14 20:06 . 2015-03-04 04:41	79360	----a-w-	c:\windows\system32\clfsw32.dll
2015-04-14 20:06 . 2015-03-04 04:10	58880	----a-w-	c:\windows\SysWow64\clfsw32.dll
2015-04-11 21:59 . 2015-04-11 21:59	--------	d-s---w-	c:\windows\system32\GWX
2015-04-11 21:59 . 2015-04-11 21:59	--------	d-s---w-	c:\windows\SysWow64\GWX
2015-04-11 14:10 . 2015-04-12 11:37	--------	d-----w-	c:\users\ToDaKo\AppData\Local\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-03 20:33 . 2014-05-01 22:04	129752	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-14 21:01 . 2013-11-30 22:58	128913832	----a-w-	c:\windows\system32\MRT.exe
2015-04-14 18:14 . 2013-11-30 22:18	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-14 18:14 . 2013-11-30 22:18	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-17 04:56 . 2015-04-14 20:07	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-03-10 14:52 . 2013-11-30 18:23	44088	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2015-03-10 14:52 . 2013-11-30 18:23	132120	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-03-10 14:52 . 2013-11-30 18:23	128536	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-02-26 03:25 . 2015-03-10 21:50	3204096	----a-w-	c:\windows\system32\win32k.sys
2015-02-23 17:13 . 2015-02-23 17:13	30424	----a-w-	c:\windows\system32\drivers\ggsomc.sys
2015-02-23 17:13 . 2015-02-23 17:13	16088	----a-w-	c:\windows\system32\drivers\ggflt.sys
2015-02-20 04:41 . 2015-03-10 21:50	41984	----a-w-	c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-10 21:50	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-10 21:50	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-10 21:50	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-10 21:50	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-10 21:50	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-10 21:50	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-10 21:50	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-10 21:50	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-10 21:50	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-02-17 15:04 . 2015-02-17 15:04	1202848	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-02-13 05:22 . 2015-03-11 16:58	14177280	----a-w-	c:\windows\system32\shell32.dll
2015-02-04 10:23 . 2015-02-04 10:23	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13	869536	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-10 21:50	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-10 21:50	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Spotify Web Helper"="c:\users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-04-26 2020920]
"Spotify"="c:\users\ToDaKo\AppData\Roaming\Spotify\Spotify.exe" [2015-04-26 7168568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-04-01 726320]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2010-11-08 465536]
"ASUS ShellProcess Execute"="c:\program files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe" [2010-11-25 252544]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-04-05 371864]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2014-05-02 1065024]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Citrix\ICACLI~1\RSHook.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
2;2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Origin Client Service;Origin Client Service;d:\program files (x86)\Origin\OriginClientService.exe;d:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S0 AiChargerPlus;ASUS Charger Plus Driver;c:\windows\system32\DRIVERS\AiChargerPlus.sys;c:\windows\SYSNATIVE\DRIVERS\AiChargerPlus.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 EPSON_PM_RPCV4_06;EPSON V3 Service4(06);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [x]
S2 EpsonScanSvc;Epson Scanner Service;c:\windows\system32\EscSvc64.exe;c:\windows\SYSNATIVE\EscSvc64.exe [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 cmudaxp;ASUS Xonar D2X Audio Interface;c:\windows\system32\drivers\cmudaxp.sys;c:\windows\SYSNATIVE\drivers\cmudaxp.sys [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
.
Inhalt des "geplante Tasks" Ordners
.
2015-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-30 18:14]
.
2015-05-04 c:\windows\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2014-10-11 23:20]
.
2015-05-04 c:\windows\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2014-10-11 23:20]
.
2015-05-04 c:\windows\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2014-10-11 23:20]
.
2015-05-04 c:\windows\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job
- c:\windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2014-10-11 23:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
"Cmaudio8788"="c:\windows\Syswow64\cmicnfgp.dll" [2010-09-16 8761344]
"Cmaudio8788GX"="c:\windows\syswow64\HsMgr.exe" [2008-07-11 200704]
"Cmaudio8788GX64"="c:\windows\system\HsMgr64.exe" [2008-07-11 282112]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-02 1225920]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-02 2201032]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\
FF - prefs.js: browser.search.selectedEngine - Google (SSL)
FF - prefs.js: browser.startup.homepage - hxxps://maps.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-EA Core - d:\program files (x86)\Electronic Arts\EADM\Core.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-05-04  20:28:29
ComboFix-quarantined-files.txt  2015-05-04 18:28
.
Vor Suchlauf: 12 Verzeichnis(se), 134.203.379.712 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 135.260.475.392 Bytes frei
.
- - End Of File - - 1D554AC9C37EF356393D465BB4A1A674
         
 
--- --- ---
5FB38429D5D77768867C76DCBDB35194
         

Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.05.2015
Suchlauf-Zeit: 16:31:22
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.05.05.03
Rootkit Datenbank: v2015.04.21.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ToDaKo

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 368609
Verstrichene Zeit: 6 Min, 32 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

AdwCleaner Logfile:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v4.203 - Bericht erstellt 05/05/2015 um 16:42:12
# Aktualisiert 30/04/2015 von Xplode
# Datenbank : 2015-05-02.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : ToDaKo - TODAKO-PC
# Gestarted von : C:\Users\ToDaKo\Desktop\AdwCleaner_4.203.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\ToDaKo\AppData\Roaming\RHEng

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C43F0D7D-78F0-47B8-954C-8FB36960B785}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2D81E70-2A98-4A08-A628-94388B063C5E}
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.2 (x86 de)

[byx2kves.default\prefs.js] - Zeile Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]

*************************

AdwCleaner[R0].txt - [7710 Bytes] - [15/03/2014 17:09:19]
AdwCleaner[R1].txt - [991 Bytes] - [16/03/2014 21:36:10]
AdwCleaner[R2].txt - [1829 Bytes] - [05/05/2015 16:41:43]
AdwCleaner[S0].txt - [7775 Bytes] - [15/03/2014 17:10:28]
AdwCleaner[S1].txt - [1053 Bytes] - [16/03/2014 21:36:32]
AdwCleaner[S2].txt - [1712 Bytes] - [05/05/2015 16:42:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1771  Bytes] ##########
         

--- --- ---

[/CODE]

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.7 (04.30.2015:1)
OS: Windows 7 Home Premium x64
Ran by ToDaKo on 05.05.2015 at 16:45:49,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\ToDaKo\AppData\Roaming\mozilla\firefox\profiles\byx2kves.default\prefs.js

user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\new-window-button\,\privatebrowsing-button\,\save-





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.05.2015 at 16:47:10,42
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2015
Ran by ToDaKo (administrator) on TODAKO-PC on 05-05-2015 16:49:07
Running from C:\Users\ToDaKo\Desktop
Loaded Profiles: ToDaKo (Available profiles: ToDaKo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Users\ToDaKo\AppData\Local\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-11-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [371864 2012-04-05] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [257176 2012-04-05] (Citrix Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: CtxIEInterceptorBHO Class -> {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} -> C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll [2012-04-05] (Citrix Systems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default
FF NewTab: about:blank
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Google (SSL)
FF Homepage: https://maps.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-04-05] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\google-default.xml [2014-03-25]
FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\google-ssl.xml [2014-05-03]
FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\ixquick-ssl.xml [2014-03-26]
FF Extension: German Dictionary - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-10]
FF Extension: Move Media Player - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\moveplayer@movenetworks.com [2013-11-30]
FF Extension: NoScript - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-30]
FF Extension: Adblock Plus - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-30]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-12-08]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-10-11]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "E:\Program Files (x86)\MediaGoDetector.crx" [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
S2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-02] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-02] (Electronic Arts)
S2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1267200 2010-10-28] (C-Media Inc)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-02-23] (Sony Mobile Communications)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-04-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 16:49 - 2015-05-05 16:49 - 00018029 _____ () C:\Users\ToDaKo\Desktop\FRST.txt
2015-05-05 16:48 - 2015-05-05 16:48 - 02101248 _____ (Farbar) C:\Users\ToDaKo\Desktop\FRST64.exe
2015-05-05 14:30 - 2015-05-05 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-04 20:28 - 2015-05-04 20:28 - 00021037 _____ () C:\ComboFix.txt
2015-05-04 20:22 - 2015-05-04 20:28 - 00000000 ____D () C:\Qoobox
2015-05-04 20:22 - 2015-05-04 20:27 - 00000000 ____D () C:\Windows\erdnt
2015-05-04 20:22 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-04 20:22 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-04 20:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-03 17:46 - 2015-05-05 16:49 - 00000000 ____D () C:\FRST
2015-04-23 21:17 - 2015-04-23 21:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-04-23 21:17 - 2015-04-23 21:17 - 00002047 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-04-22 21:00 - 2015-04-22 21:00 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-TODAKO-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-22 21:00 - 2015-04-22 21:00 - 00000000 ____D () C:\RegBackup
2015-04-22 20:56 - 2015-04-22 20:56 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-04-22 20:02 - 2015-04-22 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 08:21 - 2015-04-15 08:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-14 22:07 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 22:07 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 22:07 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 22:07 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 22:07 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 22:07 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 22:07 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 22:07 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 22:07 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 22:07 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 22:07 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 22:07 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 22:07 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 22:07 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 22:07 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 22:07 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 22:07 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 22:07 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 22:07 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 22:07 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 22:07 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 22:07 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 22:07 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 22:07 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 22:07 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 22:07 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 22:07 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 22:07 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 22:07 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 22:07 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 22:07 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:07 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 22:07 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 22:07 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 22:07 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 22:07 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 22:07 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 22:07 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 22:07 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 22:07 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 22:07 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 22:07 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 22:07 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 22:07 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 22:07 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 22:07 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 22:07 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 22:07 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:07 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 22:07 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 22:07 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 22:07 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:07 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 22:07 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 22:07 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 22:07 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 22:07 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 22:07 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 22:07 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 22:07 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 22:07 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 22:07 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 22:07 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 22:07 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 22:07 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 22:07 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 22:07 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 22:07 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 22:07 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 22:07 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 22:07 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 22:07 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:07 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 22:07 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 22:07 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 22:07 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 22:07 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 22:07 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 22:07 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 22:07 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 22:07 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 22:07 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 22:07 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 22:07 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 22:07 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 22:07 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 22:07 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 22:07 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 22:07 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 22:07 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 22:07 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 22:07 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 22:07 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 22:07 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:07 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-14 22:06 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:06 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 22:06 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-11 23:59 - 2015-04-11 23:59 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-11 23:59 - 2015-04-11 23:59 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-11 16:10 - 2015-04-12 13:37 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-05 16:48 - 2013-11-29 23:22 - 01249123 _____ () C:\Windows\WindowsUpdate.log
2015-05-05 16:47 - 2014-03-15 22:25 - 00000000 ____D () C:\Users\ToDaKo\Desktop\Sicherheit
2015-05-05 16:47 - 2011-04-12 09:43 - 00699090 _____ () C:\Windows\system32\perfh007.dat
2015-05-05 16:47 - 2011-04-12 09:43 - 00149230 _____ () C:\Windows\system32\perfc007.dat
2015-05-05 16:47 - 2009-07-14 07:13 - 01619272 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-05 16:45 - 2014-05-02 00:04 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 16:43 - 2013-11-29 23:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-05 16:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 16:43 - 2009-07-14 06:51 - 00118676 _____ () C:\Windows\setupact.log
2015-05-05 16:42 - 2014-10-11 14:42 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job
2015-05-05 16:42 - 2014-10-11 14:42 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job
2015-05-05 16:42 - 2014-03-15 17:09 - 00000000 ____D () C:\AdwCleaner
2015-05-05 16:42 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-05-05 16:28 - 2014-10-27 10:57 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job
2015-05-05 16:28 - 2014-10-27 10:57 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job
2015-05-05 16:28 - 2013-12-11 22:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-05 14:37 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 14:37 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 14:29 - 2013-11-30 20:23 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 14:29 - 2013-11-30 20:23 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-04 21:21 - 2013-12-01 23:34 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-05-04 21:12 - 2015-01-20 00:15 - 00000000 ____D () C:\Users\ToDaKo\AppData\Roaming\Spotify
2015-05-04 21:09 - 2015-01-20 00:16 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\Spotify
2015-05-04 21:09 - 2010-11-21 05:47 - 00243824 _____ () C:\Windows\PFRO.log
2015-05-04 20:28 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-04 20:27 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-03 16:36 - 2013-12-11 23:09 - 00000000 ____D () C:\Users\ToDaKo\Documents\BFBC2
2015-05-03 16:33 - 2015-02-19 16:26 - 00000000 ____D () C:\Users\ToDaKo\.dvdcss
2015-05-03 16:33 - 2015-02-04 22:33 - 00000000 ____D () C:\Users\ToDaKo\Documents\Command and Conquer Generals Zero Hour Data
2015-05-03 16:33 - 2015-02-04 22:33 - 00000000 ____D () C:\Users\ToDaKo\Documents\Command and Conquer Generals Data
2015-05-03 16:33 - 2013-12-11 23:13 - 00000000 ____D () C:\Users\ToDaKo\Documents\NFS SHIFT
2015-05-03 16:33 - 2013-12-03 23:02 - 00000000 ____D () C:\Users\ToDaKo\Documents\Arma 3
2015-05-03 16:33 - 2013-11-29 23:22 - 00000000 ____D () C:\Users\ToDaKo
2015-05-03 16:32 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-03 16:31 - 2013-12-01 23:43 - 00000000 ____D () C:\Users\ToDaKo\Desktop\Spiele
2015-05-03 16:30 - 2014-10-15 21:57 - 00000000 ____D () C:\Users\ToDaKo\Desktop\EPSON Drucker
2015-05-03 16:30 - 2014-06-30 15:54 - 00000000 ____D () C:\Users\ToDaKo\Desktop\Reflecting Team
2015-04-27 21:32 - 2013-12-01 23:37 - 00000020 ____H () C:\ProgramData\PKP_DLbw.DAT
2015-04-27 21:32 - 2013-12-01 23:35 - 00000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2015-04-27 21:32 - 2013-12-01 23:21 - 00000020 ____H () C:\ProgramData\PKP_DLbz.DAT
2015-04-26 22:38 - 2014-02-16 21:03 - 00000641 _____ () C:\Windows\wiso.ini
2015-04-26 18:19 - 2013-12-08 19:52 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\CrashDumps
2015-04-26 14:00 - 2009-07-14 06:45 - 02348288 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-26 13:59 - 2013-11-30 19:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-25 00:07 - 2014-08-21 15:24 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\Adobe
2015-04-23 23:32 - 2013-11-30 22:16 - 00109760 _____ () C:\Users\ToDaKo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-23 21:40 - 2013-11-30 23:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-23 21:18 - 2014-12-27 11:56 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-04-23 21:17 - 2013-12-02 15:48 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-23 21:17 - 2013-12-02 15:48 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-19 04:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-18 21:32 - 2013-12-11 19:55 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-04-18 13:03 - 2014-04-05 12:51 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2015-04-17 17:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-15 08:21 - 2014-04-30 23:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 08:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-14 23:03 - 2013-12-01 01:02 - 01591936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-14 23:02 - 2013-12-01 00:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-14 23:01 - 2013-12-01 00:58 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 20:14 - 2013-12-11 22:47 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 20:14 - 2013-12-01 00:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 20:14 - 2013-12-01 00:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-12-01 23:34 - 2013-12-01 23:41 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Alerts
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Contextual Menu Items
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Core Data Application
2013-12-01 23:21 - 2013-12-01 23:21 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\CustomDataViews
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\filter
2013-12-01 23:35 - 2013-12-01 23:35 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\grep
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\howto
2014-03-21 00:51 - 2014-03-21 00:51 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\laserjet
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\ToDaKo\AppData\Local\setup.txt
2013-12-01 23:34 - 2013-12-01 23:41 - 0000268 ___RH () C:\ProgramData\Analog Pad
2013-12-01 23:35 - 2013-12-01 23:35 - 0000012 ___RH () C:\ProgramData\Analog Sync
2013-12-01 23:34 - 2013-12-01 23:34 - 0000012 ___RH () C:\ProgramData\Applause and Laugher
2014-03-21 00:51 - 2014-03-21 00:51 - 0000012 ___RH () C:\ProgramData\Audio
2013-12-01 23:34 - 2013-12-01 23:41 - 0000012 ___RH () C:\ProgramData\Bundle
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\ProgramData\Dance Kit
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\ProgramData\Database
2013-12-01 23:21 - 2013-12-01 23:21 - 0000268 ___RH () C:\ProgramData\Definition Bundle
2013-12-01 23:37 - 2013-12-01 23:37 - 0000012 ___RH () C:\ProgramData\Jingles
2013-12-01 23:37 - 2013-12-01 23:37 - 0000012 ___RH () C:\ProgramData\Keyboard Layouts
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\ProgramData\laserjet
2013-12-01 23:21 - 2013-12-01 23:21 - 0000012 ___RH () C:\ProgramData\LaserPrinter
2013-12-01 23:35 - 2013-12-01 23:35 - 0000268 ___RH () C:\ProgramData\libiconv
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\ProgramData\manual
2013-12-01 23:37 - 2015-04-27 21:32 - 0000020 ____H () C:\ProgramData\PKP_DLbw.DAT
2013-12-01 23:35 - 2015-04-27 21:32 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2013-12-01 23:21 - 2015-04-27 21:32 - 0000020 ____H () C:\ProgramData\PKP_DLbz.DAT
2013-12-01 23:34 - 2013-12-01 23:41 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-12-01 23:35 - 2014-06-10 10:17 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-12-01 23:34 - 2015-05-04 21:21 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-12-01 23:34 - 2014-06-16 15:54 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-03-21 00:51 - 2014-03-21 00:51 - 0000020 ____H () C:\ProgramData\PKP_DLex.DAT
2013-12-01 23:41 - 2013-12-01 23:41 - 0000000 _____ () C:\ProgramData\User Pictures
2014-03-21 00:51 - 2014-03-21 00:51 - 0000268 ___RH () C:\ProgramData\vhosts

Some content of TEMP:
====================
C:\Users\ToDaKo\AppData\Local\Temp\avgnt.exe
C:\Users\ToDaKo\AppData\Local\Temp\Quarantine.exe
C:\Users\ToDaKo\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-26 19:54

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-05-2015
Ran by ToDaKo at 2015-05-05 16:49:31
Running from C:\Users\ToDaKo\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1252915199-2368019422-3184813152-500 - Administrator - Disabled)
Gast (S-1-5-21-1252915199-2368019422-3184813152-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1252915199-2368019422-3184813152-1002 - Limited - Enabled)
ToDaKo (S-1-5-21-1252915199-2368019422-3184813152-1000 - Administrator - Enabled) => C:\Users\ToDaKo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.5 - Futuremark Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.03 - ASUSTeK Computer Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
AVNavigator 2012.II (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\AVNavigator 2012.II) (Version: 1.13.1.009.1 - PIONEER CORPORATION)
Battlefield Vietnam(TM) (HKLM-x32\...\{E35B3C63-E958-4E31-A178-95D22024109A}) (Version:  - )
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Capture NX (HKLM-x32\...\Capture NX) (Version: 1.3.0 - NIKON CORPORATION)
Capture NX 2 (HKLM\...\Capture NX 2) (Version: 2.4.5 - NIKON CORPORATION)
Capture NX-D (HKLM\...\{56E8726C-8674-4715-8535-011DE67F2A6D}) (Version: 0.9.1 - Nikon)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.200.22 - Citrix Systems, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{AC663F85-A421-4127-A507-8E24F64D4523}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}) (Version: 2.5.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.34.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-710 Series Printer Uninstall (HKLM\...\EPSON XP-710 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FOTOParadies (HKLM-x32\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 3.5.9.45 - Foto Online Service GmbH)
Free MP4 Video Converter version 5.0.56.128 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.56.128 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.12.107.06300 (HKLM-x32\...\{12CEF785-A93B-15F6-1604-79E51E920A06}) (Version: 2.12.107.06300 - Sony)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MozBackup 1.4.10 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11300.14.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.11200.16.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.11400.18.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.12300.23.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.11400.15.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.14800.28.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{7D0A13FA-56BC-4755-8BAF-45A69BA6A5C8}) (Version: 10.0.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.12600.30.100 - Nero AG)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Online Plug-in (x32 Version: 13.1.200.22 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoDose 5.3 (HKLM-x32\...\Photo Dose_is1) (Version:  - )
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.0.2 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.0 - Nikon)
PunkBuster für Battlefield Vietnam (HKLM-x32\...\{D07643A3-CE41-4286-8C78-EB9C83E76DDB}) (Version:  - )
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Self-Service Plug-in (x32 Version: 3.2.0.24226 - Citrix Systems, Inc.) Hidden
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.5.201504081732 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Spotify (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB 3.0 Boost (HKLM-x32\...\{015CFA5F-1377-48B2-84DB-F4D3DE8EBAF7}) (Version:  - )
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.2 - Nikon)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

26-04-2015 20:01:52 Geplanter Prüfpunkt
03-05-2015 23:02:33 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-04 20:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1014E010-161D-460D-A6F8-34F65D63B67F} - System32\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {16C5D130-937F-4F39-B850-3D59A7F20F2F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {25474452-2E29-4AF9-8A20-EC6B5DC457BA} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {37F19027-04B1-4DF5-9583-4B08FE74009A} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {53E3A758-6494-421D-9124-1EB9E2FB33DC} - System32\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {561DCE80-9E35-4597-8026-B9279F8D5F07} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {65D0CD6E-358F-4B1B-8401-7CDCD8865BF2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7E6F31F0-5FC9-4273-8060-7A209EEEDFAA} - System32\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8AACB2B0-328F-426C-B73F-2BF78404F377} - System32\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {94E0642C-73DB-458E-B93C-2EC6135447FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {9AFD54E0-BFE9-4590-AC72-0D1DF1DDB372} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {A82CE5F6-9FC6-4626-B2A3-6D5FCDCDACD3} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {C571FD7C-2224-4698-AF0D-610AD66FCA1F} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-11-25] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE
Task: C:\Windows\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE
Task: C:\Windows\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE:/EXE:{15C2B58D-DD7B-408C-B94A-320BF2D63349} /F:UpdateSYSTEM

Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE:/EXE:{FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA} /F:UpdateSYSTEM

Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Loaded Modules (whitelisted) ==============

2013-11-30 22:15 - 2012-02-17 21:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2013-11-30 22:19 - 2010-12-02 11:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2013-11-30 22:19 - 2011-06-13 17:36 - 00922240 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-30 22:19 - 2015-05-05 16:46 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2013-11-30 22:19 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2015-04-11 16:10 - 2015-04-11 16:10 - 03348592 _____ () C:\Users\ToDaKo\AppData\Local\Mozilla Thunderbird\mozjs.dll
2015-04-11 16:10 - 2015-04-11 16:10 - 00158832 _____ () C:\Users\ToDaKo\AppData\Local\Mozilla Thunderbird\NSLDAP32V60.dll
2015-04-11 16:10 - 2015-04-11 16:10 - 00023152 _____ () C:\Users\ToDaKo\AppData\Local\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\startupfolder: C:^Users^ToDaKo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: SamsungRapidApp => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
MSCONFIG\startupreg: Spotify => "C:\Users\ToDaKo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{88944958-D192-4883-A4BE-D90515895DAA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
FirewallRules: [{42AED191-1BDE-48D2-AD4C-7885644FB22F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe
FirewallRules: [{BD0A69BB-636D-4E6A-92C4-6DB96C4E3388}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{EF4315FD-A540-4454-B97E-01619EF9379D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE
FirewallRules: [{94B710B0-263A-4B52-A677-AE77F6CDDB2F}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{CE9722A4-A393-4968-A107-0E953576DB4B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE
FirewallRules: [{6658AD7C-EC0D-4AB6-A296-5ADB1E57ED54}] => (Allow) D:\Spiele\Arma3\Steam.exe
FirewallRules: [{0F10F9F6-CAE6-45DA-A17B-D58DBB5CDE5B}] => (Allow) D:\Spiele\Arma3\Steam.exe
FirewallRules: [{6BFD7633-B28E-4999-8AA2-1894A2BB70D6}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{CFABD0A7-FC36-40E9-89B2-171D94B3B8FE}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{1CE0A6CD-79DE-4166-A8E0-58A061F58E52}] => (Allow) D:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{468C91E4-1F5C-49BF-B8E9-5F88AD38D9E1}] => (Allow) D:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [TCP Query User{3F2F13EC-08D7-4509-B842-9BF712869E9E}D:\program files (x86)\electronic arts\eadm\core.exe] => (Block) D:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{39AFE621-AA64-4454-A8D6-4C29BA1D0D2B}D:\program files (x86)\electronic arts\eadm\core.exe] => (Block) D:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{34B34D76-13ED-4FFB-B56B-3F1FBB5BA23B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B9075C17-469D-4FB0-919B-18575C113093}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{59D9A2EA-2D51-4812-A15A-D7F150983B8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{258A291E-234A-47C8-8D55-9C121927ADD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{514799C4-247B-4F5F-BF9C-00204B5F3601}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D1E3ED35-7697-44AC-8443-54C02F563CE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{32D8965B-ADAD-42FA-A4B2-846C3FB736D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{55D6B8EA-C4D0-40A0-8B7E-2D72552068B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B81008A1-5B96-464D-9DBB-E57F0C41DF56}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DCB7E7E6-DDCF-40BC-AD7B-5E2483D6FD70}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B8365DD2-5242-4E18-AF70-FBCABDC5A622}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{642A4D35-8630-4407-9E4C-1FDA1DCD4CA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{229CB68F-8730-4904-BE44-C89530530310}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E37F7891-D6A4-4FB2-A794-AD151232ECD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{86B6C7F3-5A0E-4423-A197-2841700909DF}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BFDC0735-5C1E-4FD8-B91B-F434C343AEE5}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{59077F84-5F4D-4019-A2AD-85760CF69A3B}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{30ED07F0-EF56-424A-8221-246FEEE315A5}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{A017C8E7-9C79-4883-B2A3-F8A2FFD6AD82}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{322CEF2F-5A79-4D06-92F6-FD687E03959E}] => (Allow) LPort=2869
FirewallRules: [{AB39E4B4-4982-4190-9946-48C34535AE33}] => (Allow) LPort=1900
FirewallRules: [{376FF272-3974-479A-A396-1552DFCB87EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{183DD9A6-86A4-436B-8D32-79E0FE305D12}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5DEFF7C6-1C09-4FDD-89A9-434B90DB83A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AFCAE7B9-471A-43C2-8758-ED8EFED35B9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{08621709-BCD0-49B5-A9D7-9AFF3794BEF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CEE4E182-E4AA-46D5-AD20-FC21AAAA4683}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C202E124-177A-4CE2-A50F-85654C7117BF}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{D6F23C01-6822-4F7B-8817-B7D1E938F4CB}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{02945E1D-4F4F-400F-83FF-C563193FDE85}] => (Allow) D:\Spiele\Arma3\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{F05B0B49-C227-4316-83F4-1D41D94BBBFA}] => (Allow) D:\Spiele\Arma3\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{5F6BD532-C8D3-43C8-BEC6-2AFDF650B76D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{634157A4-734D-4C74-AE8C-90044D6E407A}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{8A4BFB23-AF55-487F-A2EE-F12201544436}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{A47B861F-EBD4-4BDD-8F46-012B58E3DAE9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{573EA0FD-9694-49C2-B2A2-3858E4EC9330}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{A1D10C3D-44A5-4DC7-B66A-898E1B61DD0F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4BC5B309-7005-40FF-8D96-14B1298A2386}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{DE30234B-AB04-4408-B237-1B5BE85AD850}] => (Allow) D:\Spiele\Arma3\bin\steamwebhelper.exe
FirewallRules: [{EDEBB10F-B91B-4759-8927-1D7154D39688}] => (Allow) D:\Spiele\Arma3\bin\steamwebhelper.exe
FirewallRules: [{A06C99FF-654B-43E5-9294-CCE70F14C13B}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{71CF3512-867B-4368-A925-EA184502B8C9}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{64DCF49B-99E6-4AE2-A06E-542FDC1ECB01}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{71C62962-0500-4F02-A370-9590D34541CC}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{3FAC1D8A-74AD-4A86-B35E-23125441A50C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BDBF58CA-A73E-4DEF-BF4E-948722651996}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F86318D0-5767-4CB0-A485-87AFE43A0255}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{69763976-5304-46D3-9530-8295363A3BFD}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C347DC06-F3B6-47FB-9001-DE21E0E13210}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{463030F7-8927-451E-A500-A6261A55F2B5}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1C0386F0-E8A2-43C7-9F25-617EBC43BC4B}E:\spiele\battlefield vietnam\bfvietnam.exe] => (Allow) E:\spiele\battlefield vietnam\bfvietnam.exe
FirewallRules: [UDP Query User{72830006-63EC-47BF-8BDD-DB499982AE4E}E:\spiele\battlefield vietnam\bfvietnam.exe] => (Allow) E:\spiele\battlefield vietnam\bfvietnam.exe
FirewallRules: [{29EA26DA-3D79-4E43-9E62-963208CCCFDF}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{4D0976EA-2B18-4923-A97B-603EF513768C}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{ABD1DAAA-2A0F-402D-97AB-2CBC694CCD94}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{0AA06B59-5A58-49EB-980D-71F2FE00A8CA}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{1D8C8303-DACC-4DE6-9F89-66DF45072340}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{82DC0A4F-53BE-4C99-93E9-378A28349940}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [TCP Query User{98A021FA-BE72-4894-8497-D38C21D6E430}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{962B76BD-3538-47A2-ABB1-2202AC018F5B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{54FC67D2-89D4-47DF-91DA-0B723ECED47D}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{1740E8D6-2014-48C4-84AB-CB51D658E4EB}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/05/2015 04:45:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/05/2015 02:42:37 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/05/2015 02:33:30 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (05/05/2015 02:29:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 10:38:50 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (05/04/2015 10:33:46 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (05/04/2015 09:42:51 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/04/2015 09:30:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FOTOParadiesApp.exe, Version 3.6.1.5 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18e4

Startzeit: 01d086a06af26761

Endzeit: 5

Anwendungspfad: E:\Program Files (x86)\FOTOParadies\FOTOParadiesApp.exe

Berichts-ID: 08da34a3-f294-11e4-88a3-002683161b73

Error: (05/04/2015 09:24:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FOTOParadiesApp.exe, Version 3.6.1.5 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 6b4

Startzeit: 01d0869eabe3c5c0

Endzeit: 9683

Anwendungspfad: E:\Program Files (x86)\FOTOParadies\FOTOParadiesApp.exe

Berichts-ID: 03d555ed-f293-11e4-88a3-002683161b73

Error: (05/04/2015 09:11:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/05/2015 04:46:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/05/2015 04:46:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 04:46:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Email-Schutz" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/05/2015 04:46:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 04:46:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 04:46:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 04:46:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 04:46:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 04:46:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/05/2015 04:46:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel® PROSet Monitoring Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-05-04 20:27:01.250
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-04 20:27:01.230
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 24%
Total physical RAM: 8159.15 MB
Available physical RAM: 6166 MB
Total Pagefile: 8357.34 MB
Available Pagefile: 6089.71 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:209.37 GB) (Free:124.93 GB) NTFS
Drive d: (Spiele) (Fixed) (Total:55.68 GB) (Free:8.48 GB) NTFS
Drive e: (Daten und Programme) (Fixed) (Total:931.39 GB) (Free:624.21 GB) NTFS
Drive f: (Foto) (Fixed) (Total:931.51 GB) (Free:408.8 GB) NTFS
Drive j: (Musik und Video) (Fixed) (Total:465.76 GB) (Free:217.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 55.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: ACF28C5F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 0790078F)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Hallo Schrauber, ...so. Alles wie gewünscht ausgeführt. Vielen Dank schon jetzt für die Hilfe!!! Gruss, todako

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3277b08ae515354681e7fd9a0228a5df
# engine=23720
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-06 06:19:20
# local_time=2015-05-06 08:19:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 45102883 182566210 0 0
# scanned=386753
# found=2
# cleaned=0
# scan_time=18607
sh=F959AF67FEE6C7FADB9C636B14A39996C4408B1D ft=1 fh=6d28d572a6e6190b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="E:\Tools\HijackThis - CHIP-Installer.exe"
sh=1447092BA29779C726829611180994E17718C412 ft=1 fh=23f22b72eb3a5b90 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="E:\Tools\PDFCreator-1_7_2_setup_offline.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3277b08ae515354681e7fd9a0228a5df
# engine=23726
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-06 07:36:54
# local_time=2015-05-06 09:36:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 45103937 182570864 0 0
# scanned=227998
# found=0
# cleaned=0
# scan_time=3946
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3277b08ae515354681e7fd9a0228a5df
# engine=23726
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-07 06:48:33
# local_time=2015-05-07 08:48:33 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 45144236 182611163 0 0
# scanned=980624
# found=1
# cleaned=0
# scan_time=39895
sh=A162E553A81DC7B62862D5AD715F1A36D395B359 ft=0 fh=0000000000000000 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="L:\TODAKO-PC\Backup Set 2014-03-15 144117\Backup Files 2014-05-24 214810\Backup files 229.zip"
         

Code: Alles auswählenAufklappen

ATTFilter

 Results of screen317's Security Check version 1.001  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 17.0.0.169  
 Mozilla Firefox (37.0.2) 
 Mozilla Thunderbird 24.1.1 Thunderbird out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by ToDaKo at 2015-05-07 09:00:02
Running from C:\Users\ToDaKo\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1252915199-2368019422-3184813152-500 - Administrator - Disabled)
Gast (S-1-5-21-1252915199-2368019422-3184813152-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1252915199-2368019422-3184813152-1002 - Limited - Enabled)
ToDaKo (S-1-5-21-1252915199-2368019422-3184813152-1000 - Administrator - Enabled) => C:\Users\ToDaKo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.5 - Futuremark Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.02.03 - ASUSTeK Computer Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
AVNavigator 2012.II (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\AVNavigator 2012.II) (Version: 1.13.1.009.1 - PIONEER CORPORATION)
AVNavigator 2012.II (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\AVNavigator 2012.II) (Version: 1.13.1.009.1 - PIONEER CORPORATION)
Battlefield Vietnam(TM) (HKLM-x32\...\{E35B3C63-E958-4E31-A178-95D22024109A}) (Version:  - )
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Capture NX (HKLM-x32\...\Capture NX) (Version: 1.3.0 - NIKON CORPORATION)
Capture NX 2 (HKLM\...\Capture NX 2) (Version: 2.4.5 - NIKON CORPORATION)
Capture NX-D (HKLM\...\{56E8726C-8674-4715-8535-011DE67F2A6D}) (Version: 0.9.1 - Nikon)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.200.22 - Citrix Systems, Inc.)
Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{AC663F85-A421-4127-A507-8E24F64D4523}) (Version: 1.0.0.0 - Electronic Arts)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version:  - DVD Shrink)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{71E90740-5E5F-4D43-AB8F-CAC1D93DBB5B}) (Version: 2.5.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{896667C8-53F8-47B8-B6B0-B113B10F05BC}) (Version: 1.20.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.34.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-710 Series Printer Uninstall (HKLM\...\EPSON XP-710 Series) (Version:  - SEIKO EPSON Corporation)
EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FOTOParadies (HKLM-x32\...\{FD838798-E2CB-45FA-AF79-6011519031E2}}_is1) (Version: 3.5.9.45 - Foto Online Service GmbH)
Free MP4 Video Converter version 5.0.56.128 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.56.128 - DVDVideoSoft Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
HandBrake 0.10.0 (HKLM-x32\...\HandBrake) (Version: 0.10.0 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{AF06B8FA-B916-4001-AE51-6645488DEF09}) (Version: 2.8.303 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.12.107.06300 (HKLM-x32\...\{12CEF785-A93B-15F6-1604-79E51E920A06}) (Version: 2.12.107.06300 - Sony)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MozBackup 1.4.10 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 de) (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Thunderbird 31.6.0 (x86 de)) (Version: 31.6.0 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11300.14.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.11200.16.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.11400.18.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.12300.23.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.11400.15.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.14800.28.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{7D0A13FA-56BC-4755-8BAF-45A69BA6A5C8}) (Version: 10.0.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.12600.30.100 - Nero AG)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.91.000 - )
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Online Plug-in (x32 Version: 13.1.200.22 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.13.2141 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoDose 5.3 (HKLM-x32\...\Photo Dose_is1) (Version:  - )
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.0.2 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.0 - Nikon)
PunkBuster für Battlefield Vietnam (HKLM-x32\...\{D07643A3-CE41-4286-8C78-EB9C83E76DDB}) (Version:  - )
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Self-Service Plug-in (x32 Version: 3.2.0.24226 - Citrix Systems, Inc.) Hidden
SHIELD Streaming (Version: 1.8.323 - NVIDIA Corporation) Hidden
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.5.201504081732 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
Spotify (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Spotify (HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
USB 3.0 Boost (HKLM-x32\...\{015CFA5F-1377-48B2-84DB-F4D3DE8EBAF7}) (Version:  - )
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.2 - Nikon)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

26-04-2015 20:01:52 Geplanter Prüfpunkt
03-05-2015 23:02:33 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-04 20:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1014E010-161D-460D-A6F8-34F65D63B67F} - System32\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {16C5D130-937F-4F39-B850-3D59A7F20F2F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {25474452-2E29-4AF9-8A20-EC6B5DC457BA} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {37F19027-04B1-4DF5-9583-4B08FE74009A} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {53E3A758-6494-421D-9124-1EB9E2FB33DC} - System32\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {561DCE80-9E35-4597-8026-B9279F8D5F07} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {65D0CD6E-358F-4B1B-8401-7CDCD8865BF2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {7E6F31F0-5FC9-4273-8060-7A209EEEDFAA} - System32\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8AACB2B0-328F-426C-B73F-2BF78404F377} - System32\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {94E0642C-73DB-458E-B93C-2EC6135447FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {9AFD54E0-BFE9-4590-AC72-0D1DF1DDB372} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {A82CE5F6-9FC6-4626-B2A3-6D5FCDCDACD3} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {C571FD7C-2224-4698-AF0D-610AD66FCA1F} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-11-25] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE
Task: C:\Windows\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE
Task: C:\Windows\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE:/EXE:{15C2B58D-DD7B-408C-B94A-320BF2D63349} /F:UpdateSYSTEM

Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE:/EXE:{FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA} /F:UpdateSYSTEM

Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Loaded Modules (whitelisted) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-30 22:15 - 2012-02-17 21:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2013-11-30 22:19 - 2011-06-13 17:36 - 00922240 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
2013-11-30 22:16 - 2008-07-11 16:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2013-11-30 22:19 - 2010-12-02 11:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2013-11-30 22:16 - 2008-07-11 16:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2013-11-30 22:19 - 2010-10-21 18:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2013-11-30 22:19 - 2015-05-06 21:41 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\PEbiosinterface32.dll
2013-11-30 22:19 - 2010-06-29 11:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.14\ATKEX.dll
2013-11-30 22:16 - 2009-05-11 19:01 - 00143360 ____N () C:\Program Files\ASUS Xonar D2X Audio\Customapp\VmixP8.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00061440 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00703488 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
2013-11-30 22:19 - 2010-11-25 16:12 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
2013-11-30 22:21 - 2011-03-04 17:33 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-11-30 22:21 - 2009-05-21 11:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2013-11-30 22:19 - 2010-08-23 11:17 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2013-11-30 22:19 - 2011-02-24 11:19 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-11-30 22:19 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-11-30 22:19 - 2009-08-12 21:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-11-30 22:19 - 2011-02-09 10:02 - 00873472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2013-11-30 22:20 - 2010-10-15 18:40 - 01031680 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2013-11-30 22:19 - 2011-05-16 18:35 - 00965632 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-11-30 22:20 - 2011-01-19 22:23 - 01655296 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
2013-11-30 22:20 - 2010-12-01 13:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-11-30 22:21 - 2011-01-06 11:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-11-30 22:19 - 2011-05-20 10:12 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-11-30 22:19 - 2011-04-07 18:33 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-11-30 22:19 - 2011-01-07 17:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-11-30 22:19 - 2010-08-06 19:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-11-30 22:19 - 2010-08-06 19:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-11-30 22:19 - 2010-06-21 16:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\startupfolder: C:^Users^ToDaKo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: SamsungRapidApp => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
MSCONFIG\startupreg: Spotify => "C:\Users\ToDaKo\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\ToDaKo\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{88944958-D192-4883-A4BE-D90515895DAA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
FirewallRules: [{6658AD7C-EC0D-4AB6-A296-5ADB1E57ED54}] => (Allow) D:\Spiele\Arma3\Steam.exe
FirewallRules: [{0F10F9F6-CAE6-45DA-A17B-D58DBB5CDE5B}] => (Allow) D:\Spiele\Arma3\Steam.exe
FirewallRules: [{6BFD7633-B28E-4999-8AA2-1894A2BB70D6}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{CFABD0A7-FC36-40E9-89B2-171D94B3B8FE}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{1CE0A6CD-79DE-4166-A8E0-58A061F58E52}] => (Allow) D:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [{468C91E4-1F5C-49BF-B8E9-5F88AD38D9E1}] => (Allow) D:\Program Files (x86)\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe
FirewallRules: [TCP Query User{3F2F13EC-08D7-4509-B842-9BF712869E9E}D:\program files (x86)\electronic arts\eadm\core.exe] => (Block) D:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{39AFE621-AA64-4454-A8D6-4C29BA1D0D2B}D:\program files (x86)\electronic arts\eadm\core.exe] => (Block) D:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{34B34D76-13ED-4FFB-B56B-3F1FBB5BA23B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B9075C17-469D-4FB0-919B-18575C113093}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{59D9A2EA-2D51-4812-A15A-D7F150983B8B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{258A291E-234A-47C8-8D55-9C121927ADD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{514799C4-247B-4F5F-BF9C-00204B5F3601}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D1E3ED35-7697-44AC-8443-54C02F563CE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{32D8965B-ADAD-42FA-A4B2-846C3FB736D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{55D6B8EA-C4D0-40A0-8B7E-2D72552068B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B81008A1-5B96-464D-9DBB-E57F0C41DF56}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DCB7E7E6-DDCF-40BC-AD7B-5E2483D6FD70}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B8365DD2-5242-4E18-AF70-FBCABDC5A622}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{642A4D35-8630-4407-9E4C-1FDA1DCD4CA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{229CB68F-8730-4904-BE44-C89530530310}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E37F7891-D6A4-4FB2-A794-AD151232ECD3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{86B6C7F3-5A0E-4423-A197-2841700909DF}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BFDC0735-5C1E-4FD8-B91B-F434C343AEE5}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{59077F84-5F4D-4019-A2AD-85760CF69A3B}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{30ED07F0-EF56-424A-8221-246FEEE315A5}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{A017C8E7-9C79-4883-B2A3-F8A2FFD6AD82}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{322CEF2F-5A79-4D06-92F6-FD687E03959E}] => (Allow) LPort=2869
FirewallRules: [{AB39E4B4-4982-4190-9946-48C34535AE33}] => (Allow) LPort=1900
FirewallRules: [{376FF272-3974-479A-A396-1552DFCB87EF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{183DD9A6-86A4-436B-8D32-79E0FE305D12}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5DEFF7C6-1C09-4FDD-89A9-434B90DB83A0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AFCAE7B9-471A-43C2-8758-ED8EFED35B9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{08621709-BCD0-49B5-A9D7-9AFF3794BEF0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CEE4E182-E4AA-46D5-AD20-FC21AAAA4683}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C202E124-177A-4CE2-A50F-85654C7117BF}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{D6F23C01-6822-4F7B-8817-B7D1E938F4CB}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{02945E1D-4F4F-400F-83FF-C563193FDE85}] => (Allow) D:\Spiele\Arma3\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{F05B0B49-C227-4316-83F4-1D41D94BBBFA}] => (Allow) D:\Spiele\Arma3\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{5F6BD532-C8D3-43C8-BEC6-2AFDF650B76D}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{634157A4-734D-4C74-AE8C-90044D6E407A}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{8A4BFB23-AF55-487F-A2EE-F12201544436}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{A47B861F-EBD4-4BDD-8F46-012B58E3DAE9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{573EA0FD-9694-49C2-B2A2-3858E4EC9330}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{A1D10C3D-44A5-4DC7-B66A-898E1B61DD0F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{DE30234B-AB04-4408-B237-1B5BE85AD850}] => (Allow) D:\Spiele\Arma3\bin\steamwebhelper.exe
FirewallRules: [{EDEBB10F-B91B-4759-8927-1D7154D39688}] => (Allow) D:\Spiele\Arma3\bin\steamwebhelper.exe
FirewallRules: [{A06C99FF-654B-43E5-9294-CCE70F14C13B}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{71CF3512-867B-4368-A925-EA184502B8C9}] => (Allow) D:\Spiele\Arma3\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{64DCF49B-99E6-4AE2-A06E-542FDC1ECB01}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{71C62962-0500-4F02-A370-9590D34541CC}D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe] => (Allow) D:\program files (x86)\electronic arts\battlefield bad company 2\bfbc2game.exe
FirewallRules: [{3FAC1D8A-74AD-4A86-B35E-23125441A50C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BDBF58CA-A73E-4DEF-BF4E-948722651996}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{F86318D0-5767-4CB0-A485-87AFE43A0255}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{69763976-5304-46D3-9530-8295363A3BFD}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C347DC06-F3B6-47FB-9001-DE21E0E13210}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{463030F7-8927-451E-A500-A6261A55F2B5}C:\users\todako\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\todako\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1C0386F0-E8A2-43C7-9F25-617EBC43BC4B}E:\spiele\battlefield vietnam\bfvietnam.exe] => (Allow) E:\spiele\battlefield vietnam\bfvietnam.exe
FirewallRules: [UDP Query User{72830006-63EC-47BF-8BDD-DB499982AE4E}E:\spiele\battlefield vietnam\bfvietnam.exe] => (Allow) E:\spiele\battlefield vietnam\bfvietnam.exe
FirewallRules: [{29EA26DA-3D79-4E43-9E62-963208CCCFDF}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{4D0976EA-2B18-4923-A97B-603EF513768C}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{ABD1DAAA-2A0F-402D-97AB-2CBC694CCD94}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{0AA06B59-5A58-49EB-980D-71F2FE00A8CA}] => (Allow) D:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe
FirewallRules: [{1D8C8303-DACC-4DE6-9F89-66DF45072340}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [{82DC0A4F-53BE-4C99-93E9-378A28349940}] => (Allow) D:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe
FirewallRules: [TCP Query User{98A021FA-BE72-4894-8497-D38C21D6E430}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{962B76BD-3538-47A2-ABB1-2202AC018F5B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{54FC67D2-89D4-47DF-91DA-0B723ECED47D}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{1740E8D6-2014-48C4-84AB-CB51D658E4EB}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{02023A13-F30F-4EB2-B31D-24DF84B19455}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2015 08:54:32 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/07/2015 03:20:35 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/07/2015 03:14:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 09:43:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/06/2015 09:43:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 09:43:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 09:43:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 09:43:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 09:43:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (05/06/2015 09:41:39 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]


System errors:
=============
Error: (05/07/2015 03:23:59 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/07/2015 03:12:16 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/07/2015 00:26:43 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/07/2015 00:26:43 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/07/2015 00:08:49 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/06/2015 11:48:05 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/06/2015 11:33:29 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/06/2015 11:20:55 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/06/2015 11:20:55 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.

Error: (05/06/2015 11:20:55 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort6 gefunden.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-05-04 20:27:01.250
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-04 20:27:01.230
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 38%
Total physical RAM: 8159.15 MB
Available physical RAM: 5006.32 MB
Total Pagefile: 8357.34 MB
Available Pagefile: 5367.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:209.37 GB) (Free:120.4 GB) NTFS
Drive d: (Spiele) (Fixed) (Total:55.68 GB) (Free:8.48 GB) NTFS
Drive e: (Daten und Programme) (Fixed) (Total:931.39 GB) (Free:625.2 GB) NTFS
Drive f: (Foto) (Fixed) (Total:931.51 GB) (Free:408.83 GB) NTFS
Drive j: (Musik und Video) (Fixed) (Total:465.76 GB) (Free:217.18 GB) NTFS
Drive l: (DASI) (Fixed) (Total:2794.39 GB) (Free:441.1 GB) NTFS
Drive m: () (Fixed) (Total:931.51 GB) (Free:177.69 GB) NTFS
Drive n: (CORSAIR) (Removable) (Total:7.45 GB) (Free:1.98 GB) FAT32
Drive o: (USB TOBEES) (Removable) (Total:14.9 GB) (Free:14.9 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 55.9 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 0790078F)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: ACF28C5F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)

========================================================
Disk: 6 (Size: 931.5 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (Size: 2794.5 GB) (Disk ID: 5135FD8F)

Partition: GPT Partition Type.

========================================================
Disk: 11 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by ToDaKo (administrator) on TODAKO-PC on 07-05-2015 08:59:39
Running from C:\Users\ToDaKo\Desktop
Loaded Profiles: ToDaKo &  (Available profiles: ToDaKo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Windows\system\HsMgr64.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CMedia) C:\Program Files\ASUS Xonar D2X Audio\Customapp\AsusAudioCenter.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-08] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-11-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [371864 2012-04-05] (Citrix Systems, Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [257176 2012-04-05] (Citrix Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: CtxIEInterceptorBHO Class -> {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} -> C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll [2012-04-05] (Citrix Systems, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2012-01-25] (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-04-05] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default
FF NewTab: about:blank
FF DefaultSearchEngine: Google Default
FF SelectedSearchEngine: Google (SSL)
FF Homepage: https://maps.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-04-05] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-1252915199-2368019422-3184813152-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: sony.com/MediaGoDetector -> E:\Program Files (x86)\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\google-default.xml [2014-03-25]
FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\google-ssl.xml [2014-05-03]
FF SearchPlugin: C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\searchplugins\ixquick-ssl.xml [2014-03-26]
FF Extension: German Dictionary - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2014-06-10]
FF Extension: Move Media Player - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\moveplayer@movenetworks.com [2013-11-30]
FF Extension: NoScript - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-30]
FF Extension: Adblock Plus - C:\Users\ToDaKo\AppData\Roaming\Mozilla\Firefox\Profiles\byx2kves.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-30]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-12-08]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-10-11]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "E:\Program Files (x86)\MediaGoDetector.crx" [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-12-02] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-02] (Electronic Arts)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1267200 2010-10-28] (C-Media Inc)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-02-23] (Sony Mobile Communications)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-04-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 08:59 - 2015-05-07 08:59 - 02102272 _____ (Farbar) C:\Users\ToDaKo\Desktop\FRST64.exe
2015-05-07 08:59 - 2015-05-07 08:59 - 00022116 _____ () C:\Users\ToDaKo\Desktop\FRST.txt
2015-05-07 08:56 - 2015-05-07 08:56 - 00852630 _____ () C:\Users\ToDaKo\Desktop\SecurityCheck.exe
2015-05-06 20:20 - 2015-05-06 20:20 - 00000208 _____ () C:\Users\ToDaKo\Desktop\xy.txt
2015-05-05 21:21 - 2015-05-05 21:21 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-05-05 21:21 - 2015-05-05 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-05 21:21 - 2015-05-05 21:21 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-05 21:21 - 2015-05-05 21:21 - 00000000 ____D () C:\Program Files\iTunes
2015-05-05 21:21 - 2015-05-05 21:21 - 00000000 ____D () C:\Program Files\iPod
2015-05-05 21:21 - 2015-05-05 21:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-05 14:30 - 2015-05-05 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-04 20:28 - 2015-05-04 20:28 - 00021037 _____ () C:\ComboFix.txt
2015-05-04 20:22 - 2015-05-04 20:28 - 00000000 ____D () C:\Qoobox
2015-05-04 20:22 - 2015-05-04 20:27 - 00000000 ____D () C:\Windows\erdnt
2015-05-04 20:22 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-04 20:22 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-04 20:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-04 20:22 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-03 17:46 - 2015-05-07 08:59 - 00000000 ____D () C:\FRST
2015-04-23 21:17 - 2015-04-23 21:17 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-04-23 21:17 - 2015-04-23 21:17 - 00002047 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-04-22 21:00 - 2015-04-22 21:00 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-TODAKO-PC-Windows-7-Home-Premium-(64-bit).dat
2015-04-22 21:00 - 2015-04-22 21:00 - 00000000 ____D () C:\RegBackup
2015-04-22 20:56 - 2015-04-22 20:56 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-04-22 20:02 - 2015-04-22 20:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 08:21 - 2015-04-15 08:21 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-14 22:07 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-14 22:07 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 22:07 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 22:07 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 22:07 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 22:07 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 22:07 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 22:07 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 22:07 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 22:07 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-14 22:07 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 22:07 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 22:07 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 22:07 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-14 22:07 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-14 22:07 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 22:07 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-14 22:07 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 22:07 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-14 22:07 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-14 22:07 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-14 22:07 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-14 22:07 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-14 22:07 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-14 22:07 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-14 22:07 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-14 22:07 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-14 22:07 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-14 22:07 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-14 22:07 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-14 22:07 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-14 22:07 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-14 22:07 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-14 22:07 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-14 22:07 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-14 22:07 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-14 22:07 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-14 22:07 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-14 22:07 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-14 22:07 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-14 22:07 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-14 22:07 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-14 22:07 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-14 22:07 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-14 22:07 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-14 22:07 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-14 22:07 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-14 22:07 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-14 22:07 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-14 22:07 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-14 22:07 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-14 22:07 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-14 22:07 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-14 22:07 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-14 22:07 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-14 22:07 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-14 22:07 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-14 22:07 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-14 22:07 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-14 22:07 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-14 22:07 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-14 22:07 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-14 22:07 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-14 22:07 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-14 22:07 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-14 22:07 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-14 22:07 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-14 22:07 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-14 22:07 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-14 22:07 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-14 22:07 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-14 22:07 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-14 22:07 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-14 22:07 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-14 22:07 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-14 22:07 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-14 22:07 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-14 22:07 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-14 22:07 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-14 22:07 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-14 22:07 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-14 22:07 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-14 22:07 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-14 22:07 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-14 22:07 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-14 22:07 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-14 22:07 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-14 22:07 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-14 22:07 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-14 22:07 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-14 22:07 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-14 22:07 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-14 22:07 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-14 22:07 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-14 22:07 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 22:07 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-14 22:07 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-14 22:07 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-14 22:07 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-14 22:07 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-14 22:07 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:07 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-14 22:06 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-14 22:06 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 22:06 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-11 23:59 - 2015-04-11 23:59 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-11 23:59 - 2015-04-11 23:59 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-11 16:10 - 2015-04-12 13:37 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 08:57 - 2014-10-27 10:57 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-710 Series Update {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job
2015-05-07 08:57 - 2014-10-27 10:57 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-710 Series Invitation {15C2B58D-DD7B-408C-B94A-320BF2D63349}.job
2015-05-07 08:57 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-05-07 08:55 - 2013-11-29 23:22 - 01345648 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 08:42 - 2014-10-11 14:42 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-710 Series Update {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job
2015-05-07 08:42 - 2014-10-11 14:42 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-710 Series Invitation {FD127ECB-33E8-4CFA-8EB9-42A9E8CD43AA}.job
2015-05-07 08:22 - 2013-12-11 22:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 08:19 - 2014-05-02 00:04 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-06 21:50 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-06 21:50 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-06 21:47 - 2011-04-12 09:43 - 00699090 _____ () C:\Windows\system32\perfh007.dat
2015-05-06 21:47 - 2011-04-12 09:43 - 00149230 _____ () C:\Windows\system32\perfc007.dat
2015-05-06 21:47 - 2009-07-14 07:13 - 01619272 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-06 21:42 - 2009-07-14 06:51 - 00119516 _____ () C:\Windows\setupact.log
2015-05-06 21:41 - 2013-11-29 23:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-06 21:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 21:21 - 2013-12-10 22:34 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-05 16:52 - 2014-03-15 22:25 - 00000000 ____D () C:\Users\ToDaKo\Desktop\Sicherheit
2015-05-05 16:42 - 2014-03-15 17:09 - 00000000 ____D () C:\AdwCleaner
2015-05-05 14:29 - 2013-11-30 20:23 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 14:29 - 2013-11-30 20:23 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-04 21:21 - 2013-12-01 23:34 - 00000020 ____H () C:\ProgramData\PKP_DLet.DAT
2015-05-04 21:12 - 2015-01-20 00:15 - 00000000 ____D () C:\Users\ToDaKo\AppData\Roaming\Spotify
2015-05-04 21:09 - 2015-01-20 00:16 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\Spotify
2015-05-04 21:09 - 2010-11-21 05:47 - 00243824 _____ () C:\Windows\PFRO.log
2015-05-04 20:28 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-04 20:27 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-03 16:36 - 2013-12-11 23:09 - 00000000 ____D () C:\Users\ToDaKo\Documents\BFBC2
2015-05-03 16:33 - 2015-02-19 16:26 - 00000000 ____D () C:\Users\ToDaKo\.dvdcss
2015-05-03 16:33 - 2015-02-04 22:33 - 00000000 ____D () C:\Users\ToDaKo\Documents\Command and Conquer Generals Zero Hour Data
2015-05-03 16:33 - 2015-02-04 22:33 - 00000000 ____D () C:\Users\ToDaKo\Documents\Command and Conquer Generals Data
2015-05-03 16:33 - 2013-12-11 23:13 - 00000000 ____D () C:\Users\ToDaKo\Documents\NFS SHIFT
2015-05-03 16:33 - 2013-12-03 23:02 - 00000000 ____D () C:\Users\ToDaKo\Documents\Arma 3
2015-05-03 16:33 - 2013-11-29 23:22 - 00000000 ____D () C:\Users\ToDaKo
2015-05-03 16:32 - 2011-04-12 09:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-03 16:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-03 16:31 - 2013-12-01 23:43 - 00000000 ____D () C:\Users\ToDaKo\Desktop\Spiele
2015-05-03 16:30 - 2014-10-15 21:57 - 00000000 ____D () C:\Users\ToDaKo\Desktop\EPSON Drucker
2015-05-03 16:30 - 2014-06-30 15:54 - 00000000 ____D () C:\Users\ToDaKo\Desktop\Reflecting Team
2015-04-27 21:32 - 2013-12-01 23:37 - 00000020 ____H () C:\ProgramData\PKP_DLbw.DAT
2015-04-27 21:32 - 2013-12-01 23:35 - 00000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2015-04-27 21:32 - 2013-12-01 23:21 - 00000020 ____H () C:\ProgramData\PKP_DLbz.DAT
2015-04-26 22:38 - 2014-02-16 21:03 - 00000641 _____ () C:\Windows\wiso.ini
2015-04-26 18:19 - 2013-12-08 19:52 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\CrashDumps
2015-04-26 14:00 - 2009-07-14 06:45 - 02348288 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-26 13:59 - 2013-11-30 19:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-25 00:07 - 2014-08-21 15:24 - 00000000 ____D () C:\Users\ToDaKo\AppData\Local\Adobe
2015-04-23 23:32 - 2013-11-30 22:16 - 00109760 _____ () C:\Users\ToDaKo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-23 21:40 - 2013-11-30 23:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-23 21:18 - 2014-12-27 11:56 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-04-23 21:17 - 2013-12-02 15:48 - 00000000 ____D () C:\ProgramData\Adobe
2015-04-23 21:17 - 2013-12-02 15:48 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-19 04:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-18 21:32 - 2013-12-11 19:55 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-04-18 13:03 - 2014-04-05 12:51 - 00000000 ____D () C:\Program Files (x86)\Sony Mobile
2015-04-17 17:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-15 08:21 - 2014-04-30 23:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 08:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-14 23:03 - 2013-12-01 01:02 - 01591936 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-14 23:02 - 2013-12-01 00:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-14 23:01 - 2013-12-01 00:58 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 20:14 - 2013-12-11 22:47 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 20:14 - 2013-12-01 00:18 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 20:14 - 2013-12-01 00:18 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2013-12-01 23:34 - 2013-12-01 23:41 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Alerts
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Contextual Menu Items
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\Core Data Application
2013-12-01 23:21 - 2013-12-01 23:21 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\CustomDataViews
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\filter
2013-12-01 23:35 - 2013-12-01 23:35 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\grep
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\howto
2014-03-21 00:51 - 2014-03-21 00:51 - 0000268 ___RH () C:\Users\ToDaKo\AppData\Roaming\laserjet
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\ToDaKo\AppData\Local\setup.txt
2013-12-01 23:34 - 2013-12-01 23:41 - 0000268 ___RH () C:\ProgramData\Analog Pad
2013-12-01 23:35 - 2013-12-01 23:35 - 0000012 ___RH () C:\ProgramData\Analog Sync
2013-12-01 23:34 - 2013-12-01 23:34 - 0000012 ___RH () C:\ProgramData\Applause and Laugher
2014-03-21 00:51 - 2014-03-21 00:51 - 0000012 ___RH () C:\ProgramData\Audio
2013-12-01 23:34 - 2013-12-01 23:41 - 0000012 ___RH () C:\ProgramData\Bundle
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\ProgramData\Dance Kit
2013-12-01 23:37 - 2013-12-01 23:37 - 0000268 ___RH () C:\ProgramData\Database
2013-12-01 23:21 - 2013-12-01 23:21 - 0000268 ___RH () C:\ProgramData\Definition Bundle
2013-12-01 23:37 - 2013-12-01 23:37 - 0000012 ___RH () C:\ProgramData\Jingles
2013-12-01 23:37 - 2013-12-01 23:37 - 0000012 ___RH () C:\ProgramData\Keyboard Layouts
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\ProgramData\laserjet
2013-12-01 23:21 - 2013-12-01 23:21 - 0000012 ___RH () C:\ProgramData\LaserPrinter
2013-12-01 23:35 - 2013-12-01 23:35 - 0000268 ___RH () C:\ProgramData\libiconv
2013-12-01 23:34 - 2013-12-01 23:34 - 0000268 ___RH () C:\ProgramData\manual
2013-12-01 23:37 - 2015-04-27 21:32 - 0000020 ____H () C:\ProgramData\PKP_DLbw.DAT
2013-12-01 23:35 - 2015-04-27 21:32 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2013-12-01 23:21 - 2015-04-27 21:32 - 0000020 ____H () C:\ProgramData\PKP_DLbz.DAT
2013-12-01 23:34 - 2013-12-01 23:41 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2013-12-01 23:35 - 2014-06-10 10:17 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2013-12-01 23:34 - 2015-05-04 21:21 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2013-12-01 23:34 - 2014-06-16 15:54 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-03-21 00:51 - 2014-03-21 00:51 - 0000020 ____H () C:\ProgramData\PKP_DLex.DAT
2013-12-01 23:41 - 2013-12-01 23:41 - 0000000 _____ () C:\ProgramData\User Pictures
2014-03-21 00:51 - 2014-03-21 00:51 - 0000268 ___RH () C:\ProgramData\vhosts

Some content of TEMP:
====================
C:\Users\ToDaKo\AppData\Local\Temp\avgnt.exe
C:\Users\ToDaKo\AppData\Local\Temp\Quarantine.exe
C:\Users\ToDaKo\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-26 19:54

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

Probleme habe ich keine mehr, aber er hat ja was gefunden.... :-/ Schlimm???

Löschen wir jetzt:

Java, Flash und Thunderbird updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

E:\Tools\HijackThis - CHIP-Installer.exe

E:\Tools\PDFCreator-1_7_2_setup_offline.exe

L:\TODAKO-PC\Backup Set 2014-03-15 144117\Backup Files 2014-05-24 214810\Backup files 229.zip
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen



Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .

• Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  
• Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
• Klicke auf OK.
  Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
• Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.

• Schließe alle offenen Programme.
• Starte die delfix.exe mit einem Doppelklick.
• Setze vor jede Funktion ein Häkchen.
• Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Zu Thunderbird: Ist merkwürdiger Weise bei mir upgedatet. Wenn ich unter "Programme und Funktionen" schaue, dann finde ich ihn aber 2x. Eine Version 31.6.0 und eine andere hat die Version 24.1.1 (und ist von 2013). Wenn ich die alte Version deinstallieren möchte, dann will er, dass ich die NEUE Version schließe. ...Kann ich die alte trotzdem löschen oder sind dann meine Daten futsch? Kann ja sein, dass beide Versionen zusammen hängen?!

Dann noch was: Ich finde mein JAVA nicht. Kann mich erinnern, dass ich hier immer Ärger hatte und es deinstalliert haben... Wohl nicht gründlich?

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-05-2015
Ran by ToDaKo at 2015-05-09 12:57:44 Run:1
Running from C:\Users\ToDaKo\Desktop
Loaded Profiles: ToDaKo (Available profiles: ToDaKo)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
E:\Tools\HijackThis - CHIP-Installer.exe

E:\Tools\PDFCreator-1_7_2_setup_offline.exe

L:\TODAKO-PC\Backup Set 2014-03-15 144117\Backup Files 2014-05-24 214810\Backup files 229.zip
Emptytemp:
*****************

"E:\Tools\HijackThis - CHIP-Installer.exe" => File/Directory not found.
"E:\Tools\PDFCreator-1_7_2_setup_offline.exe" => File/Directory not found.
L:\TODAKO-PC\Backup Set 2014-03-15 144117\Backup Files 2014-05-24 214810\Backup files 229.zip => Moved successfully.
EmptyTemp: => Removed 643.8 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 12:57:51 ====
         

Schliessen musste die neue schon, mehr sollte aber nicht passieren

Java dann einfach ignorieren