Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.06.2013, 19:31   #1
Fränky
 
c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Guten Tag auch, bin neu hier und habe Euch über Google gefunden nachdem ich diesen Fehler in der Suma eingegeben habe.
c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält Fehler...ungültiges Bild in der Überschrift
Dieses erscheint bei jedem anklicken von einem Programm. Ich weiss nicht mehr weiter, G-Data findet nichts und das Problem habe ich seit dem ich versucht habe Adobe Flashplayer zu uppen. Ich hatte vorher schon ständig Fehlermeldungen von Adobe Flash Player Update Service 11.6 r602 wurde beendet oder geschlossen.
G-Data 2014 meldet nun auch Fehler (Proxyservice nicht verfügbar)

Ab und an habe ich auch einen blackscreen..

Ich habe hier schon von dieser Fehlermeldung gelesen LINK hierund bin mir sicher, das es bei mir ebenfalls so ist.

Habe auch schon die Dateien vorbereitet

FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01
Ran by *** (administrator) on 29-06-2013 20:09:31
Running from C:\Users\***\Downloads
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
() C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTHELPER.EXE
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe [333344 2008-08-18] (NVIDIA Corporation)
HKLM\...\Run: [Ocs_SM] C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-08-21] (OCS)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1555968 2009-04-11] (Microsoft Corporation)
MountPoints2: {0cfbd161-c443-11e2-b955-00044b057f31} - H:\AutoRun.exe
MountPoints2: {12105fc9-2fd4-11e0-92fc-001e101f1ed9} - E:\AutoRun.exe
MountPoints2: {12105fe4-2fd4-11e0-92fc-001e101f1f81} - E:\AutoRun.exe
MountPoints2: {1654cdad-3e5a-11e0-86fc-00044b057f31} - E:\AutoRun.exe
MountPoints2: {2882cb2b-24ac-11e0-94bc-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {437cff72-05e4-11e0-8578-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {5abc1e6a-577d-11de-981d-00044b057f31} - I:\InstallTomTomHOME.exe
MountPoints2: {753df3d3-f663-11df-b7a2-00ff01000001} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.garmin.com/agent
MountPoints2: {9f607269-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {9f607285-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {f34f4dc1-3486-11e0-a498-001e101faa49} - I:\AutoRun.exe
MountPoints2: {f34f4dcc-3486-11e0-a498-001e101faa49} - E:\AutoRun.exe
MountPoints2: {f34f4dcd-3486-11e0-a498-001e101faa49} - F:\AutoRun.exe
MountPoints2: {f78eecd0-b92a-11e0-8d57-00044b057f31} - F:\Startme.exe
HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [19456 2007-02-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [24576 2010-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [976832 2009-12-17] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] "C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe" [1444304 2013-03-22] (G Data Software AG)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll  [0 2013-06-03] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\aquasuite.lnk
ShortcutTarget: aquasuite.lnk -> C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe (Aqua Computer GmbH & Co. KG)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?affID=119828&tt=gc_&babsrc=HP_ss&mntrId=0C9300044B057F31
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ieaddons.com/de/other/
URLSearchHook: (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} -  No File
URLSearchHook: (No Name) - {EEE6C35D-6118-11DC-9C72-001320C79847} -  No File
URLSearchHook: (No Name) - {a51a36e6-31e7-4838-9ff7-76298b527ec0} -  No File
SearchScopes: HKCU - {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = hxxp://searchservice.myspace.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368736572766963652E6D7973706163652E636F6D2F696E6465782E63666D3F66757365616374696F6E3D736974657365617263682E726573756C7473267172793D7B7365617263685465726D737D26747970653D576562266F7269673D494D432D49454453&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {0DB415EF-752B-4EB1-B8CF-CD7E4930C208} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119828&tt=gc_&babsrc=SP_ss&mntrId=0C9300044B057F31
SearchScopes: HKCU - {2226124D-999D-451B-BDAC-58173FE7DA6A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2DCAE223-E70E-45FE-9887-1C6BE0123DF6} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5D042F87-5F7A-4349-BAB0-6D3754738FAD} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {81F0ACD6-CC2B-4066-B81B-891B97A41EB1} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D38323733313626703D7B7365617263685465726D737D&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {8D734B18-8E9A-4718-887D-4F13E61A7AAF} URL = hxxp://dict.leo.org.anonymize-me.de/?anonymto=687474703A2F2F646963742E6C656F2E6F72672F656E64653F6C703D656E6465266C616E673D6465267365617263684C6F633D3026636D70547970653D72656C6178656426736563744864723D6F6E267370656C6C546F6C65723D6F6E266368696E6573653D626F74682670696E79696E3D646961637269746963267365617263683D7B7365617263685465726D737D2672656C696E6B3D6F6E&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {9A20C20B-7C42-48C1-9DEE-AF0F75FBBE65} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C6CC1D3B-C988-49BA-85E7-D9E6B0BABBA8} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: softonic-Germany Toolbar - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Program Files (x86)\softonic-Germany\tbsoft.dll (Conduit Ltd.)
BHO-x32: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.7\pdfforgeToolbarIE.dll (Spigot, Inc.)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BandooIEPlugin Class - {EB5CEE80-030A-4ED8-8E20-454E9C68380F} - C:\Program Files (x86)\Bandoo\Plugins\IE\ieplugin.dll (Discordia Limited)
Toolbar: HKLM-x32 - softonic-Germany Toolbar - {a51a36e6-31e7-4838-9ff7-76298b527ec0} - C:\Program Files (x86)\softonic-Germany\tbsoft.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files (x86)\pdfforge Toolbar\IE\6.7\pdfforgeToolbarIE.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - No Name - {A51A36E6-31E7-4838-9FF7-76298B527EC0} -  No File
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default
FF user.js: detected! => C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\user.js
FF NewTab: www.google.de
FF SelectedSearchEngine: Delta Search
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Deutsches Wörterbuch - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Dictionary Switcher - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\dictionary-switcher@design-noir.de
FF Extension: Delta Toolbar - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\ffxtlbr@delta.com
FF Extension: FireJump - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\firejump@firejump.net
FF Extension: IE Tab Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\ietab@ip.cn
FF Extension: Kempelton - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\kempelton-fx@arvidaxelsson.se
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\viewsourceintab@piro.sakura.ne(2).jp
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(2)
FF Extension: Garmin Communicator - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Ebay Negs! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{265b0520-499e-11d9-9669-0800200c9a66}
FF Extension: ChatZilla - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
FF Extension: ColorZilla - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF Extension: OrangePower Theme - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{6d0021e8-a8d6-11dc-8314-0800200c9a66}
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
FF Extension: IE Tab - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
FF Extension: Abstract Zune - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
FF Extension: CSSViewer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{8be51513-0433-45c1-9203-7b45019df871}
FF Extension: CSSViewer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{8be51513-0433-45c1-9203-7b45019df871}(2)
FF Extension: MR Tech Toolkit - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
FF Extension: BugMeNot - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
FF Extension: EditCSS - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{A0A87DB2-80BA-493a-B22F-FAFBAEA3E0A2}
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
FF Extension: facebookchatbar - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{d7ba87f4-c901-47b7-af80-18d75313aad1}
FF Extension: ViewSourceWith - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{eecba28f-b68b-4b3a-b501-6ce12e6b8696}
FF Extension: CustomizeGoogle - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
FF Extension: firebug - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: guiconfig - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\guiconfig@slosd.net.xpi
FF Extension: newtaburl - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\newtaburl@sogame.cat.xpi
FF Extension: Office2007Black - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\Office2007Black@JBBS.xpi
FF Extension: pdfforge - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\pdfforge@mybrowserbar.com
FF Extension: personas - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\personas@christopher.beard.xpi
FF Extension: pixelzoomer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\pixelzoomer@matthiasschuetz.com.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\sfStatistics.xml
FF Extension: tabscope - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\tabscope@xuldev.org.xpi
FF Extension: youtube2mp3 - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{8B8A525A-CFCA-44cf-81C3-3969E6CB96E0}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{aa26583b-4c35-4729-913e-156956078824}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{cf15270e-cf08-4def-b4ea-6a5ac23f3bca}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{ee6976bb-656b-45cf-b2b6-5c837ee59a96}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKCU\...\Firefox\Extensions: [firefox@bandoo.com] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles/fkuaerb5.default\extensions\firefox@bandoo.com
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\firejump@firejump.net
FF Extension: FireJump - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\firejump@firejump.net
FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\mail@shopping-preise.de
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\sparpilot@sparpilot.com

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43624 2012-08-14] (ArcSoft, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2555360 2013-06-21] (G Data Software AG)
R2 BrowserProtect; C:\ProgramData\BrowserProtect\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe [3085264 2013-06-03] ()
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc.)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [204304 2012-03-25] (Nitro PDF Software)
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2010-03-21] ()
R2 SearchAnonymizer; C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2012-08-21] ()

==================== Drivers (Whitelisted) ====================

S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [157496 2007-02-13] (Creative Technology Ltd)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700216 2007-02-13] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219448 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321848 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190264 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363320 2007-02-13] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142136 2007-02-13] (Creative Technology Ltd)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681272 2007-02-13] (Creative Technology Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [24536 2009-09-01] (Turtle Entertainment GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-06-28] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-06-28] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62808 2013-06-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-06-28] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-06-28] (G Data Software AG)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [166944 2008-08-18] (NVIDIA Corporation)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 cpuz130; \??\C:\Users\HEADCR~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 CT20XUT.DLL; system32\CT20XUT.DLL [x]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [x]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:08 - 2013-06-29 20:09 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:38 - 2013-06-29 20:08 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:49 - 2013-06-28 16:50 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:18 - 2013-05-28 15:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-28 14:14 - 2013-06-28 16:37 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 14:06 - 2013-06-28 14:24 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 14:06 - 2013-06-28 14:24 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-28 13:45 - 2013-06-29 19:18 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:08 - 2013-06-28 13:09 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:06 - 2013-06-28 13:07 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-26 13:45 - 2013-06-27 10:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:17 - 2013-06-22 12:19 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00000000 ____D C:\Users\***\AppData\Roaming\File Scout
2013-06-15 15:36 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:36 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:36 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:36 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-15 15:36 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 15:36 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:36 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:36 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:36 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:36 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:36 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-15 15:36 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-15 15:36 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 01269248 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00174592 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 15:35 - 2013-04-24 04:10 - 01078272 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 15:35 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 15:35 - 2013-04-17 15:04 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 15:35 - 2013-04-17 14:30 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 15:34 - 2013-05-08 06:50 - 01423720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 15:33 - 2013-05-02 06:16 - 00686080 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export

==================== One Month Modified Files and Folders =======

2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:09 - 2013-06-29 20:08 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-29 20:08 - 2013-06-28 17:38 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-06-29 20:06 - 2010-02-21 15:34 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-29 20:03 - 2008-01-21 03:53 - 01828738 ____A C:\Windows\WindowsUpdate.log
2013-06-29 20:00 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.dat
2013-06-29 20:00 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.001
2013-06-29 20:00 - 2010-02-21 15:34 - 00001112 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-29 19:59 - 2006-11-02 17:40 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-29 19:59 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-29 19:59 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-29 19:18 - 2013-06-28 13:45 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-29 17:18 - 2009-01-30 14:20 - 00000000 ____D C:\Users\***\AppData\Roaming\UseNeXT
2013-06-28 20:33 - 2006-11-02 17:40 - 00032534 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 18:04 - 2011-01-24 22:37 - 00000000 ____D C:\Windows\Minidump
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:40 - 2012-04-27 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:50 - 2013-06-28 16:49 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:49 - 2009-01-30 11:41 - 00000000 ____D C:\users\***
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:37 - 2013-06-28 14:14 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:24 - 2013-06-28 14:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 14:24 - 2013-06-28 14:06 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-28 14:24 - 2009-01-30 17:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-06-28 14:23 - 2013-04-12 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:14 - 2009-01-30 13:30 - 00000000 ____D C:\ProgramData\G DATA
2013-06-28 14:13 - 2009-01-30 13:30 - 00000000 ____D C:\Program Files (x86)\G DATA
2013-06-28 14:07 - 2009-01-30 21:25 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:12 - 2012-02-21 11:12 - 00354694 ____A C:\Windows\PFRO.log
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\setup
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\com
2013-06-28 13:09 - 2013-06-28 13:08 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:07 - 2013-06-28 13:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-28 11:38 - 2009-01-30 17:28 - 00000000 ____D C:\ProgramData\Adobe
2013-06-28 11:06 - 2009-01-30 13:29 - 00000000 ____D C:\Users\***\AppData\Local\Downloaded Installations
2013-06-28 10:45 - 2012-07-14 10:27 - 01121048 ____A C:\Windows\SysWOW64\sig.bin
2013-06-28 10:45 - 2012-07-14 10:27 - 00056377 ____A C:\Windows\SysWOW64\nmp.map
2013-06-27 11:43 - 2010-04-05 14:41 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2013-06-27 10:24 - 2013-06-26 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-25 14:39 - 2011-01-20 20:16 - 00000284 ____A C:\Windows\Brownie.ini
2013-06-25 14:20 - 2013-01-30 22:59 - 00000000 ____D C:\Program Files (x86)\Application Updater
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 13:55 - 2012-06-15 10:12 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-24 13:55 - 2010-05-18 15:59 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 20:08 - 2009-01-30 14:23 - 00248320 ____A C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:19 - 2013-06-22 12:17 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:19 - 2010-04-26 10:18 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-06-22 12:07 - 2010-11-07 12:51 - 00000830 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-22 12:07 - 2009-01-30 21:56 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-19 17:12 - 2013-06-19 17:12 - 00000000 ____D C:\Users\***\AppData\Roaming\File Scout
2013-06-15 16:59 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2013-06-15 15:44 - 2006-11-02 14:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-15 15:41 - 2008-01-21 12:47 - 01468714 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-15 15:41 - 2008-01-21 12:46 - 00628742 ____A C:\Windows\System32\perfh007.dat
2013-06-15 15:41 - 2008-01-21 12:46 - 00126486 ____A C:\Windows\System32\perfc007.dat
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export
2013-06-05 15:26 - 2013-05-13 14:37 - 00000000 ____D C:\ProgramData\BrowserProtect
2013-06-03 11:36 - 2013-05-13 15:38 - 00001888 ____A C:\Users\***\Desktop\eBay-Sidebar für Firefox.lnk

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-29 20:05

==================== End Of Log ============================
         
--- --- ---


Addition
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2013 01
Ran by *** at 2013-06-29 20:14:43
Running from C:\Users\***\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0)
Adobe Color EU Recommended Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Extra Settings (x32 Version: 1.0)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Photoshop CS3 (x32 Version: 10.0)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Adobe Setup (x32 Version: 1.0)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (x32 Version: 2.1.3.127)
aquasuite (x32)
ArcSoft Portrait+ (x32 Version: 2.0.0.221)
ArcSoft Scan-n-Stitch Deluxe (x32 Version: 1.1.2.27)
Artisteer 2 (x32 Version: 2.5)
Ashampoo Photo Commander 5 FREE (x32 Version: 5.4.1)
Avidemux 2.5 (32-bit) (x32 Version: 2.5.6.7716)
AVS Document Converter 2.0.1 (x32)
AVS Update Manager 1.0 (x32)
AVS4YOU Software Navigator 1.4 (x32)
Bandoo (x32)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)
Biet-O-Matic v2.10.1 (x32 Version: Biet-O-Matic v2.10.1)
Bonjour (Version: 3.0.0.10)
Brother HL-2035 (x32 Version: 1.00)
BrowserProtect (x32)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0)
Call of Duty(R) - World at War(TM) (x32 Version: 1.4.1)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32)
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3)
Call of Duty(R) - World at War(TM) 1.3 Patch (x32)
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4)
Call of Duty(R) - World at War(TM) 1.4 Patch (x32)
Call of Duty(R) - World at War(TM) 1.4.1 Patch (x32 Version: 1.4.1)
Call of Duty(R) - World at War(TM) 1.4.1 Patch (x32)
Call of Duty: Modern Warfare 2 - Multiplayer (x32)
Call of Duty: Modern Warfare 2 (x32)
Canon Utilities Digital Photo Professional 3.6 (x32 Version: 3.6.0.0)
Canon Utilities EOS Utility (x32 Version: 2.6.0.0)
Canon Utilities WFT-E1/E2/E3/E4 Utility (x32 Version: 3.3.0.0)
CCleaner (Version: 4.02)
CDBurnerXP (x32 Version: 4.2.3.1110)
CDex extraction audio (x32)
Conduit Engine (x32 Version: )
ConvertHelper 2.2 (x32)
Crazy Machines II (x32)
Creative 3DMIDI Player (x32 Version: 1.11)
Creative ALchemy (x32 Version: 1.41)
Creative Audio-Systemsteuerung (x32 Version: 3.00)
Creative Konsole Starter (x32 Version: 2.61)
Creative Media Toolbox 6 (Shared Components) (x32 Version: 2.80.12)
Creative Media Toolbox 6 (x32 Version: 6.00)
Creative MediaSource 5 (x32 Version: 5.00)
Creative Software AutoUpdate (x32 Version: 1.40)
Creative Sound Blaster Properties x64 Edition (x32 Version: 1.02)
Creative Systeminformationen (x32)
Creative WaveStudio 7 (x32 Version: 7.12)
Creative-Audiokonsole (x32)
Creative-Diagnose (x32 Version: 5.11)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (Version: 10.5.2.0)
Crystal Reports Basic Runtime German Language Pack for Visual Studio 2008 (x64) (Version: 10.5.0.0)
Day of Defeat: Source (x32)
Delta Chrome Toolbar (x32)
Delta toolbar   (x32 Version: 1.8.16.16)
DeskScapes (x32)
Desktop Icon für Amazon (Version: 1.0.1 (de))
DHTML Editing Component (x32 Version: 6.02.0001)
Dolby Digital Live Pack (x32 Version: 3.00)
DriverAgent by TouchStone Software (x32)
Dropbox (HKCU Version: 1.4.7)
EAX4 Unified Redist (x32 Version: 4.001)
Epson Copy Utility 3.5 (x32 Version: 3.5.0.0)
Epson Event Manager (x32 Version: 2.40.0002)
EPSON Perfection V33/V330 Handbuch (x32)
EPSON Scan (x32)
ESL Wire 1.0.1
Fallout 3 (HKCU Version: 1.00.0000)
FastFontPreview v3.0.2 FREEWARE (x32)
FileZilla Client 3.7.0.2 (HKCU Version: 3.7.0.2)
FireJump (x32 Version: 1.0.2.5)
FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b)
Free Audio CD Burner version 1.2 (x32)
Free FLV Converter V 6.7.6 (x32 Version: 6.7.6.0)
Free Mp3 Wma Converter V 1.81 (x32)
Free Video to MP3 Converter version 3.2 (x32)
Free YouTube to MP3 Converter version 3.3 (x32)
G Data AntiVirus 2014 (x32 Version: 24.0.2.4)
Garmin Lifetime Updater (x32 Version: 2.1.7)
Garmin POI Loader (x32 Version: 2.5.4.0)
Garmin USB Drivers (x32 Version: 2.3.0.0)
Garmin WebUpdater (x32 Version: 2.4.2)
Geländewagen-Simulator 2012 (Nur entfernen) (x32 Version: 1.1.1.0)
Google Earth (x32 Version: 7.0.3.8542)
Google Update Helper (x32 Version: 1.3.21.145)
Half-Life(R) 2 (x32 Version: 1.0.0.0)
Hamster Free Video Converter (x32 Version: 2.5.2.33)
HLSW v1.3.2.1 (x32)
ICQ6.5 (x32 Version: 6.5)
iTunes (Version: 10.6.3.25)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (x32 Version: 2.1.9.5)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Killing Floor (x32)
K-Lite Codec Pack (64-bit) v2.6.0 (Version: 2.6.0)
K-Lite Codec Pack 4.5.3 (Full) (x32 Version: 4.5.3)
Lautstärkefenster (x32)
Lidl-Fotos (x32)
Logitech GamePanel Software 3.01 (Version: 3.01.180)
Logitech Harmony Remote Software 7 (x32 Version: 7.6.0.8)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0)
Logitech SetPoint 5.20 (Version: 5.20)
Macromedia Dreamweaver MX (x32 Version: 6.0)
Macromedia Extension Manager (x32 Version: 1.5)
Macromedia Fireworks MX (x32 Version: 6)
Macromedia Flash MX (x32 Version: 6)
Macromedia FreeHand 10 (x32 Version: 10)
McAfee Security Scan Plus (x32 Version: 2.0.181.2)
Media Go (x32 Version: 1.1.245)
Metro 2033 (x32)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Silverlight (x32 Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mindjet MindManager 2012 (x32 Version: 10.1.459)
Movavi Video Converter 8 (x32 Version: 8.02.002)
MozBackup 1.4.10 (x32)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
Mp3tag v2.46a (x32 Version: v2.46a)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
neroxml (x32 Version: 1.0.0)
Nitro Reader 2 (Version: 2.3.1.2)
NVIDIA Display Control Panel (Version: 6.14.11.9745)
NVIDIA Drivers (Version: 1.10.59.37)
NVIDIA PhysX (x32 Version: 9.10.0222)
OpenAL (x32)
PDF Settings (x32 Version: 1.0)
PDF To Excel Converter V2.0 (x32)
PDFCreator (x32 Version: 1.2.3)
pdfforge Toolbar v6.7 (x32 Version: 6.7)
pdfsam (x32 Version: 2.2.0)
PDF-XChange 3
Phase 5 HTML-Editor (x32 Version: 5.6.2.3)
PhotoScape (x32)
PlayStation(R)Network Downloader (x32 Version: 1.02.00005)
PlayStation(R)Store (x32 Version: 2.0.8.03595)
PowerPDF Professional (x32 Version: 2.0)
PunkBuster Services (x32 Version: 0.988)
PVSonyDll (Version: 1.00.0001)
QNAP QGet (x32)
QuickPar 0.9 (x32 Version: 0.9)
QuickTime (x32 Version: 7.74.80.86)
ratDVD 0.78.1444 (x32 Version: 0.78.1444)
Remote Control USB Driver (x32 Version: 2.3.2.317)
Reservierungsplaner - Zimmerplan - Software-Pitzer (x32 Version: 13.0)
Reservierungsplaner - Zimmerplan (x32 Version: 5.3)
ResiGo (x32 Version: 1.0.0)
ResiGo9 (x32 Version: 1.0.0)
SearchAnonymizer (Version: 1.0.1 (de))
shopping-preise.de AddOn Firefox (x32 Version: 2.81)
Skype™ 4.0 (x32 Version: 4.0.227)
SmartPCFixer 4.2 (Version: 4.2)
softonic-Germany Toolbar (x32 Version: 6.2.7.3)
Sony Ericsson Update Engine (x32 Version: 2.12.4.17)
Sony PC Companion 2.10.030 (x32 Version: 2.10.030)
Sound Blaster X-Fi (x32 Version: 1.0)
SoundFont-Bank-Manager (x32)
Steam(TM) (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60)
TeamSpeak 3 Client
Tom Clancy's Splinter Cell Double Agent (x32 Version: 1.00.0000)
Ulead GIF Animator 5 Test (x32)
Ulead PhotoImpact X3 (x32 Version: 13.0)
Ultimate Extras sounds from Microsoft® Tinker™
Uninstall 1.0.0.1 (x32)
Unity Web Player (HKCU Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (x32 Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition (x32)
UseNeXT by Tangysoft (x32)
VCRedistSetup (x32 Version: 1.0.0)
Video mp3 Extractor (x32)
VLC media player 1.0.5 (x32 Version: 1.0.5)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows-Soundschemas
WinRAR archiver (x32)
Yahoo! Detect (x32)
Yahoo! Messenger (x32)

==================== Restore Points  =========================

28-06-2013 11:04:49 Installed QuickTime
29-06-2013 15:08:49 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {290E8249-D46A-4FD1-969B-5109B3DCF174} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {2B4C1AF3-07D4-4D5B-8CD2-BF3EFBEB68C8} - System32\Tasks\EPUpdater => C:\Users\HEADCR~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {40AE2EA0-9E89-4FF2-864C-5D7A8C0E6C6A} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {6AAE2CB8-ADE3-46A7-A51C-9BDD32AB85A6} - System32\Tasks\User_Feed_Synchronization-{3AFECE7E-8FEF-4C63-8A7B-DEE9D0BA220E} => C:\Windows\system32\msfeedssync.exe [2011-06-28] (Microsoft Corporation)
Task: {789D666D-774F-44E3-8C26-4B9DECA91CA5} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {83C4E485-0E0A-49D3-83C7-8FBB8C5685C5} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {8EF40D15-CC70-4694-A8AD-94602F760467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-21] (Google Inc.)
Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {9A441CE9-6C4F-4991-954B-EDCB9256D04F} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {A22ACAF2-B81F-4AE0-B8C1-093DB2A8C7B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {AD8FBB56-ED6F-4BEE-81B8-2332DDDA12B5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {B9C934E4-D331-4F55-92B5-B7731D7F3F9B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {C0B38178-CA76-4475-90EB-B2F41221156B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {CF4DDEFE-9489-45BC-BF58-70F81D879D20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-21] (Google Inc.)
Task: {D1849F70-8D65-4263-957C-27FD3AAE933A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {D4D36076-5BB0-4BBF-8288-644882FB1F2B} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {F03BC038-D75D-4CC8-B47D-D13A9D17F294} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: ESLvnic Virtual Network 64 Bit
Description: ESLvnic Virtual Network 64 Bit
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Turtle Entertainment GmbH
Service: ESLvnic1
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/29/2013 08:05:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\***\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FKUAERB5.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (06/29/2013 08:05:04 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\***\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FKUAERB5.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (06/29/2013 08:02:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/29/2013 08:02:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/29/2013 08:02:05 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"1". Fehler in Manifest- oder Richtliniendatei "Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"2" in Zeile  Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition: Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/29/2013 08:00:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/29/2013 07:48:44 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung AVKProxy.exe, Version 1.5.13081.613, Zeitstempel 0x514c20ba, fehlerhaftes Modul avkpop3.dll, Version 2.2.13056.198, Zeitstempel 0x512aca0f, Ausnahmecode 0xc0000005, Fehleroffset 0x00002388,
Prozess-ID 0x50c, Anwendungsstartzeit AVKProxy.exe0.

Error: (06/29/2013 07:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x20ac, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (06/29/2013 06:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0xed8, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (06/29/2013 05:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x13ec, Anwendungsstartzeit FlashPlayerUpdateService.exe0.


System errors:
=============
Error: (06/29/2013 07:59:37 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 29.06.2013 um 19:42:23 unerwartet heruntergefahren.

Error: (06/28/2013 06:04:47 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 28.06.2013 um 17:59:56 unerwartet heruntergefahren.

Error: (06/28/2013 04:37:11 PM) (Source: Service Control Manager) (User: )
Description: 1Neustart des DienstsG Data AntiVirus Proxy%%1058

Error: (06/28/2013 04:36:11 PM) (Source: Service Control Manager) (User: )
Description: G Data AntiVirus Proxy1600001Neustart des Diensts

Error: (06/28/2013 01:10:45 PM) (Source: Service Control Manager) (User: )
Description: G Data AntiVirus Proxy1600001Neustart des Diensts

Error: (06/28/2013 11:05:53 AM) (Source: Service Control Manager) (User: )
Description: 1Neustart des DienstsG Data AntiVirus Proxy%%1058

Error: (06/28/2013 11:04:53 AM) (Source: Service Control Manager) (User: )
Description: G Data AntiVirus Proxy1600001Neustart des Diensts

Error: (06/22/2013 02:02:01 PM) (Source: Service Control Manager) (User: )
Description: Adobe Flash Player Update Service%%32

Error: (06/22/2013 09:32:06 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dE:0x0

Error: (06/21/2013 09:26:22 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dE:0x0


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-06-29 20:10:10.873
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-29 20:10:10.696
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-29 20:10:10.518
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-29 20:10:10.337
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-29 20:10:10.159
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-29 20:10:09.977
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-29 20:10:09.799
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-29 20:10:09.622
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-29 20:09:53.220
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-29 20:09:53.037
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 53%
Total physical RAM: 4093.64 MB
Available physical RAM: 1917.46 MB
Total Pagefile: 8360.54 MB
Available Pagefile: 5676.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Vista System C) (Fixed) (Total:293.94 GB) (Free:104.48 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: (Games) (Fixed) (Total:404.69 GB) (Free:263.82 GB) NTFS (Disk=0 Partition=2)
Drive f: (Osterbach) (Fixed) (Total:149.05 GB) (Free:114.86 GB) NTFS (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: A5751F76)
Partition 1: (Active) - (Size=294 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=405 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 149 GB) (Disk ID: 21C9D2B0)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---



Ich hoffe ihr könnt mir helfen..wäre echt sehr sehr dankbar!

LG Fränky

Alt 29.06.2013, 19:34   #2
schrauber
/// the machine
/// TB-Ausbilder
 

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Hi,

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST Log bitte.
__________________

__________________

Alt 30.06.2013, 12:07   #3
Fränky
 
c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Danke für die schnelle Hilfe..finde ich superklasse..!!!
Ich bekomme zumindest keine Fehlermeldung mehr wenn ich ein Programm auf mache.. THX
Habe allerdings immer noch die Fehlermeldung vom Adobe Flash Player Update Service 11.6 r602
Auch mit dem Adobe Flash entfernungstool hört das nicht auf^^

Hier die ADW
Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 29/06/2013 um 21:14:51 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows (TM) Vista Ultimate Service Pack 2 (64 bits)
# Benutzer : *** - MR-***
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : BrowserProtect
Gestoppt & Gelöscht : SearchAnonymizer

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\icqplugin-5.xml
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\searchplugins\MyStart Search.xml
Gelöscht mit Neustart : C:\Program Files (x86)\Application Updater
Gelöscht mit Neustart : C:\Program Files (x86)\Bandoo
Gelöscht mit Neustart : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Gelöscht mit Neustart : C:\Program Files (x86)\Common Files\spigot
Gelöscht mit Neustart : C:\Program Files (x86)\Conduit
Gelöscht mit Neustart : C:\Program Files (x86)\ConduitEngine
Gelöscht mit Neustart : C:\Program Files (x86)\Delta
Gelöscht mit Neustart : C:\Program Files (x86)\Iminent
Gelöscht mit Neustart : C:\Program Files (x86)\pdfforge Toolbar
Gelöscht mit Neustart : C:\Program Files (x86)\softonic-Germany
Gelöscht mit Neustart : C:\Program Files (x86)\SweetIM
Gelöscht mit Neustart : C:\ProgramData\Babylon
Gelöscht mit Neustart : C:\ProgramData\Bandoo
Gelöscht mit Neustart : C:\ProgramData\BrowserProtect
Gelöscht mit Neustart : C:\ProgramData\IBUpdaterService
Gelöscht mit Neustart : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandoo
Gelöscht mit Neustart : C:\Users\HEADCR~1\AppData\Local\Temp\OCS
Gelöscht mit Neustart : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Gelöscht mit Neustart : C:\Users\***\AppData\Local\PackageAware
Gelöscht mit Neustart : C:\Users\***\AppData\LocalLow\ConduitEngine
Gelöscht mit Neustart : C:\Users\***\AppData\LocalLow\pdfforge
Gelöscht mit Neustart : C:\Users\***\AppData\LocalLow\Search Settings
Gelöscht mit Neustart : C:\Users\***\AppData\LocalLow\softonic-Germany
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\BabSolution
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\Babylon
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\DesktopIconForAmazon
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\file scout
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\ffxtlbr@delta.com
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\firejump@firejump.net
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\jetpack
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\SweetIMToolbarData
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\SweetPacksToolbarData
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\OCS
Gelöscht mit Neustart : C:\Users\***\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\conduitEngine
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\pdfforge
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\softonic-Germany
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{08ED8855-4C2E-429B-A878-F129E1F624FA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1CD4D45E-4851-496D-840F-2C2E752ECFB7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0B139A7-E8D5-49E8-A7BF-12421E652208}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta Chrome Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DesktopIconAmazon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Savings Sidekick
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchAnonymizer
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchTheWebARP
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\softonic-Germany Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A51A36E6-31E7-4838-9FF7-76298B527EC0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A51A36E6-31E7-4838-9FF7-76298B527EC0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\pdfforge
Schlüssel Gelöscht : HKCU\Software\Search Settings
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\5b55d7dab56abf42
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Application Updater
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Bandoo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\FlashAnimator.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooIEPlugin.BandooIEPlugin.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BFlashAnimator.BFlashAnimatorCtrl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BGIFAnimator.BGIFAnimatorCtrl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2449729
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\conduitEngine
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{821EB71E-86CB-4F65-B56C-E3F628651FDF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Schlüssel Gelöscht : HKLM\Software\pdfforge
Schlüssel Gelöscht : HKLM\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\softonic-Germany
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5b55d7dab56abf42
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{821EB71E-86CB-4F65-B56C-E3F628651FDF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A51A36E6-31E7-4838-9FF7-76298B527EC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AA712ED-5096-4765-A10E-295D4B07FA67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{823A11DB-043A-46CF-8143-AA7FC6F48FC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A51A36E6-31E7-4838-9FF7-76298B527EC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EB5CEE80-030A-4ED8-8E20-454E9C68380F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Bandoo
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\softonic-Germany Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CE1CB632-6817-47B3-8587-D05AF75D6D5A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A51A36E6-31E7-4838-9FF7-76298B527EC0}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{A51A36E6-31E7-4838-9FF7-76298B527EC0}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEE6C35D-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [firefox@bandoo.com]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\extensions [firejump@firejump.net]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A51A36E6-31E7-4838-9FF7-76298B527EC0}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{A51A36E6-31E7-4838-9FF7-76298B527EC0}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16490

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www1.delta-search.com/?affID=119828&tt=gc_&babsrc=HP_ss&mntrId=0C9300044B057F31 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\prefs.js

C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\user.js ... Gelöscht !

Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Delta Search");
Gelöscht : user_pref("browser.search.selectedEngine", "Delta Search");
Gelöscht : user_pref("extensions.crossriderapp5060@crossrider.com.install-event-fired", true);
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "0c931fc300000000000000044b057f31");
Gelöscht : user_pref("extensions.delta.instlDay", "15838");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1614:37:37");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
Gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
Gelöscht : user_pref("extensions.ffxtlbr@incredibar.com.install-event-fired", true);
Gelöscht : user_pref("extensions.incredibar_i.aflt", "orgnl");
Gelöscht : user_pref("extensions.incredibar_i.dfltLng", "");
Gelöscht : user_pref("extensions.incredibar_i.did", "10643");
Gelöscht : user_pref("extensions.incredibar_i.excTlbr", false);
Gelöscht : user_pref("extensions.incredibar_i.id", "c01a172b000000000000964ce5c76536");
Gelöscht : user_pref("extensions.incredibar_i.installerproductid", "26");
Gelöscht : user_pref("extensions.incredibar_i.instlDay", "15504");
Gelöscht : user_pref("extensions.incredibar_i.instlRef", "");
Gelöscht : user_pref("extensions.incredibar_i.ms_url_id", "");
Gelöscht : user_pref("extensions.incredibar_i.newTab", false);
Gelöscht : user_pref("extensions.incredibar_i.ppd", "1451");
Gelöscht : user_pref("extensions.incredibar_i.prdct", "incredibar");
Gelöscht : user_pref("extensions.incredibar_i.productid", "26");
Gelöscht : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
Gelöscht : user_pref("extensions.incredibar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.incredibar_i.tlbrId", "base");
Gelöscht : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6PQAlNKcaX&loc=IB[...]
Gelöscht : user_pref("extensions.incredibar_i.upn2", "6PQAlNKcaX");
Gelöscht : user_pref("extensions.incredibar_i.upn2n", "92543053404254679");
Gelöscht : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
Gelöscht : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:04:33");
Gelöscht : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
Gelöscht : user_pref("extensions.mmsearch.mmsearch-freesearchengines", "f1f_vGooglef_vhxxps://www.google.com/se[...]
Gelöscht : user_pref("extensions.mmsearch.mmsearch-freesearchgroups", "businf_vGeschäftlichf_vchrome://websear[...]
Gelöscht : user_pref("extensions.mmsearch.mmsearch-linkedffsearchengines", "[app]/google.xmll_vf1l_e[app]/yahoo[...]

*************************

AdwCleaner[R1].txt - [40265 octets] - [29/06/2013 21:10:49]
AdwCleaner[R2].txt - [40326 octets] - [29/06/2013 21:14:23]
AdwCleaner[S1].txt - [33009 octets] - [29/06/2013 21:14:51]

########## EOF - C:\AdwCleaner[S1].txt - [33070 octets] ##########
         
Hier die JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows (TM) Vista Ultimate x64
Ran by *** on 30.06.2013 at 12:36:39,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\ibupdaterservice"
Successfully deleted: [Folder] "C:\Program Files (x86)\application updater"
Successfully deleted: [Folder] "C:\Program Files (x86)\bandoo"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduitengine"
Successfully deleted: [Folder] "C:\Program Files (x86)\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\iminent"
Successfully deleted: [Folder] "C:\Program Files (x86)\pdfforge toolbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bandoo"



~~~ FireFox

Successfully deleted: [File] C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkuaerb5.default\invalidprefs.js
Successfully deleted the following from C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkuaerb5.default\prefs.js

user_pref("extensions.customizegoogle.cookies.SafeSearch", "empty");
user_pref("extensions.customizegoogle.cookies.enableSafeSearch", false);
user_pref("extensions.mmsearch.mmsearch-freesearchengines", "f19f_vGooglef_vhxxps://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&rls={moz:distributionID}:{moz:
user_pref("extensions.mmsearch.mmsearch-freesearchgroups", "businf_vGeschäftlichf_vchrome://websearchpro/skin/websearchpro_toolbar_free_business.pngf_gcompuf_vComputer/Techni
user_pref("extensions.urllink.submenu.7", "In Wi&kipedia|hxxp://en.wikipedia.org/wiki/Special:Search?search=*&sourceid=mozilla-search");
user_pref("extensions.webbooster@iminent.com.install-event-fired", true);
Emptied folder: C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\fkuaerb5.default\minidumps [66 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.06.2013 at 12:40:24,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
und hier die frische FRST

FRST Logfile:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01
Ran by *** (administrator) on 30-06-2013 12:44:05
Running from C:\Users\***\Downloads
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTHELPER.EXE
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe [333344 2008-08-18] (NVIDIA Corporation)
HKLM\...\Run: [Ocs_SM] C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-08-21] (OCS)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {0cfbd161-c443-11e2-b955-00044b057f31} - H:\AutoRun.exe
MountPoints2: {12105fc9-2fd4-11e0-92fc-001e101f1ed9} - E:\AutoRun.exe
MountPoints2: {12105fe4-2fd4-11e0-92fc-001e101f1f81} - E:\AutoRun.exe
MountPoints2: {1654cdad-3e5a-11e0-86fc-00044b057f31} - E:\AutoRun.exe
MountPoints2: {2882cb2b-24ac-11e0-94bc-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {437cff72-05e4-11e0-8578-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {5abc1e6a-577d-11de-981d-00044b057f31} - I:\InstallTomTomHOME.exe
MountPoints2: {753df3d3-f663-11df-b7a2-00ff01000001} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.garmin.com/agent
MountPoints2: {9f607269-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {9f607285-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {f34f4dc1-3486-11e0-a498-001e101faa49} - I:\AutoRun.exe
MountPoints2: {f34f4dcc-3486-11e0-a498-001e101faa49} - E:\AutoRun.exe
MountPoints2: {f34f4dcd-3486-11e0-a498-001e101faa49} - F:\AutoRun.exe
MountPoints2: {f78eecd0-b92a-11e0-8d57-00044b057f31} - F:\Startme.exe
HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [19456 2007-02-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [24576 2010-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [976832 2009-12-17] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] "C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe" [1444304 2013-03-22] (G Data Software AG)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
AppInit_DLLs-x32:   [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\aquasuite.lnk
ShortcutTarget: aquasuite.lnk -> C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe (Aqua Computer GmbH & Co. KG)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ieaddons.com/de/other/
SearchScopes: HKCU - {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = hxxp://searchservice.myspace.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368736572766963652E6D7973706163652E636F6D2F696E6465782E63666D3F66757365616374696F6E3D736974657365617263682E726573756C7473267172793D7B7365617263685465726D737D26747970653D576562266F7269673D494D432D49454453&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {0DB415EF-752B-4EB1-B8CF-CD7E4930C208} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2226124D-999D-451B-BDAC-58173FE7DA6A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2DCAE223-E70E-45FE-9887-1C6BE0123DF6} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5D042F87-5F7A-4349-BAB0-6D3754738FAD} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {81F0ACD6-CC2B-4066-B81B-891B97A41EB1} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D38323733313626703D7B7365617263685465726D737D&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {8D734B18-8E9A-4718-887D-4F13E61A7AAF} URL = hxxp://dict.leo.org.anonymize-me.de/?anonymto=687474703A2F2F646963742E6C656F2E6F72672F656E64653F6C703D656E6465266C616E673D6465267365617263684C6F633D3026636D70547970653D72656C6178656426736563744864723D6F6E267370656C6C546F6C65723D6F6E266368696E6573653D626F74682670696E79696E3D646961637269746963267365617263683D7B7365617263685465726D737D2672656C696E6B3D6F6E&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {9A20C20B-7C42-48C1-9DEE-AF0F75FBBE65} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C6CC1D3B-C988-49BA-85E7-D9E6B0BABBA8} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default
FF NewTab: www.google.de
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Deutsches Wörterbuch - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Dictionary Switcher - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\dictionary-switcher@design-noir.de
FF Extension: IE Tab Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\ietab@ip.cn
FF Extension: Kempelton - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\kempelton-fx@arvidaxelsson.se
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\viewsourceintab@piro.sakura.ne(2).jp
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(2)
FF Extension: Garmin Communicator - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Ebay Negs! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{265b0520-499e-11d9-9669-0800200c9a66}
FF Extension: ChatZilla - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
FF Extension: ColorZilla - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF Extension: OrangePower Theme - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{6d0021e8-a8d6-11dc-8314-0800200c9a66}
FF Extension: NoScript - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
FF Extension: IE Tab - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
FF Extension: Abstract Zune - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
FF Extension: CSSViewer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{8be51513-0433-45c1-9203-7b45019df871}
FF Extension: CSSViewer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{8be51513-0433-45c1-9203-7b45019df871}(2)
FF Extension: MR Tech Toolkit - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
FF Extension: BugMeNot - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
FF Extension: EditCSS - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{A0A87DB2-80BA-493a-B22F-FAFBAEA3E0A2}
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
FF Extension: facebookchatbar - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{d7ba87f4-c901-47b7-af80-18d75313aad1}
FF Extension: ViewSourceWith - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{eecba28f-b68b-4b3a-b501-6ce12e6b8696}
FF Extension: CustomizeGoogle - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
FF Extension: firebug - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: guiconfig - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\guiconfig@slosd.net.xpi
FF Extension: newtaburl - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\newtaburl@sogame.cat.xpi
FF Extension: Office2007Black - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\Office2007Black@JBBS.xpi
FF Extension: pdfforge - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\pdfforge@mybrowserbar.com
FF Extension: personas - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\personas@christopher.beard.xpi
FF Extension: pixelzoomer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\pixelzoomer@matthiasschuetz.com.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\sfStatistics.xml
FF Extension: tabscope - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\tabscope@xuldev.org.xpi
FF Extension: youtube2mp3 - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{8B8A525A-CFCA-44cf-81C3-3969E6CB96E0}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{aa26583b-4c35-4729-913e-156956078824}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{cf15270e-cf08-4def-b4ea-6a5ac23f3bca}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{ee6976bb-656b-45cf-b2b6-5c837ee59a96}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\mail@shopping-preise.de
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\sparpilot@sparpilot.com

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43624 2012-08-14] (ArcSoft, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2555360 2013-06-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc.)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [204304 2012-03-25] (Nitro PDF Software)
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2010-03-21] ()

==================== Drivers (Whitelisted) ====================

S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [157496 2007-02-13] (Creative Technology Ltd)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700216 2007-02-13] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219448 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321848 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190264 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363320 2007-02-13] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142136 2007-02-13] (Creative Technology Ltd)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681272 2007-02-13] (Creative Technology Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [24536 2009-09-01] (Turtle Entertainment GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-06-28] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-06-28] (G Data Software AG)
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62808 2013-06-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-06-28] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-06-28] (G Data Software AG)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [166944 2008-08-18] (NVIDIA Corporation)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 cpuz130; \??\C:\Users\HEADCR~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 CT20XUT.DLL; system32\CT20XUT.DLL [x]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [x]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-30 12:43 - 2013-06-30 12:43 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64 (1).exe
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-29 21:24 - 2013-06-30 12:36 - 00000000 ____D C:\JRT
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:14 - 2013-06-29 21:15 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:14 - 2013-06-29 21:15 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:10 - 2013-06-29 21:11 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\***\Downloads\adwcleaner.exe
2013-06-29 20:14 - 2013-06-29 20:15 - 00028668 ____A C:\Users\***\Downloads\Addition.txt
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:08 - 2013-06-29 20:09 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:38 - 2013-06-30 12:41 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:49 - 2013-06-28 16:50 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:18 - 2013-05-28 15:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-28 14:14 - 2013-06-28 16:37 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 14:06 - 2013-06-28 14:24 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 14:06 - 2013-06-28 14:24 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-28 13:45 - 2013-06-30 12:18 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:08 - 2013-06-28 13:09 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:06 - 2013-06-28 13:07 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-26 13:45 - 2013-06-27 10:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\******\Documents\cc_20130624_104342.reg
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:17 - 2013-06-22 12:19 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\******\Downloads\ccsetup402.exe
2013-06-15 15:36 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:36 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:36 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:36 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-15 15:36 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 15:36 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:36 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:36 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:36 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:36 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:36 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-15 15:36 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-15 15:36 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 01269248 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00174592 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 15:35 - 2013-04-24 04:10 - 01078272 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 15:35 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 15:35 - 2013-04-17 15:04 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 15:35 - 2013-04-17 14:30 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 15:34 - 2013-05-08 06:50 - 01423720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 15:33 - 2013-05-02 06:16 - 00686080 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export

==================== One Month Modified Files and Folders =======

2013-06-30 12:43 - 2013-06-30 12:43 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64 (1).exe
2013-06-30 12:41 - 2013-06-28 17:38 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-30 12:36 - 2013-06-29 21:24 - 00000000 ____D C:\JRT
2013-06-30 12:18 - 2013-06-28 13:45 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-30 12:06 - 2010-02-21 15:34 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-30 12:06 - 2010-02-21 15:34 - 00001112 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-30 11:16 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-30 11:16 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-30 02:11 - 2008-01-21 03:53 - 01842012 ____A C:\Windows\WindowsUpdate.log
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:19 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.dat
2013-06-29 21:19 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.001
2013-06-29 21:16 - 2006-11-02 17:40 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-29 21:15 - 2013-06-29 21:14 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:15 - 2013-06-29 21:14 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:15 - 2006-11-02 17:40 - 00032534 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:11 - 2013-06-29 21:10 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\***\Downloads\adwcleaner.exe
2013-06-29 20:15 - 2013-06-29 20:14 - 00028668 ____A C:\Users\***\Downloads\Addition.txt
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:09 - 2013-06-29 20:08 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-29 17:18 - 2009-01-30 14:20 - 00000000 ____D C:\Users\******\AppData\Roaming\UseNeXT
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 18:04 - 2011-01-24 22:37 - 00000000 ____D C:\Windows\Minidump
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:40 - 2012-04-27 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:50 - 2013-06-28 16:49 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\******\defogger_reenable
2013-06-28 16:49 - 2009-01-30 11:41 - 00000000 ____D C:\users\***
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:37 - 2013-06-28 14:14 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:24 - 2013-06-28 14:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 14:24 - 2013-06-28 14:06 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-28 14:24 - 2009-01-30 17:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-06-28 14:23 - 2013-04-12 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:14 - 2009-01-30 13:30 - 00000000 ____D C:\ProgramData\G DATA
2013-06-28 14:13 - 2009-01-30 13:30 - 00000000 ____D C:\Program Files (x86)\G DATA
2013-06-28 14:07 - 2009-01-30 21:25 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:12 - 2012-02-21 11:12 - 00354694 ____A C:\Windows\PFRO.log
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\setup
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\com
2013-06-28 13:09 - 2013-06-28 13:08 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:07 - 2013-06-28 13:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-28 11:38 - 2009-01-30 17:28 - 00000000 ____D C:\ProgramData\Adobe
2013-06-28 11:06 - 2009-01-30 13:29 - 00000000 ____D C:\Users\***\AppData\Local\Downloaded Installations
2013-06-28 10:45 - 2012-07-14 10:27 - 01121048 ____A C:\Windows\SysWOW64\sig.bin
2013-06-28 10:45 - 2012-07-14 10:27 - 00056377 ____A C:\Windows\SysWOW64\nmp.map
2013-06-27 11:43 - 2010-04-05 14:41 - 00000000 ____D C:\Users\******\AppData\Roaming\vlc
2013-06-27 10:24 - 2013-06-26 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-25 14:39 - 2011-01-20 20:16 - 00000284 ____A C:\Windows\Brownie.ini
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\******\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 13:55 - 2012-06-15 10:12 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-24 13:55 - 2010-05-18 15:59 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 20:08 - 2009-01-30 14:23 - 00248320 ____A C:\Users\******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:19 - 2013-06-22 12:17 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:19 - 2010-04-26 10:18 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-06-22 12:07 - 2010-11-07 12:51 - 00000830 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-22 12:07 - 2009-01-30 21:56 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-15 16:59 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2013-06-15 15:44 - 2006-11-02 14:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-15 15:41 - 2008-01-21 12:47 - 01468714 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-15 15:41 - 2008-01-21 12:46 - 00628742 ____A C:\Windows\System32\perfh007.dat
2013-06-15 15:41 - 2008-01-21 12:46 - 00126486 ____A C:\Windows\System32\perfc007.dat
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export
2013-06-03 11:36 - 2013-05-13 15:38 - 00001888 ____A C:\Users\***\Desktop\eBay-Sidebar für Firefox.lnk

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-30 09:25

==================== End Of Log ============================
         
--- --- ---



--- --- ---

--- --- ---
__________________

Alt 30.06.2013, 14:14   #4
schrauber
/// the machine
/// TB-Ausbilder
 

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Das schau ich mir gleich an, erst noch einen Onlinescan.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. Noch Probleme neben dem Flash?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.07.2013, 17:32   #5
Fränky
 
c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Autsch.. 8 Trojaner gefunden^^
Hätte ich nicht gedacht und warum schlägt der G-Data nicht an?!
Gibt es ne bessere Alternative?!

Jau mit dem Flash..der meldet immer noch fleissig


Hier die ESET LOG
Code:
ATTFilter
C:\Users\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\2940cdf2-78424015	a variant of Java/Exploit.Agent.OMZ trojan
C:\Users\***\Downloads\vlc-2.0.5-win32.exe	Win32/StartPage.OPH trojan
C:\Users\***\Downloads\vlc-2.0.5-win64.exe	Win32/StartPage.OPH trojan
C:\Windows.old\Documents and Settings\***\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50\2940cdf2-78424015	a variant of Java/Exploit.Agent.OMZ trojan
C:\Windows.old\Documents and Settings\***\Downloads\vlc-2.0.5-win32.exe	Win32/StartPage.OPH trojan
C:\Windows.old\Documents and Settings\***\Downloads\vlc-2.0.5-win64.exe	Win32/StartPage.OPH trojan
H:\Programme für Vista\Corel\Corel PhotoImpact X3 13\Corel PhotoImpact X3 13.exe	probably a variant of Win32/Agent.FBZNDOP trojan
H:\Backup Vistastripe\Firefox 3.6 (de) - 2010-03-12.pcv	a variant of Win32/Adware.Bandoo.AA application
         
Hier der Securitycheck

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.68  
 Windows Vista Service Pack 2 x64 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:`````````````` 
G Data AntiVirus 2014   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 JavaFX 2.1.1    
 Java 7 Update 25  
 Adobe Flash Player 	11.7.700.224  
 Adobe Reader 10.1.7 Adobe Reader out of Date!  
 Mozilla Firefox (Firefox.) 
 Mozilla Thunderbird (17.0.7) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSASCui.exe 
 G Data AntiVirus AVK AVKWCtlx64.exe 
 G Data AntiVirus AVK AVKService.exe 
 G DATA AntiVirus AVKTray AVKTray.exe 
 Windows Defender MSASCui.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
und natürlich das FRST


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2013 01
Ran by *** (administrator) on 01-07-2013 18:12:02
Running from C:\Users\***\Downloads
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTHELPER.EXE
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPNSCFG.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe [333344 2008-08-18] (NVIDIA Corporation)
HKLM\...\Run: [Ocs_SM] C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-08-21] (OCS)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {0cfbd161-c443-11e2-b955-00044b057f31} - H:\AutoRun.exe
MountPoints2: {12105fc9-2fd4-11e0-92fc-001e101f1ed9} - E:\AutoRun.exe
MountPoints2: {12105fe4-2fd4-11e0-92fc-001e101f1f81} - E:\AutoRun.exe
MountPoints2: {1654cdad-3e5a-11e0-86fc-00044b057f31} - E:\AutoRun.exe
MountPoints2: {2882cb2b-24ac-11e0-94bc-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {437cff72-05e4-11e0-8578-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {5abc1e6a-577d-11de-981d-00044b057f31} - I:\InstallTomTomHOME.exe
MountPoints2: {753df3d3-f663-11df-b7a2-00ff01000001} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.garmin.com/agent
MountPoints2: {9f607269-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {9f607285-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {f34f4dc1-3486-11e0-a498-001e101faa49} - I:\AutoRun.exe
MountPoints2: {f34f4dcc-3486-11e0-a498-001e101faa49} - E:\AutoRun.exe
MountPoints2: {f34f4dcd-3486-11e0-a498-001e101faa49} - F:\AutoRun.exe
MountPoints2: {f78eecd0-b92a-11e0-8d57-00044b057f31} - F:\Startme.exe
HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [19456 2007-02-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [24576 2010-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [976832 2009-12-17] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] "C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe" [1444304 2013-03-22] (G Data Software AG)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
AppInit_DLLs-x32:   [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\aquasuite.lnk
ShortcutTarget: aquasuite.lnk -> C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe (Aqua Computer GmbH & Co. KG)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ieaddons.com/de/other/
SearchScopes: HKCU - {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = hxxp://searchservice.myspace.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368736572766963652E6D7973706163652E636F6D2F696E6465782E63666D3F66757365616374696F6E3D736974657365617263682E726573756C7473267172793D7B7365617263685465726D737D26747970653D576562266F7269673D494D432D49454453&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {0DB415EF-752B-4EB1-B8CF-CD7E4930C208} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2226124D-999D-451B-BDAC-58173FE7DA6A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2DCAE223-E70E-45FE-9887-1C6BE0123DF6} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5D042F87-5F7A-4349-BAB0-6D3754738FAD} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {81F0ACD6-CC2B-4066-B81B-891B97A41EB1} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D38323733313626703D7B7365617263685465726D737D&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {8D734B18-8E9A-4718-887D-4F13E61A7AAF} URL = hxxp://dict.leo.org.anonymize-me.de/?anonymto=687474703A2F2F646963742E6C656F2E6F72672F656E64653F6C703D656E6465266C616E673D6465267365617263684C6F633D3026636D70547970653D72656C6178656426736563744864723D6F6E267370656C6C546F6C65723D6F6E266368696E6573653D626F74682670696E79696E3D646961637269746963267365617263683D7B7365617263685465726D737D2672656C696E6B3D6F6E&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {9A20C20B-7C42-48C1-9DEE-AF0F75FBBE65} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C6CC1D3B-C988-49BA-85E7-D9E6B0BABBA8} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default
FF NewTab: www.google.de
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: Deutsches Wörterbuch - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\de-DE@dictionaries.addons.mozilla.org
FF Extension: Dictionary Switcher - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\dictionary-switcher@design-noir.de
FF Extension: IE Tab Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\ietab@ip.cn
FF Extension: Kempelton - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\kempelton-fx@arvidaxelsson.se
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\viewsourceintab@piro.sakura.ne(2).jp
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(2)
FF Extension: Garmin Communicator - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: Microsoft .NET Framework Assistant - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Ebay Negs! - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{265b0520-499e-11d9-9669-0800200c9a66}
FF Extension: ChatZilla - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
FF Extension: ColorZilla - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF Extension: OrangePower Theme - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{6d0021e8-a8d6-11dc-8314-0800200c9a66}
FF Extension: NoScript - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
FF Extension: IE Tab - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
FF Extension: Abstract Zune - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{7ef7f4d6-947d-11dc-8314-0800200c9a66}
FF Extension: CSSViewer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{8be51513-0433-45c1-9203-7b45019df871}
FF Extension: CSSViewer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{8be51513-0433-45c1-9203-7b45019df871}(2)
FF Extension: MR Tech Toolkit - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{9669CC8F-B388-42FE-86F4-CB5E7F5A8BDC}
FF Extension: BugMeNot - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}
FF Extension: EditCSS - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{A0A87DB2-80BA-493a-B22F-FAFBAEA3E0A2}
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
FF Extension: facebookchatbar - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{d7ba87f4-c901-47b7-af80-18d75313aad1}
FF Extension: ViewSourceWith - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{eecba28f-b68b-4b3a-b501-6ce12e6b8696}
FF Extension: CustomizeGoogle - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
FF Extension: firebug - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\firebug@software.joehewitt.com.xpi
FF Extension: guiconfig - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\guiconfig@slosd.net.xpi
FF Extension: newtaburl - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\newtaburl@sogame.cat.xpi
FF Extension: Office2007Black - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\Office2007Black@JBBS.xpi
FF Extension: personas - C:\Users\******\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\personas@christopher.beard.xpi
FF Extension: pixelzoomer - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\pixelzoomer@matthiasschuetz.com.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\sfStatistics.xml
FF Extension: tabscope - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\tabscope@xuldev.org.xpi
FF Extension: youtube2mp3 - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\youtube2mp3@mondayx.de.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{1392b8d2-5c05-419f-a8f6-b9f15a596612}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{139a120b-c2ea-41d2-bf70-542d9f063dfd}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{20cc25e2-48c9-45e1-9a1f-1ccc1882b81b}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{8B8A525A-CFCA-44cf-81C3-3969E6CB96E0}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{aa26583b-4c35-4729-913e-156956078824}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{cf15270e-cf08-4def-b4ea-6a5ac23f3bca}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{ee6976bb-656b-45cf-b2b6-5c837ee59a96}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\mail@shopping-preise.de
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\sparpilot@sparpilot.com

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43624 2012-08-14] (ArcSoft, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2555360 2013-06-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc.)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [204304 2012-03-25] (Nitro PDF Software)
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2010-03-21] ()

==================== Drivers (Whitelisted) ====================

S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [157496 2007-02-13] (Creative Technology Ltd)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700216 2007-02-13] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219448 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321848 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190264 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363320 2007-02-13] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142136 2007-02-13] (Creative Technology Ltd)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681272 2007-02-13] (Creative Technology Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [24536 2009-09-01] (Turtle Entertainment GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-06-28] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-06-28] (G Data Software AG)
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62808 2013-06-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-06-28] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-06-28] (G Data Software AG)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [166944 2008-08-18] (NVIDIA Corporation)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 cpuz130; \??\C:\Users\HEADCR~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 CT20XUT.DLL; system32\CT20XUT.DLL [x]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [x]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-01 18:08 - 2013-07-01 18:08 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64 (2).exe
2013-07-01 18:07 - 2013-07-01 18:07 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2013-07-01 17:22 - 2013-07-01 17:22 - 00890988 ____A C:\Users\***\Downloads\SecurityCheck.exe
2013-07-01 10:28 - 2013-07-01 10:28 - 02347384 ____A (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-29 21:24 - 2013-06-30 12:36 - 00000000 ____D C:\JRT
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:14 - 2013-06-29 21:15 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:14 - 2013-06-29 21:15 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:10 - 2013-06-29 21:11 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\***\Downloads\adwcleaner.exe
2013-06-29 20:14 - 2013-06-29 20:15 - 00028668 ____A C:\Users\***\Downloads\Addition.txt
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:08 - 2013-06-29 20:09 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\******\Downloads\gmer_2.1.19163.exe
2013-06-28 17:38 - 2013-07-01 17:49 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:49 - 2013-06-28 16:50 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:18 - 2013-05-28 15:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-28 14:14 - 2013-06-28 16:37 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 14:06 - 2013-06-28 14:24 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 14:06 - 2013-06-28 14:24 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-28 13:45 - 2013-07-01 17:18 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:08 - 2013-06-28 13:09 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:06 - 2013-06-28 13:07 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-26 13:45 - 2013-06-27 10:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:17 - 2013-06-22 12:19 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-15 15:36 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:36 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:36 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:36 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-15 15:36 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 15:36 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:36 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:36 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:36 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:36 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:36 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-15 15:36 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-15 15:36 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 01269248 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00174592 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 15:35 - 2013-04-24 04:10 - 01078272 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 15:35 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 15:35 - 2013-04-17 15:04 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 15:35 - 2013-04-17 14:30 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 15:34 - 2013-05-08 06:50 - 01423720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 15:33 - 2013-05-02 06:16 - 00686080 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export

==================== One Month Modified Files and Folders =======

2013-07-01 18:08 - 2013-07-01 18:08 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64 (2).exe
2013-07-01 18:07 - 2013-07-01 18:07 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2013-07-01 18:06 - 2010-02-21 15:34 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-01 18:05 - 2008-01-21 03:53 - 01888453 ____A C:\Windows\WindowsUpdate.log
2013-07-01 18:01 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.dat
2013-07-01 18:01 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.001
2013-07-01 18:00 - 2010-02-21 15:34 - 00001112 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-01 18:00 - 2006-11-02 17:40 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-01 18:00 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-01 18:00 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-01 17:49 - 2013-06-28 17:38 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-07-01 17:22 - 2013-07-01 17:22 - 00890988 ____A C:\Users\***\Downloads\SecurityCheck.exe
2013-07-01 17:18 - 2013-06-28 13:45 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-01 17:02 - 2008-01-21 12:47 - 01445546 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-01 17:02 - 2008-01-21 12:46 - 00628742 ____A C:\Windows\System32\perfh007.dat
2013-07-01 17:02 - 2008-01-21 12:46 - 00126486 ____A C:\Windows\System32\perfc007.dat
2013-07-01 10:41 - 2011-01-20 20:16 - 00000284 ____A C:\Windows\Brownie.ini
2013-07-01 10:28 - 2013-07-01 10:28 - 02347384 ____A (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-06-30 13:11 - 2006-11-02 17:40 - 00032534 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-30 12:36 - 2013-06-29 21:24 - 00000000 ____D C:\JRT
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:15 - 2013-06-29 21:14 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:15 - 2013-06-29 21:14 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:11 - 2013-06-29 21:10 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\***\Downloads\adwcleaner.exe
2013-06-29 20:15 - 2013-06-29 20:14 - 00028668 ____A C:\Users\***\Downloads\Addition.txt
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:09 - 2013-06-29 20:08 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-29 17:18 - 2009-01-30 14:20 - 00000000 ____D C:\Users\***\AppData\Roaming\UseNeXT
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 18:04 - 2011-01-24 22:37 - 00000000 ____D C:\Windows\Minidump
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:40 - 2012-04-27 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:50 - 2013-06-28 16:49 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:49 - 2009-01-30 11:41 - 00000000 ____D C:\users\***
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:37 - 2013-06-28 14:14 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:24 - 2013-06-28 14:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-28 14:24 - 2013-06-28 14:06 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-28 14:24 - 2009-01-30 17:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-06-28 14:23 - 2013-04-12 14:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:14 - 2009-01-30 13:30 - 00000000 ____D C:\ProgramData\G DATA
2013-06-28 14:13 - 2009-01-30 13:30 - 00000000 ____D C:\Program Files (x86)\G DATA
2013-06-28 14:07 - 2009-01-30 21:25 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:12 - 2012-02-21 11:12 - 00354694 ____A C:\Windows\PFRO.log
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\setup
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\com
2013-06-28 13:09 - 2013-06-28 13:08 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:07 - 2013-06-28 13:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\******\Downloads\QuickTimeInstaller.exe
2013-06-28 11:38 - 2009-01-30 17:28 - 00000000 ____D C:\ProgramData\Adobe
2013-06-28 11:06 - 2009-01-30 13:29 - 00000000 ____D C:\Users\***\AppData\Local\Downloaded Installations
2013-06-28 10:45 - 2012-07-14 10:27 - 01121048 ____A C:\Windows\SysWOW64\sig.bin
2013-06-28 10:45 - 2012-07-14 10:27 - 00056377 ____A C:\Windows\SysWOW64\nmp.map
2013-06-27 11:43 - 2010-04-05 14:41 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2013-06-27 10:24 - 2013-06-26 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 13:55 - 2012-06-15 10:12 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-24 13:55 - 2010-05-18 15:59 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 20:08 - 2009-01-30 14:23 - 00248320 ____A C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:19 - 2013-06-22 12:17 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:19 - 2010-04-26 10:18 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-06-22 12:07 - 2010-11-07 12:51 - 00000830 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-22 12:07 - 2009-01-30 21:56 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\******\Downloads\ccsetup402.exe
2013-06-15 16:59 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2013-06-15 15:44 - 2006-11-02 14:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export
2013-06-03 11:36 - 2013-05-13 15:38 - 00001888 ____A C:\Users\***\Desktop\eBay-Sidebar für Firefox.lnk

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-01 18:07

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Besten Dank für deine Hilfe..
Gruß Frank


Alt 01.07.2013, 19:18   #6
schrauber
/// the machine
/// TB-Ausbilder
 

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Adobe Reader updaten. Was genau ist Dein Problem mit Flash? Evtl Screenshot machen.

Das angemeckerte Backup würd ich löschen. Windows.old kannste so löschen:
Wie kann ich den Ordner "Windows.old" entfernen?

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Firefox komplett deinstallieren, keine Daten behalten, neu installiern .
__________________
--> c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..

Alt 02.07.2013, 10:27   #7
Fränky
 
c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Moin Moin lieber Schrauber,
hab ja soweit nun alles fertig, Windows.old ist weg und den TFC hab ich auch drüber geschickt.

Du schreibst Firefox komplett deinstallieren und KEINE Daten aufheben.
Auch nicht die Lesezeichen? Kann ich die mit MozBackup sichern und später wieder Installieren?

Zum Flashplayer.. Ich kann ihn nicht updaten. nach 50% zeigt er mir immer an das dieser gerade verwendet wird. Dazu bekomme ich immer die Fehlermeldung vom Adobe Flash Player Update Service 11.6 r602 wurde beendet oder geschlossen.

Gruß
Fränky

Alt 02.07.2013, 10:55   #8
schrauber
/// the machine
/// TB-Ausbilder
 

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Flash komplett deinstallieren mit Revo Uninstaller
www.roveuninstaller.com

Der sucht auch nach Resten und entfernt diese. Dann aktuelle Version neu installieren.

Firefox kannste Lesezeichen exportieren, sonst nichts.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.07.2013, 12:11   #9
Fränky
 
c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Ahhh jetzt ja.. Flash update hat geklappt.. fehlermeldung vom Update kommt immer noch örgs

haste zwar nichts gesagt.. hier aber noma ne FRST



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-06-2013 03
Ran by *** (administrator) on 02-07-2013 12:57:05
Running from C:\Users\***\Downloads
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTHELPER.EXE
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Farbar) c:\Users\***\Downloads\FRST64 (2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe [333344 2008-08-18] (NVIDIA Corporation)
HKLM\...\Run: [Ocs_SM] C:\Users\******\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-08-21] (OCS)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {0cfbd161-c443-11e2-b955-00044b057f31} - H:\AutoRun.exe
MountPoints2: {12105fc9-2fd4-11e0-92fc-001e101f1ed9} - E:\AutoRun.exe
MountPoints2: {12105fe4-2fd4-11e0-92fc-001e101f1f81} - E:\AutoRun.exe
MountPoints2: {1654cdad-3e5a-11e0-86fc-00044b057f31} - E:\AutoRun.exe
MountPoints2: {2882cb2b-24ac-11e0-94bc-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {437cff72-05e4-11e0-8578-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {5abc1e6a-577d-11de-981d-00044b057f31} - I:\InstallTomTomHOME.exe
MountPoints2: {753df3d3-f663-11df-b7a2-00ff01000001} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.garmin.com/agent
MountPoints2: {9f607269-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {9f607285-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {f34f4dc1-3486-11e0-a498-001e101faa49} - I:\AutoRun.exe
MountPoints2: {f34f4dcc-3486-11e0-a498-001e101faa49} - E:\AutoRun.exe
MountPoints2: {f34f4dcd-3486-11e0-a498-001e101faa49} - F:\AutoRun.exe
MountPoints2: {f78eecd0-b92a-11e0-8d57-00044b057f31} - F:\Startme.exe
HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [19456 2007-02-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [24576 2010-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [976832 2009-12-17] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] "C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe" [1444304 2013-03-22] (G Data Software AG)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
AppInit_DLLs-x32:   [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\aquasuite.lnk
ShortcutTarget: aquasuite.lnk -> C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe (Aqua Computer GmbH & Co. KG)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ieaddons.com/de/other/
SearchScopes: HKCU - {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = hxxp://searchservice.myspace.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368736572766963652E6D7973706163652E636F6D2F696E6465782E63666D3F66757365616374696F6E3D736974657365617263682E726573756C7473267172793D7B7365617263685465726D737D26747970653D576562266F7269673D494D432D49454453&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {0DB415EF-752B-4EB1-B8CF-CD7E4930C208} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2226124D-999D-451B-BDAC-58173FE7DA6A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2DCAE223-E70E-45FE-9887-1C6BE0123DF6} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5D042F87-5F7A-4349-BAB0-6D3754738FAD} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {81F0ACD6-CC2B-4066-B81B-891B97A41EB1} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D38323733313626703D7B7365617263685465726D737D&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {8D734B18-8E9A-4718-887D-4F13E61A7AAF} URL = hxxp://dict.leo.org.anonymize-me.de/?anonymto=687474703A2F2F646963742E6C656F2E6F72672F656E64653F6C703D656E6465266C616E673D6465267365617263684C6F633D3026636D70547970653D72656C6178656426736563744864723D6F6E267370656C6C546F6C65723D6F6E266368696E6573653D626F74682670696E79696E3D646961637269746963267365617263683D7B7365617263685465726D737D2672656C696E6B3D6F6E&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {9A20C20B-7C42-48C1-9DEE-AF0F75FBBE65} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C6CC1D3B-C988-49BA-85E7-D9E6B0BABBA8} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Users\*********\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\sparpilot@sparpilot.com

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43624 2012-08-14] (ArcSoft, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2555360 2013-06-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [204304 2012-03-25] (Nitro PDF Software)
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2010-03-21] ()

==================== Drivers (Whitelisted) ====================

S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [157496 2007-02-13] (Creative Technology Ltd)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700216 2007-02-13] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219448 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321848 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190264 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363320 2007-02-13] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142136 2007-02-13] (Creative Technology Ltd)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681272 2007-02-13] (Creative Technology Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [24536 2009-09-01] (Turtle Entertainment GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-06-28] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-06-28] (G Data Software AG)
S3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62808 2013-06-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-06-28] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-06-28] (G Data Software AG)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [166944 2008-08-18] (NVIDIA Corporation)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 cpuz130; \??\C:\Users\HEADCR~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 CT20XUT.DLL; system32\CT20XUT.DLL [x]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [x]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 12:54 - 2013-07-02 12:54 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-02 12:54 - 2013-07-02 12:54 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-02 12:29 - 2013-07-02 11:48 - 00001277 ____A C:\Users\***\Documents\indexfile.txt
2013-07-02 12:27 - 2013-07-02 12:27 - 00000862 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 12:27 - 2013-07-02 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 12:04 - 2013-07-02 12:04 - 00001073 ____A C:\Users\***\Desktop\Revo Uninstaller.lnk
2013-07-02 12:04 - 2013-07-02 12:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-02 12:03 - 2013-07-02 12:03 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\***\Downloads\revosetup194.exe
2013-07-02 11:49 - 2013-07-02 11:49 - 21703480 ____A (Mozilla) C:\Users\***\Downloads\Firefox Setup 22.0.exe
2013-07-02 11:09 - 2013-07-02 11:09 - 00448512 ____A (OldTimer Tools) C:\Users\***\Downloads\TFC.exe
2013-07-01 20:40 - 2013-07-01 20:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-01 18:08 - 2013-07-01 18:08 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64 (2).exe
2013-07-01 18:07 - 2013-07-01 18:07 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2013-07-01 17:22 - 2013-07-01 17:22 - 00890988 ____A C:\Users\***\Downloads\SecurityCheck.exe
2013-07-01 10:28 - 2013-07-01 10:28 - 02347384 ____A (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-29 21:24 - 2013-06-30 12:36 - 00000000 ____D C:\JRT
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:14 - 2013-06-29 21:15 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:14 - 2013-06-29 21:15 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:10 - 2013-06-29 21:11 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\***\Downloads\adwcleaner.exe
2013-06-29 20:14 - 2013-06-29 20:15 - 00028668 ____A C:\Users\***\Downloads\Addition.txt
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:08 - 2013-06-29 20:09 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:38 - 2013-07-01 18:23 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:49 - 2013-06-28 16:50 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:18 - 2013-05-28 15:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-28 14:14 - 2013-06-28 16:37 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 13:45 - 2013-07-02 12:54 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:08 - 2013-06-28 13:09 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:06 - 2013-06-28 13:07 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-26 13:45 - 2013-06-27 10:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:17 - 2013-06-22 12:19 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-15 15:36 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:36 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:36 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:36 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-15 15:36 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 15:36 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:36 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:36 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:36 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:36 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:36 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-15 15:36 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-15 15:36 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 01269248 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00174592 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 15:35 - 2013-04-24 04:10 - 01078272 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 15:35 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 15:35 - 2013-04-17 15:04 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 15:35 - 2013-04-17 14:30 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 15:34 - 2013-05-08 06:50 - 01423720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 15:33 - 2013-05-02 06:16 - 00686080 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export

==================== One Month Modified Files and Folders =======

2013-07-02 12:54 - 2013-07-02 12:54 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-02 12:54 - 2013-07-02 12:54 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-02 12:54 - 2013-06-28 13:45 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 12:53 - 2009-01-30 17:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-07-02 12:44 - 2008-01-21 03:53 - 01958669 ____A C:\Windows\WindowsUpdate.log
2013-07-02 12:40 - 2012-02-21 11:12 - 00356856 ____A C:\Windows\PFRO.log
2013-07-02 12:40 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.dat
2013-07-02 12:40 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.001
2013-07-02 12:40 - 2010-02-21 15:34 - 00001112 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-02 12:40 - 2006-11-02 17:40 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-02 12:40 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:40 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:27 - 2013-07-02 12:27 - 00000862 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 12:27 - 2013-07-02 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 12:27 - 2012-04-27 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 12:27 - 2009-01-30 14:12 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-02 12:25 - 2009-09-04 23:05 - 00000000 ____D C:\Users\***\AppData\Roaming\HLSW
2013-07-02 12:18 - 2009-02-01 20:52 - 00000000 ____D C:\Users\***\Documents\My Games
2013-07-02 12:16 - 2009-01-30 16:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-02 12:06 - 2010-02-21 15:34 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-02 12:04 - 2013-07-02 12:04 - 00001073 ____A C:\Users\***\Desktop\Revo Uninstaller.lnk
2013-07-02 12:04 - 2013-07-02 12:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-02 12:03 - 2013-07-02 12:03 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\***\Downloads\revosetup194.exe
2013-07-02 11:49 - 2013-07-02 11:49 - 21703480 ____A (Mozilla) C:\Users\***\Downloads\Firefox Setup 22.0.exe
2013-07-02 11:48 - 2013-07-02 12:29 - 00001277 ____A C:\Users\***\Documents\indexfile.txt
2013-07-02 11:13 - 2006-11-02 17:40 - 00032534 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-02 11:09 - 2013-07-02 11:09 - 00448512 ____A (OldTimer Tools) C:\Users\***\Downloads\TFC.exe
2013-07-01 20:40 - 2013-07-01 20:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-01 18:23 - 2013-06-28 17:38 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-07-01 18:08 - 2013-07-01 18:08 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64 (2).exe
2013-07-01 18:07 - 2013-07-01 18:07 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2013-07-01 17:22 - 2013-07-01 17:22 - 00890988 ____A C:\Users\***\Downloads\SecurityCheck.exe
2013-07-01 17:02 - 2008-01-21 12:47 - 01445546 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-01 17:02 - 2008-01-21 12:46 - 00628742 ____A C:\Windows\System32\perfh007.dat
2013-07-01 17:02 - 2008-01-21 12:46 - 00126486 ____A C:\Windows\System32\perfc007.dat
2013-07-01 10:41 - 2011-01-20 20:16 - 00000284 ____A C:\Windows\Brownie.ini
2013-07-01 10:28 - 2013-07-01 10:28 - 02347384 ____A (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-30 12:36 - 2013-06-29 21:24 - 00000000 ____D C:\JRT
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:15 - 2013-06-29 21:14 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:15 - 2013-06-29 21:14 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:11 - 2013-06-29 21:10 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\***\Downloads\adwcleaner.exe
2013-06-29 20:15 - 2013-06-29 20:14 - 00028668 ____A C:\Users\***\Downloads\Addition.txt
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:09 - 2013-06-29 20:08 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-29 17:18 - 2009-01-30 14:20 - 00000000 ____D C:\Users\***\AppData\Roaming\UseNeXT
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 18:04 - 2011-01-24 22:37 - 00000000 ____D C:\Windows\Minidump
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:50 - 2013-06-28 16:49 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:49 - 2009-01-30 11:41 - 00000000 ____D C:\users\***
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:37 - 2013-06-28 14:14 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:14 - 2009-01-30 13:30 - 00000000 ____D C:\ProgramData\G DATA
2013-06-28 14:13 - 2009-01-30 13:30 - 00000000 ____D C:\Program Files (x86)\G DATA
2013-06-28 14:07 - 2009-01-30 21:25 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\setup
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\com
2013-06-28 13:09 - 2013-06-28 13:08 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:07 - 2013-06-28 13:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-28 11:38 - 2009-01-30 17:28 - 00000000 ____D C:\ProgramData\Adobe
2013-06-28 11:06 - 2009-01-30 13:29 - 00000000 ____D C:\Users\***\AppData\Local\Downloaded Installations
2013-06-28 10:45 - 2012-07-14 10:27 - 01121048 ____A C:\Windows\SysWOW64\sig.bin
2013-06-28 10:45 - 2012-07-14 10:27 - 00056377 ____A C:\Windows\SysWOW64\nmp.map
2013-06-27 11:43 - 2010-04-05 14:41 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2013-06-27 10:24 - 2013-06-26 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 13:55 - 2012-06-15 10:12 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-24 13:55 - 2010-05-18 15:59 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 20:08 - 2009-01-30 14:23 - 00248320 ____A C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:19 - 2013-06-22 12:17 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:19 - 2010-04-26 10:18 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-06-22 12:07 - 2010-11-07 12:51 - 00000830 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-22 12:07 - 2009-01-30 21:56 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-15 16:59 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2013-06-15 15:44 - 2006-11-02 14:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export
2013-06-03 11:36 - 2013-05-13 15:38 - 00001888 ____A C:\Users\***\Desktop\eBay-Sidebar für Firefox.lnk

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-02 12:46

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---



Vielen vielen Dank.. vor allem weil es so schnell und kompetent ging!

LG Frank

Geändert von Fränky (02.07.2013 um 12:22 Uhr) Grund: war zu schnell ^^

Alt 02.07.2013, 13:34   #10
schrauber
/// the machine
/// TB-Ausbilder
 

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Zitat:
fehlermeldung vom Update kommt immer noch örgs
Bitte mal nen Screenshot.

Sonst noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.07.2013, 19:22   #11
Fränky
 
c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Screen ist im Anhang.
Sonst funktioniert alles wieder
Miniaturansicht angehängter Grafiken
-screener.jpg  

Alt 03.07.2013, 07:19   #12
schrauber
/// the machine
/// TB-Ausbilder
 

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Bitte mal FRST öffnen, Haken setzen bei Additional und scannen, beide Logfiles posten
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.07.2013, 11:02   #13
Fränky
 
c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



So hier die FRST Logs


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-06-2013 03
Ran by *** (administrator) on 03-07-2013 10:48:50
Running from C:\Users\***\Downloads
Windows Vista (TM) Ultimate Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Aqua Computer GmbH & Co. KG) C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTHELPER.EXE
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\AntiVirus\AVKTray\AVKTray.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe CS3\Adobe Photoshop CS3\Photoshop.exe
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Farbar) C:\Users\***\Downloads\FRST64(1).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
HKLM\...\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe [333344 2008-08-18] (NVIDIA Corporation)
HKLM\...\Run: [Ocs_SM] C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-08-21] (OCS)
HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1555968 2009-04-11] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe [x]
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
MountPoints2: {0cfbd161-c443-11e2-b955-00044b057f31} - H:\AutoRun.exe
MountPoints2: {12105fc9-2fd4-11e0-92fc-001e101f1ed9} - E:\AutoRun.exe
MountPoints2: {12105fe4-2fd4-11e0-92fc-001e101f1f81} - E:\AutoRun.exe
MountPoints2: {1654cdad-3e5a-11e0-86fc-00044b057f31} - E:\AutoRun.exe
MountPoints2: {2882cb2b-24ac-11e0-94bc-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {437cff72-05e4-11e0-8578-00ff01000001} - E:\setup_vmc_lite.exe /checkApplicationPresence
MountPoints2: {5abc1e6a-577d-11de-981d-00044b057f31} - I:\InstallTomTomHOME.exe
MountPoints2: {753df3d3-f663-11df-b7a2-00ff01000001} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL hxxp://www.garmin.com/agent
MountPoints2: {9f607269-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {9f607285-2b30-11e0-8981-00ff01000001} - E:\AutoRun.exe
MountPoints2: {f34f4dc1-3486-11e0-a498-001e101faa49} - I:\AutoRun.exe
MountPoints2: {f34f4dcc-3486-11e0-a498-001e101faa49} - E:\AutoRun.exe
MountPoints2: {f34f4dcd-3486-11e0-a498-001e101faa49} - F:\AutoRun.exe
MountPoints2: {f78eecd0-b92a-11e0-8d57-00044b057f31} - F:\Startme.exe
HKLM-x32\...\Run: [CTHelper] CTHELPER.EXE [19456 2007-02-12] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [24576 2010-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" [976832 2009-12-17] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [G Data AntiVirus Tray] "C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe" [1444304 2013-03-22] (G Data Software AG)
HKU\Default\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter [2438656 2009-04-11] (Microsoft Corporation)
AppInit_DLLs-x32:   [0 ] ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\aquasuite.lnk
ShortcutTarget: aquasuite.lnk -> C:\Program Files (x86)\Aqua Computer\aquasuite\aquasuite.exe (Aqua Computer GmbH & Co. KG)
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
SSODL-x32: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.ieaddons.com/de/other/
SearchScopes: HKCU - {080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC} URL = hxxp://searchservice.myspace.com.anonymize-me.de/?anonymto=687474703A2F2F736561726368736572766963652E6D7973706163652E636F6D2F696E6465782E63666D3F66757365616374696F6E3D736974657365617263682E726573756C7473267172793D7B7365617263685465726D737D26747970653D576562266F7269673D494D432D49454453&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {0DB415EF-752B-4EB1-B8CF-CD7E4930C208} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2226124D-999D-451B-BDAC-58173FE7DA6A} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {2DCAE223-E70E-45FE-9887-1C6BE0123DF6} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {5D042F87-5F7A-4349-BAB0-6D3754738FAD} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {81F0ACD6-CC2B-4066-B81B-891B97A41EB1} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D38323733313626703D7B7365617263685465726D737D&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {8D734B18-8E9A-4718-887D-4F13E61A7AAF} URL = hxxp://dict.leo.org.anonymize-me.de/?anonymto=687474703A2F2F646963742E6C656F2E6F72672F656E64653F6C703D656E6465266C616E673D6465267365617263684C6F633D3026636D70547970653D72656C6178656426736563744864723D6F6E267370656C6C546F6C65723D6F6E266368696E6573653D626F74682670696E79696E3D646961637269746963267365617263683D7B7365617263685465726D737D2672656C696E6B3D6F6E&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&k=0
SearchScopes: HKCU - {9A20C20B-7C42-48C1-9DEE-AF0F75FBBE65} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
SearchScopes: HKCU - {C6CC1D3B-C988-49BA-85E7-D9E6B0BABBA8} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=d38da4e9-5c11-46e0-ac21-b19a6b18966b&pid=freewarede&mode=bounce&k=0
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: CmjBrowserHelperObject Object - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files (x86)\Mindjet\MindManager 10\Mm8InternetExplorer.dll (Mindjet)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL [2210608 2006-10-27] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: No Name - C:\Users\******\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
FF Extension: Deutsches Wörterbuch, klassisch und reformiert - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\alterechtschreibung@gmail.com
FF Extension: Garmin Communicator - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
FF Extension: ColorZilla - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
FF Extension: WOT - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: Open With Photoshop - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{f3f219f9-cbce-467e-b8fe-6e076d29665c}
FF Extension: jid1-u9RbFp9JcoEGGw - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi
FF Extension: newtaburl - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\newtaburl@sogame.cat.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{8B8A525A-CFCA-44cf-81C3-3969E6CB96E0}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{cd617372-6743-4ee4-bac4-fbf60f35719e}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}.xpi
FF Extension: No Name - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\o1tvoczg.default\Extensions\{fd2f951f-77ea-4938-9493-0c892c027a13}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKCU\...\Firefox\Extensions: [sparpilot@sparpilot.com] C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\fkuaerb5.default\extensions\sparpilot@sparpilot.com

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43624 2012-08-14] (ArcSoft, Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2555360 2013-06-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [204304 2012-03-25] (Nitro PDF Software)
R2 NMSAccessU; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75064 2010-03-21] ()

==================== Drivers (Whitelisted) ====================

S3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [157496 2007-02-13] (Creative Technology Ltd)
S3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700216 2007-02-13] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219448 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321848 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190264 2007-02-13] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363320 2007-02-13] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142136 2007-02-13] (Creative Technology Ltd)
S3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681272 2007-02-13] (Creative Technology Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-09-17] (EnTech Taiwan)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [24536 2009-09-01] (Turtle Entertainment GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-06-28] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-06-28] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62808 2013-06-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-06-28] (G Data Software AG)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-06-28] (G Data Software AG)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 hotcore3; C:\Windows\SysWow64\drivers\hotcore3.sys [36368 2008-02-15] (Paragon Software Group)
R0 nvrd64; C:\Windows\System32\DRIVERS\nvrd64.sys [166944 2008-08-18] (NVIDIA Corporation)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 TVICHW64; C:\Windows\SysWOW64\Drivers\TVICHW64.SYS [21200 2009-02-03] (EnTech Taiwan)
S3 cpuz130; \??\C:\Users\HEADCR~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
S3 CT20XUT.DLL; system32\CT20XUT.DLL [x]
S3 CTEXFIFX.DLL; system32\CTEXFIFX.DLL [x]
S3 CTHWIUT.DLL; system32\CTHWIUT.DLL [x]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 14:42 - 2013-07-02 14:42 - 02347384 ____A (ESET) C:\Users\***\Desktop\esetsmartinstaller_enu.exe
2013-07-02 12:54 - 2013-07-02 12:54 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-02 12:54 - 2013-07-02 12:54 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-02 12:29 - 2013-07-02 11:48 - 00001277 ____A C:\Users\***\Documents\indexfile.txt
2013-07-02 12:27 - 2013-07-02 12:27 - 00000862 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 12:27 - 2013-07-02 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 12:04 - 2013-07-02 12:04 - 00001073 ____A C:\Users\***\Desktop\Revo Uninstaller.lnk
2013-07-02 12:04 - 2013-07-02 12:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-02 12:03 - 2013-07-02 12:03 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\***\Downloads\revosetup194.exe
2013-07-02 11:49 - 2013-07-02 11:49 - 21703480 ____A (Mozilla) C:\Users\***\Downloads\Firefox Setup 22.0.exe
2013-07-02 11:09 - 2013-07-02 11:09 - 00448512 ____A (OldTimer Tools) C:\Users\***\Downloads\TFC.exe
2013-07-01 20:40 - 2013-07-01 20:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-01 18:08 - 2013-07-01 18:08 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64 (2).exe
2013-07-01 18:07 - 2013-07-01 18:07 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2013-07-01 17:22 - 2013-07-01 17:22 - 00890988 ____A C:\Users\***\Downloads\SecurityCheck.exe
2013-07-01 10:28 - 2013-07-01 10:28 - 02347384 ____A (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-29 21:24 - 2013-06-30 12:36 - 00000000 ____D C:\JRT
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:14 - 2013-06-29 21:15 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:14 - 2013-06-29 21:15 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:10 - 2013-06-29 21:11 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\***\Downloads\adwcleaner.exe
2013-06-29 20:14 - 2013-06-29 20:15 - 00028668 ____A C:\Users\***\Downloads\Addition.txt
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:08 - 2013-06-29 20:09 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:38 - 2013-07-02 20:19 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:49 - 2013-06-28 16:50 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:18 - 2013-05-28 15:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-28 14:14 - 2013-06-28 16:37 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 14:14 - 2013-06-28 16:37 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 13:45 - 2013-07-02 21:18 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\*********\Downloads\uninstall_flash_player.exe
2013-06-28 13:08 - 2013-06-28 13:09 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:06 - 2013-06-28 13:07 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-26 13:45 - 2013-06-27 10:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:56 - 2013-06-24 13:55 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:17 - 2013-06-22 12:19 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-15 15:36 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 15:36 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 15:36 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-15 15:36 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 15:36 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-15 15:36 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-15 15:36 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-15 15:36 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 15:36 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 15:36 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 15:36 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 15:36 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-15 15:36 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 15:36 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-15 15:36 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-15 15:36 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-15 15:36 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-15 15:36 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-15 15:36 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 15:36 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-15 15:36 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 15:36 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 01269248 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00174592 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00132096 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:09 - 00050688 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00985600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-15 15:35 - 2013-04-24 06:00 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-15 15:35 - 2013-04-24 04:10 - 01078272 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-15 15:35 - 2013-04-24 03:46 - 00812544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-15 15:35 - 2013-04-17 15:04 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-15 15:35 - 2013-04-17 14:30 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-15 15:34 - 2013-05-08 06:50 - 01423720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-15 15:33 - 2013-05-02 06:16 - 00686080 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:04 - 00443904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-15 15:33 - 2013-05-02 06:03 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export

==================== One Month Modified Files and Folders =======

2013-07-03 10:44 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.dat
2013-07-03 10:44 - 2010-03-23 23:08 - 00062269 ____A C:\ProgramData\nvModes.001
2013-07-03 10:44 - 2010-02-21 15:34 - 00001112 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-03 10:43 - 2008-01-21 03:53 - 01996135 ____A C:\Windows\WindowsUpdate.log
2013-07-03 10:39 - 2006-11-02 17:40 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-03 10:39 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-03 10:39 - 2006-11-02 17:21 - 00003712 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 22:09 - 2011-01-20 20:16 - 00000284 ____A C:\Windows\Brownie.ini
2013-07-02 22:09 - 2006-11-02 17:40 - 00032534 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-02 22:06 - 2010-02-21 15:34 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-02 21:18 - 2013-06-28 13:45 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-02 20:19 - 2013-06-28 17:38 - 00000000 ____D C:\Users\***\Documents\Trajadaten
2013-07-02 14:42 - 2013-07-02 14:42 - 02347384 ____A (ESET) C:\Users\***\Desktop\esetsmartinstaller_enu.exe
2013-07-02 13:01 - 2010-09-29 21:39 - 00000000 ____D C:\Users\***\Documents\4A Games
2013-07-02 12:54 - 2013-07-02 12:54 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-02 12:54 - 2013-07-02 12:54 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-02 12:54 - 2009-01-30 17:33 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2013-07-02 12:40 - 2012-02-21 11:12 - 00356856 ____A C:\Windows\PFRO.log
2013-07-02 12:27 - 2013-07-02 12:27 - 00000862 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-07-02 12:27 - 2013-07-02 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 12:27 - 2012-04-27 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 12:27 - 2009-01-30 14:12 - 00000000 ____D C:\Users\***\AppData\Roaming\Mozilla
2013-07-02 12:25 - 2009-09-04 23:05 - 00000000 ____D C:\Users\***\AppData\Roaming\HLSW
2013-07-02 12:18 - 2009-02-01 20:52 - 00000000 ____D C:\Users\***\Documents\My Games
2013-07-02 12:16 - 2009-01-30 16:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-02 12:04 - 2013-07-02 12:04 - 00001073 ____A C:\Users\***\Desktop\Revo Uninstaller.lnk
2013-07-02 12:04 - 2013-07-02 12:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-07-02 12:03 - 2013-07-02 12:03 - 02617648 ____A (VS Revo Group Ltd.) C:\Users\***\Downloads\revosetup194.exe
2013-07-02 11:49 - 2013-07-02 11:49 - 21703480 ____A (Mozilla) C:\Users\***\Downloads\Firefox Setup 22.0.exe
2013-07-02 11:48 - 2013-07-02 12:29 - 00001277 ____A C:\Users\***\Documents\indexfile.txt
2013-07-02 11:09 - 2013-07-02 11:09 - 00448512 ____A (OldTimer Tools) C:\Users\***\Downloads\TFC.exe
2013-07-01 20:40 - 2013-07-01 20:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-01 18:08 - 2013-07-01 18:08 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64 (2).exe
2013-07-01 18:07 - 2013-07-01 18:07 - 01933758 ____A (Farbar) C:\Users\***\Downloads\FRST64(1).exe
2013-07-01 17:22 - 2013-07-01 17:22 - 00890988 ____A C:\Users\***\Downloads\SecurityCheck.exe
2013-07-01 17:02 - 2008-01-21 12:47 - 01445546 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-01 17:02 - 2008-01-21 12:46 - 00628742 ____A C:\Windows\System32\perfh007.dat
2013-07-01 17:02 - 2008-01-21 12:46 - 00126486 ____A C:\Windows\System32\perfc007.dat
2013-07-01 10:28 - 2013-07-01 10:28 - 02347384 ____A (ESET) C:\Users\***\Downloads\esetsmartinstaller_enu.exe
2013-06-30 12:40 - 2013-06-30 12:40 - 00002637 ____A C:\Users\***\Desktop\JRT.txt
2013-06-30 12:36 - 2013-06-29 21:24 - 00000000 ____D C:\JRT
2013-06-29 21:24 - 2013-06-29 21:24 - 00000000 ____D C:\Windows\ERUNT
2013-06-29 21:22 - 2013-06-29 21:22 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\***\Downloads\JRT.exe
2013-06-29 21:15 - 2013-06-29 21:14 - 00032976 ____A C:\AdwCleaner[S1].txt
2013-06-29 21:15 - 2013-06-29 21:14 - 00002303 ____A C:\Windows\DeleteOnReboot.bat
2013-06-29 21:14 - 2013-06-29 21:14 - 00040326 ____A C:\AdwCleaner[R2].txt
2013-06-29 21:11 - 2013-06-29 21:10 - 00040265 ____A C:\AdwCleaner[R1].txt
2013-06-29 20:58 - 2013-06-29 20:58 - 00648201 ____A C:\Users\***\Downloads\adwcleaner.exe
2013-06-29 20:15 - 2013-06-29 20:14 - 00028668 ____A C:\Users\***\Downloads\Addition.txt
2013-06-29 20:09 - 2013-06-29 20:09 - 00000000 ____D C:\FRST
2013-06-29 20:09 - 2013-06-29 20:08 - 01933592 ____A (Farbar) C:\Users\***\Downloads\FRST64.exe
2013-06-29 17:18 - 2009-01-30 14:20 - 00000000 ____D C:\Users\***\AppData\Roaming\UseNeXT
2013-06-28 18:04 - 2013-06-28 18:04 - 662496911 ____A C:\Windows\MEMORY.DMP
2013-06-28 18:04 - 2013-06-28 18:04 - 00290328 ____A C:\Windows\Minidump\Mini062813-01.dmp
2013-06-28 18:04 - 2011-01-24 22:37 - 00000000 ____D C:\Windows\Minidump
2013-06-28 17:45 - 2013-06-28 17:45 - 00377856 ____A C:\Users\***\Downloads\gmer_2.1.19163.exe
2013-06-28 17:24 - 2013-06-28 17:24 - 00096004 ____A C:\Users\***\Downloads\Extras.Txt
2013-06-28 17:21 - 2013-06-28 17:21 - 00151866 ____A C:\Users\***\Downloads\OTL.Txt
2013-06-28 16:50 - 2013-06-28 16:50 - 00602112 ____A (OldTimer Tools) C:\Users\***\Downloads\OTL.exe
2013-06-28 16:50 - 2013-06-28 16:49 - 00000480 ____A C:\Users\***\Downloads\defogger_disable.log
2013-06-28 16:49 - 2013-06-28 16:49 - 00000000 ____A C:\Users\***\defogger_reenable
2013-06-28 16:49 - 2009-01-30 11:41 - 00000000 ____D C:\users\***
2013-06-28 16:48 - 2013-06-28 16:48 - 00050477 ____A C:\Users\***\Downloads\Defogger.exe
2013-06-28 16:37 - 2013-06-28 14:14 - 00130392 ____A (G Data Software AG) C:\Windows\System32\Drivers\MiniIcpt.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00065368 ____A (G Data Software AG) C:\Windows\System32\Drivers\HookCentre.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00064856 ____A (G Data Software AG) C:\Windows\System32\Drivers\gdwfpcd64.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00060248 ____A (G Data Software AG) C:\Windows\System32\Drivers\GDBehave.sys
2013-06-28 16:37 - 2013-06-28 14:14 - 00001806 ____A C:\Users\Public\Desktop\G Data AntiVirus 2014.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000822 ____A C:\Users\Public\Desktop\SmartPCFixer.lnk
2013-06-28 16:10 - 2013-06-28 16:10 - 00000000 ____D C:\Program Files\SmartPCFixer
2013-06-28 16:09 - 2013-06-28 16:09 - 04054000 ____A (LionSea Software                                            ) C:\Users\***\Downloads\setup(1).exe
2013-06-28 14:19 - 2013-06-28 14:19 - 00062808 ____A (G Data Software AG) C:\Windows\System32\Drivers\PktIcpt.sys
2013-06-28 14:14 - 2009-01-30 13:30 - 00000000 ____D C:\ProgramData\G DATA
2013-06-28 14:13 - 2009-01-30 13:30 - 00000000 ____D C:\Program Files (x86)\G DATA
2013-06-28 14:07 - 2009-01-30 21:25 - 00000000 ____D C:\Users\***\AppData\Roaming\Macromedia
2013-06-28 13:43 - 2013-06-28 13:43 - 17617288 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\install_flash_player_11_plugin.exe
2013-06-28 13:40 - 2013-06-28 13:40 - 00814472 ____A (Adobe Systems Incorporated) C:\Users\***\Downloads\uninstall_flash_player.exe
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\setup
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\MUI
2013-06-28 13:11 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\SysWOW64\com
2013-06-28 13:09 - 2013-06-28 13:08 - 341229472 ____A (G Data Software AG) C:\Users\***\Downloads\INT_R_FUL_2014_AV.exe
2013-06-28 13:07 - 2013-06-28 13:06 - 00000000 ____D C:\Program Files (x86)\QuickTime
2013-06-28 13:06 - 2013-06-28 13:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2013-06-28 13:03 - 2013-06-28 13:03 - 41404760 ____A (Apple Inc.) C:\Users\***\Downloads\QuickTimeInstaller.exe
2013-06-28 11:38 - 2009-01-30 17:28 - 00000000 ____D C:\ProgramData\Adobe
2013-06-28 11:06 - 2009-01-30 13:29 - 00000000 ____D C:\Users\***\AppData\Local\Downloaded Installations
2013-06-28 10:45 - 2012-07-14 10:27 - 01121048 ____A C:\Windows\SysWOW64\sig.bin
2013-06-28 10:45 - 2012-07-14 10:27 - 00056377 ____A C:\Windows\SysWOW64\nmp.map
2013-06-27 11:43 - 2010-04-05 14:41 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2013-06-27 10:24 - 2013-06-26 13:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-24 19:08 - 2013-06-24 19:08 - 22937227 ____A C:\Users\***\Documents\vlc-2.0.7-win32.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-24 13:55 - 2013-06-24 13:56 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 13:55 - 2012-06-15 10:12 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-24 13:55 - 2010-05-18 15:59 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-24 10:43 - 2013-06-24 10:43 - 00144174 ____A C:\Users\***\Documents\cc_20130624_104342.reg
2013-06-22 20:08 - 2009-01-30 14:23 - 00248320 ____A C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-22 19:39 - 2013-06-22 19:39 - 00000000 ____D C:\Users\***\Documents\AdobeStockPhotos
2013-06-22 12:19 - 2013-06-22 12:17 - 07872648 ____A (Adobe Systems Inc.) C:\Users\***\Downloads\Shockwave_Installer_Slim(1).exe
2013-06-22 12:19 - 2010-04-26 10:18 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-06-22 12:07 - 2010-11-07 12:51 - 00000830 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-22 12:07 - 2009-01-30 21:56 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-06-22 12:05 - 2013-06-22 12:05 - 04378864 ____A (Piriform Ltd) C:\Users\***\Downloads\ccsetup402.exe
2013-06-15 16:59 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2013-06-15 15:44 - 2006-11-02 14:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-06-12 16:12 - 2013-06-12 16:12 - 00285746 ____A C:\Users\***\Downloads\FRITZ.Box 6360 Cable (um) 85.05.28_12.06.13_1612.export
2013-06-03 11:36 - 2013-05-13 15:38 - 00001888 ____A C:\Users\***\Desktop\eBay-Sidebar für Firefox.lnk

Files to move or delete:
====================
C:\ProgramData\nvModes.dat

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-03 10:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Hier die Addition

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-06-2013 03
Ran by *** at 2013-07-03 10:50:17
Running from C:\Users\***\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212)
Adobe Anchor Service CS3 (x32 Version: 1.0)
Adobe Asset Services CS3 (x32 Version: 3)
Adobe Bridge CS3 (x32 Version: 2)
Adobe Bridge Start Meeting (x32 Version: 1.0)
Adobe Camera Raw 4.0 (x32 Version: 4.0)
Adobe CMaps (x32 Version: 1.0)
Adobe Color - Photoshop Specific (x32 Version: 1.0)
Adobe Color Common Settings (x32 Version: 1.0)
Adobe Color EU Recommended Settings (x32 Version: 1.0)
Adobe Color JA Extra Settings (x32 Version: 1.0)
Adobe Color NA Extra Settings (x32 Version: 1.0)
Adobe Default Language CS3 (x32 Version: 1.0)
Adobe Device Central CS3 (x32 Version: 1.0)
Adobe ExtendScript Toolkit 2 (x32 Version: 2.0)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Fonts All (x32 Version: 1.0)
Adobe Help Viewer CS3 (x32 Version: 1)
Adobe Linguistics CS3 (x32 Version: 3.0.0)
Adobe PDF Library Files (x32 Version: 8.0)
Adobe Photoshop CS3 (x32 Version: 10)
Adobe Photoshop CS3 (x32 Version: 10.0)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Adobe Setup (x32 Version: 1.0)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Adobe Stock Photos CS3 (x32 Version: 1.5)
Adobe Type Support (x32 Version: 1.0)
Adobe Update Manager CS3 (x32 Version: 5.1.0)
Adobe Version Cue CS3 Client (x32 Version: 3)
Adobe WinSoft Linguistics Plugin (x32 Version: 1.0)
Adobe XMP Panels CS3 (x32 Version: 1.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (x32 Version: 2.1.3.127)
aquasuite (x32)
ArcSoft Portrait+ (x32 Version: 2.0.0.221)
ArcSoft Scan-n-Stitch Deluxe (x32 Version: 1.1.2.27)
Ashampoo Photo Commander 5 FREE (x32 Version: 5.4.1)
Avidemux 2.5 (32-bit) (x32 Version: 2.5.6.7716)
AVS Document Converter 2.0.1 (x32)
AVS Update Manager 1.0 (x32)
AVS4YOU Software Navigator 1.4 (x32)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)
Biet-O-Matic v2.10.1 (x32 Version: Biet-O-Matic v2.10.1)
Bonjour (Version: 3.0.0.10)
Brother HL-2035 (x32 Version: 1.00)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0)
Call of Duty(R) - World at War(TM) (x32 Version: 1.4.1)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1)
Call of Duty(R) - World at War(TM) 1.1 Patch (x32)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2)
Call of Duty(R) - World at War(TM) 1.2 Patch (x32)
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3)
Call of Duty(R) - World at War(TM) 1.3 Patch (x32)
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4)
Call of Duty(R) - World at War(TM) 1.4 Patch (x32)
Call of Duty(R) - World at War(TM) 1.4.1 Patch (x32 Version: 1.4.1)
Call of Duty(R) - World at War(TM) 1.4.1 Patch (x32)
Call of Duty: Modern Warfare 2 - Multiplayer (x32)
Call of Duty: Modern Warfare 2 (x32)
Canon Utilities Digital Photo Professional 3.6 (x32 Version: 3.6.0.0)
Canon Utilities EOS Utility (x32 Version: 2.6.0.0)
Canon Utilities WFT-E1/E2/E3/E4 Utility (x32 Version: 3.3.0.0)
CCleaner (Version: 4.02)
CDBurnerXP (x32 Version: 4.2.3.1110)
CDex extraction audio (x32)
ConvertHelper 2.2 (x32)
Creative 3DMIDI Player (x32 Version: 1.11)
Creative ALchemy (x32 Version: 1.41)
Creative Audio-Systemsteuerung (x32 Version: 3.00)
Creative Konsole Starter (x32 Version: 2.61)
Creative Media Toolbox 6 (Shared Components) (x32 Version: 2.80.12)
Creative Media Toolbox 6 (x32 Version: 6.00)
Creative MediaSource 5 (x32 Version: 5.00)
Creative Software AutoUpdate (x32 Version: 1.40)
Creative Sound Blaster Properties x64 Edition (x32 Version: 1.02)
Creative Systeminformationen (x32)
Creative WaveStudio 7 (x32 Version: 7.12)
Creative-Audiokonsole (x32)
Creative-Diagnose (x32 Version: 5.11)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (Version: 10.5.2.0)
Crystal Reports Basic Runtime German Language Pack for Visual Studio 2008 (x64) (Version: 10.5.0.0)
Day of Defeat: Source (x32)
DeskScapes (x32)
DHTML Editing Component (x32 Version: 6.02.0001)
Dolby Digital Live Pack (x32 Version: 3.00)
DriverAgent by TouchStone Software (x32)
Dropbox (HKCU Version: 1.4.7)
EAX4 Unified Redist (x32 Version: 4.001)
Epson Copy Utility 3.5 (x32 Version: 3.5.0.0)
Epson Event Manager (x32 Version: 2.40.0002)
EPSON Perfection V33/V330 Handbuch (x32)
EPSON Scan (x32)
ESET Online Scanner v3 (x32)
ESL Wire 1.0.1
Fallout 3 (HKCU Version: 1.00.0000)
FastFontPreview v3.0.2 FREEWARE (x32)
FileZilla Client 3.7.0.2 (HKCU Version: 3.7.0.2)
FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b)
Free Audio CD Burner version 1.2 (x32)
Free FLV Converter V 6.7.6 (x32 Version: 6.7.6.0)
Free Mp3 Wma Converter V 1.81 (x32)
Free Video to MP3 Converter version 3.2 (x32)
Free YouTube to MP3 Converter version 3.3 (x32)
G Data AntiVirus 2014 (x32 Version: 24.0.2.4)
Garmin Lifetime Updater (x32 Version: 2.1.7)
Garmin POI Loader (x32 Version: 2.5.4.0)
Garmin USB Drivers (x32 Version: 2.3.0.0)
Garmin WebUpdater (x32 Version: 2.4.2)
Google Earth (x32 Version: 7.0.3.8542)
Google Update Helper (x32 Version: 1.3.21.145)
Half-Life(R) 2 (x32 Version: 1.0.0.0)
ICQ6.5 (x32 Version: 6.5)
iTunes (Version: 10.6.3.25)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (x32 Version: 2.1.9.5)
JavaFX 2.1.1 (x32 Version: 2.1.1)
Killing Floor (x32)
K-Lite Codec Pack (64-bit) v2.6.0 (Version: 2.6.0)
K-Lite Codec Pack 4.5.3 (Full) (x32 Version: 4.5.3)
Lautstärkefenster (x32)
Lidl-Fotos (x32)
Logitech GamePanel Software 3.01 (Version: 3.01.180)
Logitech Harmony Remote Software 7 (x32 Version: 7.6.0.8)
Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0)
Logitech SetPoint 5.20 (Version: 5.20)
Macromedia Dreamweaver MX (x32 Version: 6.0)
Macromedia Extension Manager (x32 Version: 1.5)
Macromedia Fireworks MX (x32 Version: 6)
Macromedia Flash MX (x32 Version: 6)
Macromedia FreeHand 10 (x32 Version: 10)
Media Go (x32 Version: 1.1.245)
Metro 2033 (x32)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.4518.1014)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Silverlight (x32 Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Mindjet MindManager 2012 (x32 Version: 10.1.459)
Movavi Video Converter 8 (x32 Version: 8.02.002)
MozBackup 1.4.10 (x32)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
Mp3tag v2.46a (x32 Version: v2.46a)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
neroxml (x32 Version: 1.0.0)
Nitro Reader 2 (Version: 2.3.1.2)
NVIDIA Display Control Panel (Version: 6.14.11.9745)
NVIDIA Drivers (Version: 1.10.59.37)
NVIDIA PhysX (x32 Version: 9.10.0222)
OpenAL (x32)
PDF Settings (x32 Version: 1.0)
PDF To Excel Converter V2.0 (x32)
PDFCreator (x32 Version: 1.2.3)
pdfforge Toolbar v6.7 (x32 Version: 6.7)
pdfsam (x32 Version: 2.2.0)
PDF-XChange 3
Phase 5 HTML-Editor (x32 Version: 5.6.2.3)
PhotoScape (x32)
PlayStation(R)Network Downloader (x32 Version: 1.02.00005)
PlayStation(R)Store (x32 Version: 2.0.8.03595)
PowerPDF Professional (x32 Version: 2.0)
PunkBuster Services (x32 Version: 0.988)
PVSonyDll (Version: 1.00.0001)
QNAP QGet (x32)
QuickPar 0.9 (x32 Version: 0.9)
QuickTime (x32 Version: 7.74.80.86)
ratDVD 0.78.1444 (x32 Version: 0.78.1444)
Remote Control USB Driver (x32 Version: 2.3.2.317)
Reservierungsplaner - Zimmerplan - Software-Pitzer (x32 Version: 13.0)
Reservierungsplaner - Zimmerplan (x32 Version: 5.3)
ResiGo (x32 Version: 1.0.0)
ResiGo9 (x32 Version: 1.0.0)
Revo Uninstaller 1.94 (x32 Version: 1.94)
Skype™ 4.0 (x32 Version: 4.0.227)
SmartPCFixer 4.2 (Version: 4.2)
Sony Ericsson Update Engine (x32 Version: 2.12.4.17)
Sony PC Companion 2.10.030 (x32 Version: 2.10.030)
Sound Blaster X-Fi (x32 Version: 1.0)
SoundFont-Bank-Manager (x32)
Steam(TM) (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60)
TeamSpeak 3 Client
Tom Clancy's Splinter Cell Double Agent (x32 Version: 1.00.0000)
Ulead GIF Animator 5 Test (x32)
Ulead PhotoImpact X3 (x32 Version: 13.0)
Ultimate Extras sounds from Microsoft® Tinker™
Uninstall 1.0.0.1 (x32)
Unity Web Player (HKCU Version: 2.6.1f3_31223)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (x32 Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition (x32)
UseNeXT by Tangysoft (x32)
VCRedistSetup (x32 Version: 1.0.0)
Video mp3 Extractor (x32)
VLC media player 1.0.5 (x32 Version: 1.0.5)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows-Soundschemas
WinRAR archiver (x32)
Yahoo! Detect (x32)
Yahoo! Messenger (x32)

==================== Restore Points  =========================

28-06-2013 11:04:49 Installed QuickTime
29-06-2013 15:08:49 Windows Update
01-07-2013 13:54:37 Geplanter Prüfpunkt
02-07-2013 10:05:54 Revo Uninstaller's restore point - Adobe Flash Player 11 Plugin
02-07-2013 10:07:37 Revo Uninstaller's restore point - Artisteer 2
02-07-2013 10:14:19 Revo Uninstaller's restore point - Hamster Free Video Converter
02-07-2013 10:16:11 Revo Uninstaller's restore point - shopping-preise.de AddOn Firefox
02-07-2013 10:17:41 Revo Uninstaller's restore point - Geländewagen-Simulator 2012 (Nur entfernen)
02-07-2013 10:20:32 Revo Uninstaller's restore point - Mozilla Firefox 22.0 (x86 de)
02-07-2013 10:24:55 Revo Uninstaller's restore point - HLSW v1.3.2.1
02-07-2013 10:47:41 Revo Uninstaller's restore point - Adobe Flash Player 11 Plugin
02-07-2013 10:49:21 Revo Uninstaller's restore point - Adobe Flash Player 11 Plugin

==================== Scheduled Tasks (whitelisted) =============

Task: {290E8249-D46A-4FD1-969B-5109B3DCF174} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {2B4C1AF3-07D4-4D5B-8CD2-BF3EFBEB68C8} - System32\Tasks\EPUpdater => C:\Users\HEADCR~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {40AE2EA0-9E89-4FF2-864C-5D7A8C0E6C6A} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-21] (Microsoft Corp.)
Task: {64B57CF4-1297-4430-8DA3-400B15ABBCEB} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {683663E1-870B-423D-B800-A71577679B4F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {6AAE2CB8-ADE3-46A7-A51C-9BDD32AB85A6} - System32\Tasks\User_Feed_Synchronization-{3AFECE7E-8FEF-4C63-8A7B-DEE9D0BA220E} => C:\Windows\system32\msfeedssync.exe [2011-06-28] (Microsoft Corporation)
Task: {83C4E485-0E0A-49D3-83C7-8FBB8C5685C5} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {8EF40D15-CC70-4694-A8AD-94602F760467} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-21] (Google Inc.)
Task: {9475DD97-BB54-4FD8-A31A-032B4833F6AA} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {9A441CE9-6C4F-4991-954B-EDCB9256D04F} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {A22ACAF2-B81F-4AE0-B8C1-093DB2A8C7B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {AA105019-BFFB-4713-B627-81B47F4419F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {AD8FBB56-ED6F-4BEE-81B8-2332DDDA12B5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {C0B38178-CA76-4475-90EB-B2F41221156B} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {C41E9FD5-A5DB-4DEF-9715-E4F7BAFEE730} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {CF4DDEFE-9489-45BC-BF58-70F81D879D20} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-21] (Google Inc.)
Task: {D1849F70-8D65-4263-957C-27FD3AAE933A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {D4D36076-5BB0-4BBF-8288-644882FB1F2B} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {F03BC038-D75D-4CC8-B47D-D13A9D17F294} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: ESLvnic Virtual Network 64 Bit
Description: ESLvnic Virtual Network 64 Bit
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Turtle Entertainment GmbH
Service: ESLvnic1
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/03/2013 10:50:17 AM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\***\APPDATA\ROAMING\THUNDERBIRD\PROFILES\RK5UUOXZ.DEFAULT\GLOBAL-MESSAGES-DB.SQLITE-JOURNAL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/03/2013 10:45:08 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/03/2013 10:45:07 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/03/2013 10:41:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2013 09:18:03 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x1718, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/02/2013 09:05:59 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\***\APPDATA\ROAMING\THUNDERBIRD\PROFILES\RK5UUOXZ.DEFAULT\GLOBAL-MESSAGES-DB.SQLITE-JOURNAL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/02/2013 08:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x14ec, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/02/2013 07:47:01 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\***\APPDATA\ROAMING\THUNDERBIRD\PROFILES\RK5UUOXZ.DEFAULT\PERMISSIONS.SQLITE-JOURNAL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (07/02/2013 07:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x1a4, Anwendungsstartzeit FlashPlayerUpdateService.exe0.

Error: (07/02/2013 06:18:00 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung FlashPlayerUpdateService.exe, Version 11.6.602.180, Zeitstempel 0x51a4ab8c, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e39f, Ausnahmecode 0xc0000005, Fehleroffset 0x0004bb57,
Prozess-ID 0x1230, Anwendungsstartzeit FlashPlayerUpdateService.exe0.


System errors:
=============
Error: (07/03/2013 10:40:24 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/02/2013 00:42:22 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/02/2013 00:40:08 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 02.07.2013 um 12:35:41 unerwartet heruntergefahren.

Error: (07/02/2013 11:17:04 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/02/2013 10:39:55 AM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/01/2013 06:03:48 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc000000dJ:0x0

Error: (07/01/2013 06:00:44 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 01.07.2013 um 17:57:52 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-07-03 10:49:46.400
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 10:49:46.096
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 10:49:45.905
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 10:49:45.724
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 10:49:45.546
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 10:49:45.351
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 10:49:45.090
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 10:49:44.914
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 10:49:20.984
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 10:49:20.797
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\HookCentre.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 53%
Total physical RAM: 4093.64 MB
Available physical RAM: 1885.91 MB
Total Pagefile: 8360.54 MB
Available Pagefile: 5679.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Vista System C) (Fixed) (Total:293.94 GB) (Free:123.08 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: (Games) (Fixed) (Total:404.69 GB) (Free:263.82 GB) NTFS (Disk=0 Partition=2)
Drive e: (LEXAR) (Removable) (Total:7.45 GB) (Free:1.49 GB) FAT32 (Disk=4 Partition=1)
Drive f: (Osterbach) (Fixed) (Total:149.05 GB) (Free:123.79 GB) NTFS (Disk=3 Partition=1)
Drive h: (DINGSDA) (Fixed) (Total:465.65 GB) (Free:176.34 GB) FAT32 (Disk=1 Partition=1)
Drive i: (SCHWERLAST) (Removable) (Total:29.8 GB) (Free:12.83 GB) FAT32 (Disk=5 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: A5751F76)
Partition 1: (Active) - (Size=294 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=405 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: A9822CC5)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)

========================================================
Disk: 3 (Size: 149 GB) (Disk ID: 21C9D2B0)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)

========================================================
Disk: 5 (Size: 30 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)

==================== End Of Log ============================
         

Alt 03.07.2013, 12:31   #14
schrauber
/// the machine
/// TB-Ausbilder
 

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
ATTFilter
2013-06-28 13:45 - 2013-07-02 21:18 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
C:\ProgramData\nvModes.dat
C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate 2
C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate
         
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.07.2013, 13:10   #15
Fränky
 
c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Standard

c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..



Hier die Fixlist

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-06-2013 03
Ran by *** at 2013-07-03 14:09:02 Run:1
Running from C:\Users\***\Downloads
Boot Mode: Normal
==============================================

C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\ProgramData\nvModes.dat => Moved successfully.
C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate 2 => Moved successfully.
C:\Windows\System32\Tasks\AdobeFlashPlayerUpdate => Moved successfully.

==== End of Fixlog ====
         

Antwort

Themen zu c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..
4d36e972-e325-11ce-bfc1-08002be10318, adblock, adobe flashplayer, antivirus, ccsetup, cdburnerxp, computer, converter, downloader, email, epupdater, error, farbar, farbar recovery scan tool, firefox, flash player, fotogalerie, frst.txt, g-data, homepage, java/exploit.agent.omz, minidump, newtab, ntdll.dll, pdfforge toolbar, plug-in, problem, richtlinie, software, svchost.exe, visual studio, win32/adware.bandoo.aa, win32/agent.fbzndop, win32/startpage.oph, wma



Ähnliche Themen: c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder..


  1. Fehlerhinweis "Ungültiges Bild" unter WINDOWS 7: "C:\PROGRA~2\SEARCH~2\SEARCH~1\bin\VC32LO~1.DLL" +
    Log-Analyse und Auswertung - 19.04.2015 (9)
  2. Windows 7: C:\PROGRA~2\SEARCH~1\bin\VC32LO~.DLL ist entweder nicht für die Ausführung unter Windows vorgesehn oder enthält einen Fehler...
    Log-Analyse und Auswertung - 03.04.2015 (11)
  3. C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehen...
    Plagegeister aller Art und deren Bekämpfung - 16.03.2015 (17)
  4. Windows 8.1 "Ungültiges Bild" C:\Progra~2\Search~1\Search~1\bin\VC64LO~1.DLL... oder ähnlich bei Programmstart
    Plagegeister aller Art und deren Bekämpfung - 15.03.2015 (7)
  5. C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehe
    Plagegeister aller Art und deren Bekämpfung - 06.02.2015 (5)
  6. Windows 8.1: Trojaner Meldungen von Mc Afee häufen sich, GMER Ausführung funktioniert nicht, keine Ausgabe Addition.txt
    Log-Analyse und Auswertung - 14.09.2014 (13)
  7. [WIN7x64] NLAapi.dll ist entweder nicht für die Ausführung unter Windows vorgesehen [...]
    Alles rund um Windows - 14.03.2014 (27)
  8. c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll
    Plagegeister aller Art und deren Bekämpfung - 14.10.2013 (1)
  9. Prüft Norton Internet Security alle .EXE-Files vor deren Ausführung oder nicht?
    Plagegeister aller Art und deren Bekämpfung - 27.09.2013 (7)
  10. windows vista: entweder kein Startbildschirm oder GVU Zahlungsaufforderung
    Log-Analyse und Auswertung - 29.06.2013 (18)
  11. c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält Fehler
    Plagegeister aller Art und deren Bekämpfung - 28.06.2013 (11)
  12. C:\Windows\system32\d3dx9_37.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält einen Fehler.
    Alles rund um Windows - 23.03.2013 (3)
  13. Felermeldung : C:windows\system32\wow64.dll ist entweder nicht für
    Plagegeister aller Art und deren Bekämpfung - 31.10.2012 (3)
  14. "Ungültiges Bild" - Avast5/snxhk.dll ist entweder nicht für die Ausführung...
    Plagegeister aller Art und deren Bekämpfung - 20.01.2011 (1)
  15. Mozilla Firefox stürzt andauernd ab entweder beim starten oder nach einer Stunde
    Alles rund um Windows - 28.03.2010 (8)
  16. Unter Windows 7 werfault.exe oder wermgr.exe Fehler
    Plagegeister aller Art und deren Bekämpfung - 04.01.2010 (0)
  17. Entweder hat eScan ein Problem oder ich....
    Log-Analyse und Auswertung - 20.06.2007 (10)

Zum Thema c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. - Guten Tag auch, bin neu hier und habe Euch über Google gefunden nachdem ich diesen Fehler in der Suma eingegeben habe. c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows - c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.....
Archiv
Du betrachtest: c:\progra~3\browse~1\261339~1.144\{c16c1~1\brose~1.dll ist entweder nicht für die Ausführung unter Windows vorgesehen oder.. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.