Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: "RegSvr32 - Fehler beim Laden des Moduls "

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.08.2014, 11:16   #1
tanteginger
 
"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Hallo, ich bin neu hier und hab nicht wirklich Ahnung von Pc's.
Nun habe ich das Problem, dass mir nach dem Hochfahren des PC's folgende Fehlermeldung angezeigt wird:

"RegSvr32 - Fehler beim Laden des Moduls "".
Stellen Sie sicher, dass die Binärdatei am angegebenen Pfad gespeichert ist, oder Debuggen Sie die Datei, um Probleme mit der binären Datei oder abhängigen DLL-Dateien auszuschließen.
Das angegebene Modul wurde nicht gefunden."

Außerdem stürzt er in letzter Zeit öfters mal ab und ich bekomme immer Meldungen, dass meine Firewall wegen Problemen nicht mehr ausgeführt wird.

Wenn mir jemand helfen könnte, wäre das wirklich super nett, da ich total überfragt bin und nicht weis was ich jetzt machen soll.

Vielen Dank im Vorraus.
Liebe Grüße

Alt 13.08.2014, 11:29   #2
schrauber
/// the machine
/// TB-Ausbilder
 

"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 13.08.2014, 12:40   #3
tanteginger
 
"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Vielen Dank. Hab die Log Datei in den Anhang gepackt :-)
__________________

Alt 13.08.2014, 12:41   #4
tanteginger
 
"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Und dann hat es noch diese Datei erstellt.
Angehängte Dateien
Dateityp: txt Addition.txt (52,8 KB, 120x aufgerufen)

Alt 13.08.2014, 20:41   #5
schrauber
/// the machine
/// TB-Ausbilder
 

"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.08.2014, 20:54   #6
tanteginger
 
"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Oh sorry dann poste ichs mal hier rein
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014
Ran by user (administrator) on USER-VAIO on 13-08-2014 13:32:18
Running from C:\Users\user\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
() C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1573584 2012-10-29] (Ask)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-06] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Spotify Web Helper] => C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-07] (Spotify Ltd)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Akamai NetSession Interface] => C:\Users\user\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [81264 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [SSync] => C:\Users\user\AppData\Roaming\SSync\SSync.exe [37376 2013-12-09] ()
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Intermediate] => C:\Users\user\AppData\Roaming\Intermediate\Intermediate.exe [37376 2013-12-09] ()
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [ItadiJqune] => regsvr32.exe "
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\MountPoints2: {1c6a8d75-6ef5-11e2-b6eb-c0cb38d7bd85} - E:\Setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk
ShortcutTarget: Evernote Clipper.lnk -> C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACR Launcher.lnk
ShortcutTarget: ACR Launcher.lnk -> C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe ()
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {3FD48605-DBCB-4C65-A31D-60F90C90EA16} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKCU - {4DC53930-7C96-49BF-BA76-08502B716CA7} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {79840979-36AA-4F82-99BD-3A8B6E06F4F9} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {E323D883-2C9C-4339-A9B3-47D3051E8480} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=56632b85-435c-4c7b-90b5-2dcd3f166038&apn_sauid=F3C7E90C-D83E-4962-B249-B14605DE4861
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121007212538.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: ICQ Sparberater -> {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} -> C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121010162754.dll No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.185.33 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M4B16E2E6-87F2-4ADE-B659-4D5D06ABD2CE&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SPCC599EBD-819D-4654-9E9D-B6C56F9113EB
FF DefaultSearchEngine: Conduit Search
FF SearchEngineOrder.1: Ask Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCC599EBD-819D-4654-9E9D-B6C56F9113EB&SSPV=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
FF Plugin HKCU: bebomedia.com/OfferMosquitoIEHelper -> C:\Users\user\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF user.js: detected! => C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\askcomsearch.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\abs@avira.com [2014-08-05]
FF Extension: ProxTube - Unblock YouTube - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Securita Scout - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\isec@securitascout.com [2014-03-15]
FF Extension: Webmail Ad Blocker - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\gmailnoads@mywebber.com.xpi [2013-10-24]
FF Extension: Speed Analysis 3 - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\speedanalysis03@SpeedAnalysis.com.xpi [2014-01-04]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-07-30]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-07]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-19]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

Chrome: 
=======
CHR DefaultSearchKeyword: trovi.search
CHR DefaultNewTabURL: 
CHR Extension: (Avira Toolbar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl [2012-12-06]
CHR Extension: (FileConverter 1.3) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp [2012-10-17]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (ICQ Sparberater) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpllndkedbnmonoomepeeglghdelffo [2012-10-31]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-08]
CHR HKCU\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\user\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-09-20]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-03-19]
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\user\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.11.0.crx [2012-12-05]
CHR HKLM-x32\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\user\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [nmpllndkedbnmonoomepeeglghdelffo] - C:\Program Files (x86)\icq\Chrome\icq-1.3.671.crx [2011-12-28]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
S1 vflt; C:\Windows\System32\DRIVERS\vfilter.sys [24064 2013-07-01] (Shrew Soft Inc) [File not signed]
S3 vnet; C:\Windows\System32\DRIVERS\virtualnet.sys [17408 2013-07-01] (Shrew Soft Inc) [File not signed]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-13 13:32 - 2014-08-13 13:33 - 00029725 _____ () C:\Users\user\Downloads\FRST.txt
2014-08-13 13:31 - 2014-08-13 13:32 - 00000000 ____D () C:\FRST
2014-08-13 13:29 - 2014-08-13 13:30 - 02100224 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-08-13 11:23 - 2014-08-13 11:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\OpenCandy
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-12 16:02 - 2014-08-12 16:02 - 06745792 _____ (Microsoft Corporation) C:\Users\user\Downloads\WindowsPhone.exe
2014-08-12 16:02 - 2014-08-12 16:02 - 00000000 ____D () C:\ProgramData\Applications
2014-08-12 16:00 - 2014-08-12 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-08-12 15:39 - 2014-08-12 15:39 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk
2014-08-12 15:39 - 2014-08-12 15:39 - 00000000 ____D () C:\Program Files\Adobe
2014-08-12 15:38 - 2014-08-12 15:38 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
2014-08-12 15:35 - 2014-08-12 15:35 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00001436 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-08-12 15:33 - 2014-08-12 15:33 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-08-12 15:30 - 2014-08-12 15:30 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2014-08-12 15:30 - 2014-08-12 15:30 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2014-08-12 15:29 - 2014-08-12 15:40 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-12 15:29 - 2014-08-12 15:29 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-08-12 00:15 - 2014-08-12 00:15 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 00:15 - 2014-08-12 00:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-06 11:41 - 2014-08-06 11:41 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-05 11:34 - 2014-08-06 11:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-01 22:19 - 2014-08-01 22:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 22:18 - 2014-08-01 22:18 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 22:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-01 22:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-01 22:17 - 2014-08-01 22:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-01 22:04 - 2014-08-12 00:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-01 22:04 - 2014-08-12 00:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-01 22:04 - 2014-08-01 22:04 - 00004686 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-01 22:01 - 2014-08-01 22:01 - 00918440 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall(3).exe
2014-08-01 21:52 - 2014-08-01 21:52 - 00692704 _____ () C:\Windows\Minidump\080114-29218-01.dmp
2014-07-31 23:31 - 2014-07-31 23:31 - 00273904 _____ () C:\Windows\Minidump\073114-36441-01.dmp
2014-07-31 16:58 - 2014-07-31 16:58 - 00273904 _____ () C:\Windows\Minidump\073114-34304-01.dmp
2014-07-30 17:27 - 2014-07-30 17:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 11:20 - 2014-07-28 11:20 - 00273904 _____ () C:\Windows\Minidump\072814-38625-01.dmp
2014-07-27 19:56 - 2014-07-27 19:57 - 00273904 _____ () C:\Windows\Minidump\072714-45271-01.dmp
2014-07-19 17:40 - 2014-08-12 15:31 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-07-19 15:50 - 2014-08-03 22:22 - 00000000 ____D () C:\Users\user\Documents\Kochen
2014-07-15 14:24 - 2014-07-15 14:24 - 05744379 _____ () C:\Users\Public\Documents\Maus Erste Hilfe.xps

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-13 13:33 - 2014-08-13 13:32 - 00029725 _____ () C:\Users\user\Downloads\FRST.txt
2014-08-13 13:32 - 2014-08-13 13:31 - 00000000 ____D () C:\FRST
2014-08-13 13:32 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-13 13:32 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-13 13:30 - 2014-08-13 13:29 - 02100224 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-08-13 12:35 - 2011-09-21 18:08 - 01153676 _____ () C:\Windows\WindowsUpdate.log
2014-08-13 12:33 - 2013-09-02 16:13 - 00000000 ___RD () C:\Users\user\Dropbox
2014-08-13 12:33 - 2013-09-02 16:11 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-08-13 12:31 - 2012-10-06 17:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\Adobe
2014-08-13 12:24 - 2011-09-21 18:50 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-08-13 12:24 - 2011-09-21 18:50 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-08-13 12:24 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-13 12:19 - 2013-05-17 17:42 - 00056160 _____ () C:\Windows\setupact.log
2014-08-13 12:19 - 2009-07-14 06:45 - 03077528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-13 12:18 - 2013-05-18 13:44 - 00089490 _____ () C:\Windows\PFRO.log
2014-08-13 11:26 - 2013-05-14 22:35 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-13 11:26 - 2013-02-23 23:49 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-08-13 11:26 - 2013-02-23 23:49 - 00001239 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-08-13 11:26 - 2012-11-10 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-13 11:23 - 2014-08-13 11:23 - 00000000 ____D () C:\Users\user\AppData\Roaming\OpenCandy
2014-08-13 11:23 - 2012-11-10 18:32 - 00000000 ____D () C:\Users\user\AppData\Roaming\DVDVideoSoft
2014-08-13 11:21 - 2012-11-07 15:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\Spotify
2014-08-12 18:10 - 2011-09-22 07:52 - 00124472 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-12 16:02 - 2014-08-12 16:02 - 06745792 _____ (Microsoft Corporation) C:\Users\user\Downloads\WindowsPhone.exe
2014-08-12 16:02 - 2014-08-12 16:02 - 00000000 ____D () C:\ProgramData\Applications
2014-08-12 16:00 - 2014-08-12 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-08-12 15:40 - 2014-08-12 15:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-12 15:39 - 2014-08-12 15:39 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk
2014-08-12 15:39 - 2014-08-12 15:39 - 00000000 ____D () C:\Program Files\Adobe
2014-08-12 15:38 - 2014-08-12 15:38 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
2014-08-12 15:38 - 2011-09-21 18:19 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-12 15:35 - 2014-08-12 15:35 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00001436 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-08-12 15:34 - 2011-09-21 18:17 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-12 15:33 - 2014-08-12 15:33 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-08-12 15:31 - 2014-07-19 17:40 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-08-12 15:30 - 2014-08-12 15:30 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2014-08-12 15:30 - 2014-08-12 15:30 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2014-08-12 15:29 - 2014-08-12 15:29 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-08-12 00:16 - 2013-10-19 11:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-12 00:15 - 2014-08-12 00:15 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 00:15 - 2014-08-12 00:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-12 00:15 - 2014-08-01 22:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-12 00:15 - 2014-08-01 22:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-12 00:15 - 2012-10-06 17:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 20:15 - 2012-11-07 15:45 - 00000000 ____D () C:\Users\user\AppData\Local\Spotify
2014-08-06 11:41 - 2014-08-06 11:41 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-06 11:41 - 2014-08-05 11:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-06 11:41 - 2012-12-05 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-06 11:41 - 2012-12-05 13:27 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-05 11:43 - 2013-09-09 16:22 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-05 11:34 - 2012-12-05 13:27 - 00000000 ____D () C:\ProgramData\Avira
2014-08-05 09:20 - 2012-12-05 13:46 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 10:12 - 2013-09-09 16:22 - 00000000 ____D () C:\ProgramData\Origin
2014-08-03 22:22 - 2014-07-19 15:50 - 00000000 ____D () C:\Users\user\Documents\Kochen
2014-08-01 22:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-08-01 22:52 - 2014-03-14 20:26 - 00000000 ____D () C:\Users\user\AppData\Roaming\DataMgr
2014-08-01 22:52 - 2012-12-05 13:27 - 00000000 ____D () C:\Program Files (x86)\Ask.com
2014-08-01 22:20 - 2014-08-01 22:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 22:18 - 2014-08-01 22:18 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-08-01 22:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-01 22:04 - 2014-08-01 22:04 - 00004686 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-01 22:01 - 2014-08-01 22:01 - 00918440 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall(3).exe
2014-08-01 21:52 - 2014-08-01 21:52 - 00692704 _____ () C:\Windows\Minidump\080114-29218-01.dmp
2014-08-01 21:52 - 2013-05-29 00:32 - 488614066 _____ () C:\Windows\MEMORY.DMP
2014-08-01 21:52 - 2013-01-03 19:45 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 23:31 - 2014-07-31 23:31 - 00273904 _____ () C:\Windows\Minidump\073114-36441-01.dmp
2014-07-31 23:31 - 2012-10-09 22:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 16:58 - 2014-07-31 16:58 - 00273904 _____ () C:\Windows\Minidump\073114-34304-01.dmp
2014-07-30 17:27 - 2014-07-30 17:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 11:20 - 2014-07-28 11:20 - 00273904 _____ () C:\Windows\Minidump\072814-38625-01.dmp
2014-07-27 20:17 - 2013-09-02 16:13 - 00001015 _____ () C:\Users\user\Desktop\Dropbox.lnk
2014-07-27 20:17 - 2013-09-02 16:11 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-27 19:57 - 2014-07-27 19:56 - 00273904 _____ () C:\Windows\Minidump\072714-45271-01.dmp
2014-07-27 19:56 - 2012-12-03 11:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 19:56 - 2012-12-03 11:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 19:54 - 2012-12-03 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 12:39 - 2014-02-23 15:19 - 00000000 ____D () C:\Users\user\Documents\Neuer Plan
2014-07-17 15:31 - 2013-05-06 11:45 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-15 14:24 - 2014-07-15 14:24 - 05744379 _____ () C:\Users\Public\Documents\Maus Erste Hilfe.xps
2014-07-15 13:40 - 2012-11-29 18:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-15 13:40 - 2012-11-29 18:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-15 13:40 - 2012-11-29 18:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

Files to move or delete:
====================
C:\ProgramData\Shrew Soft VPN.dat


Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\BackupSetup.exe
C:\Users\user\AppData\Local\Temp\DelayInst.exe
C:\Users\user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgd8tbf.dll
C:\Users\user\AppData\Local\Temp\installservice.exe
C:\Users\user\AppData\Local\Temp\install_helper.exe
C:\Users\user\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\user\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\user\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\user\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\user\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\user\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\user\AppData\Local\Temp\NEW261A.tmp.exe
C:\Users\user\AppData\Local\Temp\pdf24-creator-update.exe
C:\Users\user\AppData\Local\Temp\SecuritaScout_2014_DE.exe
C:\Users\user\AppData\Local\Temp\setup.exe
C:\Users\user\AppData\Local\Temp\tmd_34018604.exe
C:\Users\user\AppData\Local\Temp\uninst1.exe
C:\Users\user\AppData\Local\Temp\vcredist_x64.exe
C:\Users\user\AppData\Local\Temp\vpnclient_setup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-09-01 02:05

==================== End Of Log ============================
         
--- --- ---

--- --- ---


und dann noch die AdditionFRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-08-2014
Ran by user at 2014-08-13 13:34:07
Running from C:\Users\user\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ACR version 1.01 (HKLM-x32\...\{D3D02004-0977-4BB1-8FE8-8BC4230DCEEC}}_is1) (Version:  - Eutechnyx, Ltd)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop CS4 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 Support (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.11.0 - Ask.com) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{5BC83141-83DD-07BE-C940-04B385540F04}) (Version: 3.0.769.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.3.30498 - Ask.com) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0920.2143.37117 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0920.2143.37117 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help English (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help French (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help German (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0920.2142.37117 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0920.2143.37117 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0920.2143.37117 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.2.3442 - CDBurnerXP)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Evernote v. 4.1 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.1.0.3431 - Evernote Corp.)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Free YouTube to MP3 Converter version 3.12.43.806 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.43.806 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
ICQ Sparberater (HKLM-x32\...\{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}) (Version: 1.3.671 - solute gmbh)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.370 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
ODF Viewer Beta 2 (HKLM-x32\...\ODF Viewer Beta 2) (Version: Beta 2 - OpenDocument Fellowship)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150 - Sony Corporation) Hidden
Prezi (HKLM-x32\...\{BD44409B-A691-4B97-B33D-F07E1DE791F3}) (Version: 5.0.9 - Ihr Firmenname)
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.7.0 - Sony Corporation)
Quick Web Access (x32 Version: 1.4.7.0 - Sony Corporation) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_WORD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_WORD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}) (Version: 1.6.10.11160 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.4.00.05300 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.0.06080 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.5.00.05300 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.6.1.02150 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.2.1.03260 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-26578242-2711836266-2386171519-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26578242-2711836266-2386171519-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26578242-2711836266-2386171519-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26578242-2711836266-2386171519-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26578242-2711836266-2386171519-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26578242-2711836266-2386171519-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26578242-2711836266-2386171519-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26578242-2711836266-2386171519-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-26578242-2711836266-2386171519-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

27-07-2014 17:45:20 Windows Update
01-08-2014 08:09:26 Windows Update
01-08-2014 20:03:39 Installed Java 7 Update 65
01-08-2014 21:00:33 ICQ Sparberater wird entfernt
05-08-2014 09:38:13 Windows Update
11-08-2014 22:12:54 Installed Java 7 Update 67
12-08-2014 14:03:09 Installed Windows Phone app for desktop

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04842430-1339-4391-BD3D-88BA9E5530F5} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {055BED5A-4D7F-4556-8F36-EE3FAAD6BA85} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-03-26] (Sony Corporation)
Task: {08544BC9-D6F1-4682-9B08-A7C7FA742C12} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-06-08] (Sony Corporation)
Task: {095DB22D-BDE9-4B4A-9ADF-D457A48E18F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-15] (Adobe Systems Incorporated)
Task: {2D20C775-381A-4B59-AF52-69CD94A0BBEE} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {34E3C940-38A7-4175-B186-49E279517100} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
Task: {3E0BD7A3-C7A6-4E72-AD78-0A48EAAA9A45} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-21] (Google Inc.)
Task: {605D4B72-194D-4FB0-8CDE-D13ED1669AAD} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {943F37F2-F7C0-4389-B50C-71CA8775D53C} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {9C8A0291-3076-4AAD-B4FB-75730B5C4A9A} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {A69B2A55-CF9E-41AE-8F5F-7AEB1B5B0B1A} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {B427F92A-3FEF-4529-906B-28AD423C6763} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-06-08] (Sony Corporation)
Task: {C80BE271-23B2-459D-AF41-10AE9B45202F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-21] (Google Inc.)
Task: {D75DE36C-6253-4E47-BCF0-457B0C42DC74} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-03-26] (Sony Corporation)
Task: {E5A920E7-B8C5-4E6E-A269-EBD8BF6BCAA5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-03-26] (Sony Corporation)
Task: {EE1A1769-22DD-4ACB-9654-072917683AD9} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect
Task: {EE583927-ACB0-4B05-B5C3-C765C5F39BBE} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {F58A7A80-84C8-47CD-9296-6F812467DE5F} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-10-29] () <==== ATTENTION
Task: {FCC51FC5-5520-46D1-B7FE-3AB4030C352F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a40148b58eb.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LaunchApp.job => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

==================== Loaded Modules (whitelisted) =============

2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-23 20:16 - 2014-04-21 13:12 - 02892714 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe
2012-11-30 04:06 - 2012-11-30 04:06 - 01263512 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-08-24 14:39 - 2010-08-24 14:39 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-10-06 17:36 - 2012-10-06 17:36 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-09-21 18:17 - 2010-05-31 19:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2011-09-21 18:17 - 2010-05-31 19:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2014-07-24 11:50 - 2014-07-24 11:50 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-24 11:49 - 2014-07-24 11:49 - 00065104 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-01-10 14:35 - 2013-01-10 14:35 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-07-12 23:29 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2010-01-20 13:57 - 2010-01-20 13:57 - 00495616 _____ () C:\Program Files\Sony\VAIO Personalization Manager\sqlite3.dll
2010-12-16 12:36 - 2010-12-16 12:36 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2010-12-16 12:36 - 2010-12-16 12:36 - 00200704 _____ () C:\Program Files (x86)\Evernote\Evernote\LibPCRE.dll
2010-12-16 12:36 - 2010-12-16 12:36 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2013-05-23 20:16 - 2014-04-21 13:12 - 00041472 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\win32service.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00110592 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\pywintypes26.dll
2013-05-23 20:16 - 2014-04-21 13:12 - 00073728 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\_ctypes.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00040448 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\_socket.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00645120 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\_ssl.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00096256 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\win32api.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00011776 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\select.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00017920 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\win32event.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00053248 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\_sqlite3.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00572928 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\sqlite3.dll
2013-05-23 20:16 - 2014-04-21 13:12 - 00167936 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\win32gui.pyd
2014-04-21 13:12 - 2014-04-21 13:12 - 00027648 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\awesomium.awe.pyd
2014-04-21 13:12 - 2014-04-21 13:12 - 00179200 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\winxpgui.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00980992 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\wx._core_.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00744960 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\wx._gdi_.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00669696 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\wx._windows_.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00966144 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\wx._controls_.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00675328 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\wx._misc_.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00299520 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\d3d.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00111104 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\win32file.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00023040 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\win32ts.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00023552 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\_multiprocessing.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00022528 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\win32pdh.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00036352 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\win32process.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00108032 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\bspatch.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00117248 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\sip.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00354304 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\pythoncom26.dll
2013-05-23 20:16 - 2014-04-21 13:12 - 00263168 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\win32comext.shell.shell.pyd
2013-05-23 20:16 - 2014-04-21 13:12 - 00585728 _____ () C:\Program Files (x86)\ACR\AutoClubRev\web\unicodedata.pyd
2014-08-13 12:31 - 2014-08-13 12:31 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgd8tbf.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-05 11:34 - 2014-07-24 11:50 - 00049744 _____ () C:\Users\user\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-11-30 04:07 - 2012-11-30 04:07 - 00100248 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-07-30 17:27 - 2014-07-30 17:27 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:F591490A

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: Spotify => "C:\Users\user\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==================== Faulty Device Manager Devices =============

Name: Shrew Soft Lightweight Filter
Description: Shrew Soft Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: vflt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/13/2014 00:04:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9126

Error: (08/13/2014 00:04:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9126

Error: (08/13/2014 00:04:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/13/2014 00:04:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8065

Error: (08/13/2014 00:04:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8065

Error: (08/13/2014 00:04:49 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/13/2014 00:04:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6802

Error: (08/13/2014 00:04:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6802

Error: (08/13/2014 00:04:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/13/2014 00:04:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5757


System errors:
=============
Error: (08/13/2014 00:20:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vflt

Error: (08/13/2014 00:17:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (08/12/2014 03:21:03 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/12/2014 03:21:01 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (08/12/2014 00:17:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.179.2417.0)

Error: (08/12/2014 00:05:46 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vflt

Error: (08/07/2014 11:01:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}

Error: (08/04/2014 04:11:14 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vflt

Error: (08/04/2014 04:10:22 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎08.‎2014 um 16:03:46 unerwartet heruntergefahren.

Error: (08/04/2014 09:53:38 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
vflt


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-08-13 12:18:43.318
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-13 12:18:43.256
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-12 00:04:34.564
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-12 00:04:34.502
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-04 16:10:15.580
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-04 16:10:15.518
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-04 09:52:46.003
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-04 09:52:45.940
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-01 22:55:27.817
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-08-01 22:55:27.755
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\vfilter.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
Percentage of memory in use: 62%
Total physical RAM: 3950.11 MB
Available physical RAM: 1500.09 MB
Total Pagefile: 7898.35 MB
Available Pagefile: 5133.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:284.59 GB) (Free:157.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 81F68833)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

Alt 14.08.2014, 13:14   #7
schrauber
/// the machine
/// TB-Ausbilder
 

"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.08.2014, 19:11   #8
tanteginger
 
"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Code:
ATTFilter
ComboFix 14-08-14.02 - user 14.08.2014  19:09:52.1.2 - x64
ausgeführt von:: c:\users\user\Downloads\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\Install.exe
c:\users\Public\Documents\~WRL0002.tmp
c:\users\user\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-07-14 bis 2014-08-14  ))))))))))))))))))))))))))))))
.
.
2014-08-14 17:25 . 2014-08-14 17:25	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-08-14 16:54 . 2014-08-14 16:54	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-08-14 12:23 . 2014-08-14 12:23	--------	d--h--w-	c:\program files (x86)\Common Files\EAInstaller
2014-08-13 11:31 . 2014-08-13 11:35	--------	d-----w-	C:\FRST
2014-08-13 10:33 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{76CD448C-E9C6-40F4-BF75-142B8A8ACD6C}\mpengine.dll
2014-08-13 09:23 . 2014-08-13 09:23	--------	d-----w-	c:\users\user\AppData\Roaming\OpenCandy
2014-08-12 14:03 . 2014-08-12 14:03	--------	d-----w-	c:\program files (x86)\Windows Phone
2014-08-12 14:02 . 2014-08-12 14:02	--------	d-----w-	c:\programdata\Applications
2014-08-12 13:39 . 2014-08-12 13:39	--------	d-----w-	c:\program files\Adobe
2014-08-12 13:34 . 2014-08-12 13:34	--------	d-----w-	c:\windows\SysWow64\spool
2014-08-12 13:33 . 2014-08-12 13:33	--------	d-----w-	c:\program files (x86)\Adobe Media Player
2014-08-12 13:29 . 2014-08-12 13:29	--------	d-----w-	c:\program files\Common Files\Macrovision Shared
2014-08-12 13:29 . 2014-08-12 13:40	--------	d-----w-	c:\program files\Common Files\Adobe
2014-08-11 22:16 . 2014-08-11 22:16	--------	d-----w-	c:\program files (x86)\Common Files\Java
2014-08-11 22:15 . 2014-08-11 22:15	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-05 09:34 . 2014-08-14 12:22	--------	d-----w-	c:\programdata\Package Cache
2014-08-01 20:19 . 2014-08-01 20:20	122584	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-01 20:18 . 2014-08-01 20:18	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2014-08-01 20:18 . 2014-08-01 20:18	--------	d-----w-	c:\programdata\Malwarebytes
2014-08-01 20:18 . 2014-05-12 05:26	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-08-01 20:18 . 2014-05-12 05:26	91352	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-08-01 20:18 . 2014-05-12 05:25	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-07-19 15:40 . 2014-08-12 13:31	--------	d-----w-	c:\users\user\AppData\Local\Adobe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-05 07:20 . 2012-12-05 11:46	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-07-17 13:31 . 2013-05-06 09:45	42040	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-07-15 11:40 . 2012-11-29 16:13	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-15 11:40 . 2012-11-29 16:13	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-10 20:33 . 2012-10-07 17:23	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-07-03 14:51 . 2013-03-31 22:38	117712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-07-01 01:56 . 2014-07-10 08:57	516096	----a-w-	c:\windows\system32\aepdu.dll
2014-07-01 01:50 . 2014-07-10 08:57	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-06-04 07:20 . 2013-03-31 22:38	130584	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-08-29 19:50 . 2013-08-29 19:50	4188160	----a-w-	c:\program files (x86)\GUT4367.tmp
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD}]
2011-12-28 13:21	128064	----a-w-	c:\program files (x86)\icq\Internet Explorer\icq.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-08-07 10:51	297128	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	131480	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2014-08-07 860488]
"Spotify Web Helper"="c:\users\user\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-07-07 1178168]
"Akamai NetSession Interface"="c:\users\user\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2010-06-22 81264]
"SSync"="c:\users\user\AppData\Roaming\SSync\SSync.exe" [2013-12-09 37376]
"Intermediate"="c:\users\user\AppData\Roaming\Intermediate\Intermediate.exe" [2013-12-09 37376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-08-05 751184]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SHTtray.exe"="c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe" [2010-06-20 99696]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-12-06 186408]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-07-24 190032]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys;c:\windows\SYSNATIVE\DRIVERS\vfilter.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys;c:\windows\SYSNATIVE\DRIVERS\virtualnet.sys [x]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x]
S2 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
S2 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
S2 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 NETw5s64;Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 64-Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-14 12:00	1104200	----a-w-	c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-29 11:40]
.
2014-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf8a40148b58eb.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-21 16:27]
.
2013-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-09-21 16:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-05-27 15:49	357376	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04	164760	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 83.169.185.33 192.168.0.1
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\
FF - prefs.js: browser.search.selectedEngine - Conduit Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCC599EBD-819D-4654-9E9D-B6C56F9113EB&SSPV=
FF - user.js: extensions.blocklist.enabled - false
FF - user.js: app.update.auto - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-ItadiJqune - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-UnityWebPlayer - c:\users\user\AppData\Local\Unity\WebPlayer\Uninstall.exe
AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files (x86)\Ask.com\Updater\Updater.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-26578242-2711836266-2386171519-1000\Software\SecuROM\License information*]
"datasecu"=hex:5b,c2,aa,f1,bf,06,be,c6,24,25,e4,31,50,4d,16,be,1c,fa,fd,3d,06,
   29,4c,77,fb,8c,97,87,ad,f4,49,7d,42,dc,59,0f,e3,2f,40,24,03,3c,4a,35,a1,d7,\
"rkeysecu"=hex:7e,c5,ec,ef,32,72,c6,00,5a,27,63,36,db,80,03,99
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe
c:\program files (x86)\ACR\AutoClubRev\web\acrlauncher.exe
c:\users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
c:\program files\Sony\VAIO Personalization Manager\VpmIfPav.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-14  19:51:14 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-08-14 17:51
.
Vor Suchlauf: 16 Verzeichnis(se), 168.083.120.128 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 169.345.425.408 Bytes frei
.
- - End Of File - - E923A10306817DB1AD2D70FA71570F31
         

Alt 15.08.2014, 18:49   #9
schrauber
/// the machine
/// TB-Ausbilder
 

"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.08.2014, 13:03   #10
tanteginger
 
"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.08.2014
Suchlauf-Zeit: 12:57:44
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.01.05
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: user

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 323386
Verstrichene Zeit: 21 Min, 0 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 3
PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy, In Quarantäne, [81e8526fb3c8a98ddc00fbb131d1df21], 
PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\0985FB6E6B84417BAA08D15323502004, In Quarantäne, [81e8526fb3c8a98ddc00fbb131d1df21], 
PUP.Optional.OpenCandy, C:\Users\user\AppData\Roaming\OpenCandy\F091FC58F869465592E1FB8465C703D5, In Quarantäne, [81e8526fb3c8a98ddc00fbb131d1df21], 

Dateien: 23
PUP.Optional.Trovi.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M4B16E2E6-87F2-4ADE-B659-4D5D06ABD2CE&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SPCC599EBD-819D-4654-9E9D-B6C56F9113EB");), Ersetzt,[264329983348d264367b3cb0ca3a1ae6]
PUP.Optional.CrossRider.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "141d75139ec8cfdb2b756bd0c1ba21a3");), Ersetzt,[b8b168592c4fb5819879a4490bf9d22e]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.admin", false);), Ersetzt,[3e2b78496f0c3afc2800915c57adc739]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.aflt", "babsst");), Ersetzt,[aebb8e3387f4d85e2cfcbe2fbd47c838]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), Ersetzt,[78f1596832495fd72efa826bde263ec2]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.autoRvrt", "false");), Ersetzt,[85e44180017af244b57329c419eb44bc]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.dfltLng", "en");), Ersetzt,[3831c6fb413a0d29ed3b5a93956feb15]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.excTlbr", false);), Ersetzt,[cf9a51700b709f9786a207e6ea1a728e]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.ffxUnstlRst", true);), Ersetzt,[a6c3dce5e49782b4dc4cf2fb52b2b64a]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.id", "fe4c3ffe000000000000c0cb38d7bd85");), Ersetzt,[88e19c257506191d7bad3cb1a262ee12]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlDay", "15839");), Ersetzt,[c6a34a77fc7f24122800f7f6689c1ae6]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlRef", "sst");), Ersetzt,[3b2e60619ddeef470622688561a3f40c]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.newTab", false);), Ersetzt,[12570cb5aad164d267c15895d0349f61]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prdct", "delta");), Ersetzt,[0e5bd8e9740739fdf3359756758f32ce]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prtnrId", "delta");), Ersetzt,[a0c95d64c2b9989e37f1c825d52f7f81]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.rvrt", "false");), Ersetzt,[0e5b873a2952989e88a05c9156ae17e9]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.smplGrp", "none");), Ersetzt,[b7b2338e0774cd6949dfe9048282d030]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrId", "base");), Ersetzt,[25446f52f08b6ccabc6c40ad5fa59070]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrSrchUrl", "");), Ersetzt,[6405dee32b5092a429ff25c8e32157a9]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsn", "1.8.16.16");), Ersetzt,[00698c35b2c9ae88a4845c914cb8629e]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsnTs", "1.8.16.1622:36:45");), Ersetzt,[e38640815625d85e4bdd17d65aaa9967]
PUP.Optional.Delta.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsni", "1.8.16.16");), Ersetzt,[fb6e89388dee94a20e1a10dd0bf9659b]
PUP.Optional.Conduit.A, C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCC599EBD-819D-4654-9E9D-B6C56F9113EB&SSPV=");), Ersetzt,[6bfefcc580fb3df96fc702ebd2328977]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
# AdwCleaner v3.306 - Bericht erstellt am 16/08/2014 um 13:32:56
# Aktualisiert 15/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : user - USER-VAIO
# Gestartet von : C:\Users\user\Downloads\adwcleaner_3.306.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\users\user\AppData\Local\AskToolbar
Ordner Gelöscht : C:\users\user\AppData\Local\PerformerSoft
Ordner Gelöscht : C:\users\user\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\users\user\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\users\user\AppData\Roaming\Babylon
Ordner Gelöscht : C:\users\user\AppData\Roaming\BupSystem
Ordner Gelöscht : C:\users\user\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\users\user\AppData\Roaming\DataMgr
Ordner Gelöscht : C:\users\user\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\users\user\AppData\Roaming\Fifth
Ordner Gelöscht : C:\users\user\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\users\user\AppData\Roaming\PerformerSoft
Ordner Gelöscht : C:\users\user\AppData\Roaming\Security System 2
Ordner Gelöscht : C:\users\user\AppData\Roaming\SSync
Ordner Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\ICQToolbarData
Ordner Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\isec@securitascout.com
Ordner Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Ordner Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp
[!] Ordner Gelöscht : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\speedanalysis03@SpeedAnalysis.com.xpi
Datei Gelöscht : C:\Users\user\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\foxydeal.sqlite
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\askcomsearch.xml
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\ask-search.xml
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\icqplugin-5.xml
Datei Gelöscht : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\user.js

***** [ Tasks ] *****

Task Gelöscht : BrowserProtect
Task Gelöscht : Scheduled Update for Ask Toolbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\engeblojhfeingnjnfpiceofljnjpldp
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\engeblojhfeingnjnfpiceofljnjpldp
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
Schlüssel Gelöscht : HKCU\Software\MozillaPlugins\bebomedia.com/OfferMosquitoIEHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IMinentToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKCU\Software\d53da8ab76aba14
Schlüssel Gelöscht : HKLM\SOFTWARE\d53da8ab76aba14
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_sweet-home-3d_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_sweet-home-3d_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_unity-web-player_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Ciuvo
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\OfferMosquito
Schlüssel Gelöscht : HKCU\Software\performersoft llc
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.17267

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M4B16E2E6-87F2-4ADE-B659-4D5D06ABD2CE&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SPCC599EBD-819D-465[...]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Conduit Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Conduit Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPCC599EBD-819D-4654-9E9D-B6C56F9113EB&SSPV=");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "141d75139ec8cfdb2b756bd0c1ba21a3");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "fe4c3ffe000000000000c0cb38d7bd85");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15839");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1622:36:45");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
Zeile gelöscht : user_pref("extensions.iminent.admin", false);
Zeile gelöscht : user_pref("extensions.iminent.aflt", "orgnl");
Zeile gelöscht : user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");
Zeile gelöscht : user_pref("extensions.iminent.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.cntry", "DE");
Zeile gelöscht : user_pref("extensions.iminent.dfltLng", "");
Zeile gelöscht : user_pref("extensions.iminent.excTlbr", false);
Zeile gelöscht : user_pref("extensions.iminent.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.iminent.hdrMd5", "C1316427120B689A7099AEFF049F3F32");
Zeile gelöscht : user_pref("extensions.iminent.id", "fe4c3ffe0000000000000026c7854bc5");
Zeile gelöscht : user_pref("extensions.iminent.instlDay", "16012");
Zeile gelöscht : user_pref("extensions.iminent.instlRef", "");
Zeile gelöscht : user_pref("extensions.iminent.lastVrsnTs", "1.8.26.816:17:45");
Zeile gelöscht : user_pref("extensions.iminent.newTab", false);
Zeile gelöscht : user_pref("extensions.iminent.prdct", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.prtnrId", "iminent");
Zeile gelöscht : user_pref("extensions.iminent.rvrt", "false");
Zeile gelöscht : user_pref("extensions.iminent.sg", "none");
Zeile gelöscht : user_pref("extensions.iminent.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.iminent.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");
Zeile gelöscht : user_pref("extensions.iminent.vrsn", "1.8.26.8");
Zeile gelöscht : user_pref("extensions.iminent.vrsnTs", "1.8.26.816:17:45");
Zeile gelöscht : user_pref("extensions.iminent.vrsni", "1.8.26.8");
Zeile gelöscht : user_pref("iminent.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1383491922060");
Zeile gelöscht : user_pref("iminent.version", "7.43.4.1");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.43.4.1\",\"InstallEventCTime\":1383491873995}");

-\\ Google Chrome v36.0.1985.143

[ Datei : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=56632b85-435c-4c7b-90b5-2dcd3f166038&apn_ptnrs=%5EAGS&apn_sauid=F3C7E90C-D83E-4962-B249-B14605DE4861&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPCC599EBD-819D-4654-9E9D-B6C56F9113EB&q={searchTerms}&SSPV=
Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPCC599EBD-819D-4654-9E9D-B6C56F9113EB&q={searchTerms}&SSPV=
Gelöscht [Extension] : aaaaabfjnbeinlpljodiajipidiompfl
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : engeblojhfeingnjnfpiceofljnjpldp
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb

*************************

AdwCleaner[R0].txt - [27740 octets] - [16/08/2014 13:23:48]
AdwCleaner[S0].txt - [26143 octets] - [16/08/2014 13:32:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26204 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by user on 16.08.2014 at 13:45:24,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-26578242-2711836266-2386171519-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsSay-16-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsSay-16-codedownloader_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsSay-16-codedownloader_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsSay-16-codedownloader_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E323D883-2C9C-4339-A9B3-47D3051E8480}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\user\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\user\appdata\locallow\boost_interprocess"



~~~ FireFox

Emptied folder: C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\nvnqgvkb.default\minidumps [283 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.08.2014 at 13:53:36,75
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 02
Ran by user (administrator) on USER-VAIO on 16-08-2014 13:55:50
Running from C:\Users\user\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Spotify Ltd) C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
() C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-06] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Spotify Web Helper] => C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-07] (Spotify Ltd)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Akamai NetSession Interface] => C:\Users\user\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [81264 2010-06-22] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk
ShortcutTarget: Evernote Clipper.lnk -> C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACR Launcher.lnk
ShortcutTarget: ACR Launcher.lnk -> C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe ()
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {3FD48605-DBCB-4C65-A31D-60F90C90EA16} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {4DC53930-7C96-49BF-BA76-08502B716CA7} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {79840979-36AA-4F82-99BD-3A8B6E06F4F9} URL = hxxp://de.shopping.com/?linkin_id=8056363
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121007212538.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ICQ Sparberater -> {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} -> C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121010162754.dll No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.185.33 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default
FF SearchEngineOrder.1: Ask Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\abs@avira.com [2014-08-05]
FF Extension: ProxTube - Unblock YouTube - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Webmail Ad Blocker - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\gmailnoads@mywebber.com.xpi [2013-10-24]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-07-30]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-19]

Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: trovi.search
CHR DefaultNewTabURL: 
CHR Extension: (No Name) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl [2012-12-06]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (ICQ Sparberater) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpllndkedbnmonoomepeeglghdelffo [2012-10-31]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-08]
CHR HKLM-x32\...\Chrome\Extension: [nmpllndkedbnmonoomepeeglghdelffo] - C:\Program Files (x86)\icq\Chrome\icq-1.3.671.crx [2011-12-28]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
S1 vflt; C:\Windows\System32\DRIVERS\vfilter.sys [24064 2013-07-01] (Shrew Soft Inc) [File not signed]
S3 vnet; C:\Windows\System32\DRIVERS\virtualnet.sys [17408 2013-07-01] (Shrew Soft Inc) [File not signed]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-16 13:55 - 2014-08-16 13:55 - 00000000 ____D () C:\Users\user\Downloads\FRST-OlderVersion
2014-08-16 13:54 - 2014-08-16 13:54 - 00002191 _____ () C:\Users\Public\Documents\JRT.txt
2014-08-16 13:53 - 2014-08-16 13:53 - 00002191 _____ () C:\Users\user\Desktop\JRT.txt
2014-08-16 13:45 - 2014-08-16 13:45 - 00000000 ____D () C:\Windows\ERUNT
2014-08-16 13:43 - 2014-08-16 13:43 - 01016261 _____ (Thisisu) C:\Users\user\Downloads\JRT.exe
2014-08-16 13:37 - 2014-08-16 13:37 - 00026481 _____ () C:\Users\Public\Documents\AdwCleaner[S0].txt
2014-08-16 13:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-16 13:23 - 2014-08-16 13:33 - 00000000 ____D () C:\AdwCleaner
2014-08-16 13:21 - 2014-08-16 13:21 - 01361203 _____ () C:\Users\user\Downloads\adwcleaner_3.306.exe
2014-08-16 13:20 - 2014-08-16 13:20 - 00006904 _____ () C:\Users\Public\Documents\mbam.txt
2014-08-14 19:51 - 2014-08-14 19:51 - 00024420 _____ () C:\ComboFix.txt
2014-08-14 19:07 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-14 19:07 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-14 19:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-14 19:06 - 2014-08-14 19:52 - 00000000 ____D () C:\Qoobox
2014-08-14 19:06 - 2014-08-14 19:45 - 00000000 ____D () C:\Windows\erdnt
2014-08-14 19:05 - 2014-08-14 19:05 - 05571579 ____R (Swearware) C:\Users\user\Downloads\ComboFix.exe
2014-08-14 18:54 - 2014-08-14 18:54 - 00001264 _____ () C:\Users\user\Desktop\Revo Uninstaller.lnk
2014-08-14 18:54 - 2014-08-14 18:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-14 18:50 - 2014-08-14 18:50 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\user\Downloads\revosetup95.exe
2014-08-14 14:23 - 2014-08-14 14:23 - 00001483 _____ () C:\Users\Public\Desktop\Die Sims 4 Erstelle einen Sim-Demo.lnk
2014-08-14 14:23 - 2014-08-14 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 Erstelle einen Sim-Demo
2014-08-13 13:38 - 2014-08-13 13:38 - 00054089 _____ () C:\Users\Public\Documents\Addition.txt
2014-08-13 13:38 - 2014-08-13 13:38 - 00046979 _____ () C:\Users\Public\Documents\FRST.txt
2014-08-13 13:34 - 2014-08-13 13:35 - 00054089 _____ () C:\Users\user\Downloads\Addition.txt
2014-08-13 13:32 - 2014-08-16 13:55 - 00024464 _____ () C:\Users\user\Downloads\FRST.txt
2014-08-13 13:31 - 2014-08-16 13:55 - 00000000 ____D () C:\FRST
2014-08-13 13:29 - 2014-08-16 13:55 - 02101248 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-12 16:02 - 2014-08-12 16:02 - 06745792 _____ (Microsoft Corporation) C:\Users\user\Downloads\WindowsPhone.exe
2014-08-12 16:02 - 2014-08-12 16:02 - 00000000 ____D () C:\ProgramData\Applications
2014-08-12 16:00 - 2014-08-12 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-08-12 15:39 - 2014-08-12 15:39 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk
2014-08-12 15:39 - 2014-08-12 15:39 - 00000000 ____D () C:\Program Files\Adobe
2014-08-12 15:38 - 2014-08-12 15:38 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
2014-08-12 15:35 - 2014-08-12 15:35 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00001436 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-08-12 15:33 - 2014-08-12 15:33 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-08-12 15:30 - 2014-08-12 15:30 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2014-08-12 15:30 - 2014-08-12 15:30 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2014-08-12 15:29 - 2014-08-12 15:40 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-12 15:29 - 2014-08-12 15:29 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-08-12 00:15 - 2014-08-12 00:15 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 00:15 - 2014-08-12 00:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-06 11:41 - 2014-08-06 11:41 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-05 11:34 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-01 22:19 - 2014-08-16 12:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 22:18 - 2014-08-01 22:18 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 22:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-01 22:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-01 22:17 - 2014-08-01 22:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-01 22:04 - 2014-08-12 00:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-01 22:04 - 2014-08-12 00:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-01 22:04 - 2014-08-01 22:04 - 00004686 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-01 22:01 - 2014-08-01 22:01 - 00918440 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall(3).exe
2014-08-01 21:52 - 2014-08-01 21:52 - 00692704 _____ () C:\Windows\Minidump\080114-29218-01.dmp
2014-07-31 23:31 - 2014-07-31 23:31 - 00273904 _____ () C:\Windows\Minidump\073114-36441-01.dmp
2014-07-31 16:58 - 2014-07-31 16:58 - 00273904 _____ () C:\Windows\Minidump\073114-34304-01.dmp
2014-07-30 17:27 - 2014-07-30 17:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 11:20 - 2014-07-28 11:20 - 00273904 _____ () C:\Windows\Minidump\072814-38625-01.dmp
2014-07-27 19:56 - 2014-07-27 19:57 - 00273904 _____ () C:\Windows\Minidump\072714-45271-01.dmp
2014-07-19 17:40 - 2014-08-12 15:31 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-07-19 15:50 - 2014-08-03 22:22 - 00000000 ____D () C:\Users\user\Documents\Kochen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-16 13:56 - 2014-08-13 13:32 - 00024464 _____ () C:\Users\user\Downloads\FRST.txt
2014-08-16 13:55 - 2014-08-16 13:55 - 00000000 ____D () C:\Users\user\Downloads\FRST-OlderVersion
2014-08-16 13:55 - 2014-08-13 13:31 - 00000000 ____D () C:\FRST
2014-08-16 13:55 - 2014-08-13 13:29 - 02101248 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-08-16 13:54 - 2014-08-16 13:54 - 00002191 _____ () C:\Users\Public\Documents\JRT.txt
2014-08-16 13:53 - 2014-08-16 13:53 - 00002191 _____ () C:\Users\user\Desktop\JRT.txt
2014-08-16 13:46 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-16 13:46 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-16 13:45 - 2014-08-16 13:45 - 00000000 ____D () C:\Windows\ERUNT
2014-08-16 13:43 - 2014-08-16 13:43 - 01016261 _____ (Thisisu) C:\Users\user\Downloads\JRT.exe
2014-08-16 13:43 - 2013-09-02 16:13 - 00001015 _____ () C:\Users\user\Desktop\Dropbox.lnk
2014-08-16 13:43 - 2013-09-02 16:13 - 00000000 ___RD () C:\Users\user\Dropbox
2014-08-16 13:43 - 2013-09-02 16:11 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-16 13:43 - 2013-09-02 16:11 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-08-16 13:42 - 2011-09-21 18:50 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-08-16 13:42 - 2011-09-21 18:50 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-08-16 13:42 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-16 13:37 - 2014-08-16 13:37 - 00026481 _____ () C:\Users\Public\Documents\AdwCleaner[S0].txt
2014-08-16 13:36 - 2013-05-18 13:44 - 00091594 _____ () C:\Windows\PFRO.log
2014-08-16 13:36 - 2013-05-17 17:42 - 00056776 _____ () C:\Windows\setupact.log
2014-08-16 13:35 - 2011-09-21 18:08 - 01332953 _____ () C:\Windows\WindowsUpdate.log
2014-08-16 13:33 - 2014-08-16 13:23 - 00000000 ____D () C:\AdwCleaner
2014-08-16 13:33 - 2012-10-17 22:14 - 00000000 ____D () C:\Users\user\AppData\Local\CRE
2014-08-16 13:21 - 2014-08-16 13:21 - 01361203 _____ () C:\Users\user\Downloads\adwcleaner_3.306.exe
2014-08-16 13:20 - 2014-08-16 13:20 - 00006904 _____ () C:\Users\Public\Documents\mbam.txt
2014-08-16 12:56 - 2014-08-01 22:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-16 12:39 - 2012-11-07 15:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\Spotify
2014-08-14 19:52 - 2014-08-14 19:06 - 00000000 ____D () C:\Qoobox
2014-08-14 19:51 - 2014-08-14 19:51 - 00024420 _____ () C:\ComboFix.txt
2014-08-14 19:51 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-14 19:45 - 2014-08-14 19:06 - 00000000 ____D () C:\Windows\erdnt
2014-08-14 19:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-14 19:26 - 2013-09-09 16:22 - 00000000 ____D () C:\ProgramData\Origin
2014-08-14 19:05 - 2014-08-14 19:05 - 05571579 ____R (Swearware) C:\Users\user\Downloads\ComboFix.exe
2014-08-14 18:54 - 2014-08-14 18:54 - 00001264 _____ () C:\Users\user\Desktop\Revo Uninstaller.lnk
2014-08-14 18:54 - 2014-08-14 18:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-14 18:50 - 2014-08-14 18:50 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\user\Downloads\revosetup95.exe
2014-08-14 14:35 - 2013-09-09 17:39 - 00000000 ____D () C:\Users\user\Documents\Electronic Arts
2014-08-14 14:35 - 2013-09-09 16:22 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-14 14:23 - 2014-08-14 14:23 - 00001483 _____ () C:\Users\Public\Desktop\Die Sims 4 Erstelle einen Sim-Demo.lnk
2014-08-14 14:23 - 2014-08-14 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 Erstelle einen Sim-Demo
2014-08-14 14:23 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-14 14:22 - 2014-08-05 11:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-14 14:13 - 2013-09-09 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-14 14:11 - 2013-09-09 16:22 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-13 13:38 - 2014-08-13 13:38 - 00054089 _____ () C:\Users\Public\Documents\Addition.txt
2014-08-13 13:38 - 2014-08-13 13:38 - 00046979 _____ () C:\Users\Public\Documents\FRST.txt
2014-08-13 13:35 - 2014-08-13 13:34 - 00054089 _____ () C:\Users\user\Downloads\Addition.txt
2014-08-13 12:31 - 2012-10-06 17:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\Adobe
2014-08-13 12:19 - 2009-07-14 06:45 - 03077528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-13 11:26 - 2013-05-14 22:35 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-13 11:26 - 2013-02-23 23:49 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-08-13 11:26 - 2013-02-23 23:49 - 00001239 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-08-13 11:26 - 2012-11-10 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-13 11:23 - 2012-11-10 18:32 - 00000000 ____D () C:\Users\user\AppData\Roaming\DVDVideoSoft
2014-08-12 18:10 - 2011-09-22 07:52 - 00124472 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-12 16:02 - 2014-08-12 16:02 - 06745792 _____ (Microsoft Corporation) C:\Users\user\Downloads\WindowsPhone.exe
2014-08-12 16:02 - 2014-08-12 16:02 - 00000000 ____D () C:\ProgramData\Applications
2014-08-12 16:00 - 2014-08-12 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-08-12 15:40 - 2014-08-12 15:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-12 15:39 - 2014-08-12 15:39 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk
2014-08-12 15:39 - 2014-08-12 15:39 - 00000000 ____D () C:\Program Files\Adobe
2014-08-12 15:38 - 2014-08-12 15:38 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
2014-08-12 15:38 - 2011-09-21 18:19 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-12 15:35 - 2014-08-12 15:35 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00001436 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-08-12 15:34 - 2011-09-21 18:17 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-12 15:33 - 2014-08-12 15:33 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-08-12 15:31 - 2014-07-19 17:40 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-08-12 15:30 - 2014-08-12 15:30 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2014-08-12 15:30 - 2014-08-12 15:30 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2014-08-12 15:29 - 2014-08-12 15:29 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-08-12 00:16 - 2013-10-19 11:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-12 00:15 - 2014-08-12 00:15 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 00:15 - 2014-08-12 00:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-12 00:15 - 2014-08-01 22:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-12 00:15 - 2014-08-01 22:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-12 00:15 - 2012-10-06 17:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 20:15 - 2012-11-07 15:45 - 00000000 ____D () C:\Users\user\AppData\Local\Spotify
2014-08-06 11:41 - 2014-08-06 11:41 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-06 11:41 - 2012-12-05 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-06 11:41 - 2012-12-05 13:27 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-05 11:34 - 2012-12-05 13:27 - 00000000 ____D () C:\ProgramData\Avira
2014-08-05 09:20 - 2012-12-05 13:46 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 22:22 - 2014-07-19 15:50 - 00000000 ____D () C:\Users\user\Documents\Kochen
2014-08-01 22:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-08-01 22:18 - 2014-08-01 22:18 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-08-01 22:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-01 22:04 - 2014-08-01 22:04 - 00004686 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-01 22:01 - 2014-08-01 22:01 - 00918440 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall(3).exe
2014-08-01 21:52 - 2014-08-01 21:52 - 00692704 _____ () C:\Windows\Minidump\080114-29218-01.dmp
2014-08-01 21:52 - 2013-05-29 00:32 - 488614066 _____ () C:\Windows\MEMORY.DMP
2014-08-01 21:52 - 2013-01-03 19:45 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 23:31 - 2014-07-31 23:31 - 00273904 _____ () C:\Windows\Minidump\073114-36441-01.dmp
2014-07-31 23:31 - 2012-10-09 22:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 16:58 - 2014-07-31 16:58 - 00273904 _____ () C:\Windows\Minidump\073114-34304-01.dmp
2014-07-30 17:27 - 2014-07-30 17:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 11:20 - 2014-07-28 11:20 - 00273904 _____ () C:\Windows\Minidump\072814-38625-01.dmp
2014-07-27 19:57 - 2014-07-27 19:56 - 00273904 _____ () C:\Windows\Minidump\072714-45271-01.dmp
2014-07-27 19:56 - 2012-12-03 11:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 19:56 - 2012-12-03 11:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 19:54 - 2012-12-03 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 12:39 - 2014-02-23 15:19 - 00000000 ____D () C:\Users\user\Documents\Neuer Plan
2014-07-17 15:31 - 2013-05-06 11:45 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys

Files to move or delete:
====================
C:\ProgramData\Shrew Soft VPN.dat


Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsfnhjv.dll
C:\Users\user\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-09-01 02:05

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Alt 17.08.2014, 07:17   #11
schrauber
/// the machine
/// TB-Ausbilder
 

"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.08.2014, 12:49   #12
tanteginger
 
"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



So zuerst mal die ESET Datei und gleich noch die Security Checkdatei und ein frische FRST :-)


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=511c0dcbbce2e1479e88e0c98903d8ad
# engine=19697
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-17 11:05:25
# local_time=2014-08-17 01:05:25 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 66462 273696815 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 83907 159903375 0 0
# scanned=276670
# found=18
# cleaned=0
# scan_time=7700
sh=48EF8B4E06E0F1D3C06C4D6E1EA2B6CE48AA5231 ft=1 fh=ac26df35aa8ade69 vn="Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{C049526F-B3EB-4151-9B11-B11F00F53A96}\_Setupx.dll.vir"
sh=2B9A1340BEC2FE2694C333ACD77F0E12EF9550D1 ft=1 fh=fcbeb3ad261a92d1 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.4.510_0\APISupport\APISupport.dll.vir"
sh=675526C1B3CB27C6635233B62EDB8ECEEBFE1556 ft=1 fh=8382eeac10eb278f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir"
sh=C0114483C9E2C1271B0D594AB6A6BF1E4F383D63 ft=1 fh=e2607344a0894545 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir"
sh=1DA36F2CEBBB8BACCE6B13E4438FEEBCD11B284C ft=1 fh=72b5baba16092778 vn="Win32/Conduit.SearchProtect evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.0.526_0\APISupport\APISupport.dll"
sh=119B91098847A205621FA7388C8B4A2FC134F0EB ft=1 fh=a4ebcb24189af321 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.0.526_0\nativeMessaging\TBMessagingHost.exe"
sh=8E6270F9DA8ECE45F03149274B3DBD370FF2F404 ft=1 fh=141990a027dc0992 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.0.526_0\plugins\ChromeApiPlugin.dll"
sh=23F6600F680FC4AA174E12F71480E95EC88278AF ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\44f6d127-39ae87fa"
sh=2E426D2A3DA76A621A58993772AB01D7EB63113E ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\user\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44\5c2ef92c-7a9e4b88"
sh=A873C4CA53E102BD661093D844ED4335221359D1 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\user\AppData\Roaming\Auslogics\Rescue\Sony Maintenance\130129172651005.rsc"
sh=9F3F2C7FE37481B3F75EF154AA7EB48E610D5F7C ft=1 fh=7516e51bc83869f9 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\7 Zip 32 Bit - CHIP-Downloader.exe"
sh=47EF53486FF826F192DBE1C2912D20FF41407159 ft=1 fh=8766b46152348b06 vn="Win32/DownloadAdmin.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\cbsidlm-tr1_7-Riding_Club_Championships-ORG2-10860765.exe"
sh=F37B8A6497FFCD2BA6CCA13596D548CE3D474BD0 ft=1 fh=c15d0b786ff2072c vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\FileConverter_1_3.exe"
sh=FA85DB367546515697172741B51A75A0DE498575 ft=1 fh=a4ac0d07a953f3fb vn="Win32/Conduit.SearchProtect.K evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\FreeYouTubeToMP3Converter(2).exe"
sh=AA190194CD322F27B81B57B66F0E48B16DDF09FC ft=1 fh=7a1e2a1eaadddca3 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\FreeYouTubeToMP3Converter_3.11.35.1031.exe"
sh=B81014FF171DC7C9C90B788B9E7E92EA6F3F1416 ft=1 fh=5b07426c3474ac28 vn="Variante von Win32/Adware.Trymedia.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\LetsRideSBS-dm.exe"
sh=62F7BAA523B7EA2216DD2B4FB5028EE169C548D8 ft=1 fh=14d375582ec171fd vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\OpenOffice - CHIP-Downloader(1).exe"
sh=E93DFE88028DEABF3F625934B652EEA07276353D ft=1 fh=4ac034768fa7d431 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\user\Downloads\OpenOffice - CHIP-Downloader.exe"
         
Beim SecurityCheck kam folgendes raus

Code:
ATTFilter
 UNSUPPORTED OPERATING SYSTEM! ABORTED!
         
und dann noch die neue FRST Datei


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by user (administrator) on USER-VAIO on 17-08-2014 13:44:05
Running from C:\Users\user\Downloads\FRST-OlderVersion
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Spotify Ltd) C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\user\AppData\Local\Akamai\netsession_win.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
() C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] (Sony Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-06] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Spotify Web Helper] => C:\Users\user\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-07] (Spotify Ltd)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Akamai NetSession Interface] => C:\Users\user\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [81264 2010-06-22] (Sony Corporation)
HKU\S-1-5-21-26578242-2711836266-2386171519-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk
ShortcutTarget: Evernote Clipper.lnk -> C:\Windows\Installer\{F761359C-9CED-45AE-9A51-9D6605CD55C4}\Evernote.ico ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACR Launcher.lnk
ShortcutTarget: ACR Launcher.lnk -> C:\Program Files (x86)\ACR\AutoClubRev\web\acrlauncher.exe ()
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {3FD48605-DBCB-4C65-A31D-60F90C90EA16} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {4DC53930-7C96-49BF-BA76-08502B716CA7} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {79840979-36AA-4F82-99BD-3A8B6E06F4F9} URL = hxxp://de.shopping.com/?linkin_id=8056363
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121007212538.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ICQ Sparberater -> {0766C1B9-B2DC-46E5-8934-4F3D6B42B1BD} -> C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\progra~1\mcafee\msk\mskapbho.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20121010162754.dll No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} -  No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 83.169.185.33 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default
FF SearchEngineOrder.1: Ask Search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\abs@avira.com [2014-08-05]
FF Extension: ProxTube - Unblock YouTube - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Webmail Ad Blocker - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\gmailnoads@mywebber.com.xpi [2013-10-24]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\nvnqgvkb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-10]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-07-30]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-07]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-03-19]

Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: trovi.search
CHR DefaultNewTabURL: 
CHR Extension: (No Name) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl [2012-12-06]
CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (ICQ Sparberater) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpllndkedbnmonoomepeeglghdelffo [2012-10-31]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-08]
CHR HKLM-x32\...\Chrome\Extension: [nmpllndkedbnmonoomepeeglghdelffo] - C:\Program Files (x86)\icq\Chrome\icq-1.3.671.crx [2011-12-28]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1021008 2014-08-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1359408 2013-03-26] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
S1 vflt; C:\Windows\System32\DRIVERS\vfilter.sys [24064 2013-07-01] (Shrew Soft Inc) [File not signed]
S3 vnet; C:\Windows\System32\DRIVERS\virtualnet.sys [17408 2013-07-01] (Shrew Soft Inc) [File not signed]
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 13:34 - 2014-08-17 13:34 - 00000041 _____ () C:\Users\Public\Documents\checkup Security Check.txt
2014-08-17 13:32 - 2014-08-17 13:33 - 00854417 _____ () C:\Users\user\Downloads\SecurityCheck(1).exe
2014-08-17 13:29 - 2014-08-17 13:29 - 00854417 _____ () C:\Users\user\Downloads\SecurityCheck.exe
2014-08-17 10:44 - 2014-08-17 10:45 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu.exe
2014-08-16 18:07 - 2014-08-16 18:07 - 00002176 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk
2014-08-16 17:41 - 2014-08-16 17:41 - 00002356 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Reiseabenteuer.lnk
2014-08-16 13:57 - 2014-08-16 13:57 - 00045183 _____ () C:\Users\Public\Documents\FRST 2.txt
2014-08-16 13:55 - 2014-08-17 13:44 - 00000000 ____D () C:\Users\user\Downloads\FRST-OlderVersion
2014-08-16 13:54 - 2014-08-16 13:54 - 00002191 _____ () C:\Users\Public\Documents\JRT.txt
2014-08-16 13:53 - 2014-08-16 13:53 - 00002191 _____ () C:\Users\user\Desktop\JRT.txt
2014-08-16 13:45 - 2014-08-16 13:45 - 00000000 ____D () C:\Windows\ERUNT
2014-08-16 13:43 - 2014-08-16 13:43 - 01016261 _____ (Thisisu) C:\Users\user\Downloads\JRT.exe
2014-08-16 13:37 - 2014-08-16 13:37 - 00026481 _____ () C:\Users\Public\Documents\AdwCleaner[S0].txt
2014-08-16 13:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-16 13:23 - 2014-08-16 13:33 - 00000000 ____D () C:\AdwCleaner
2014-08-16 13:21 - 2014-08-16 13:21 - 01361203 _____ () C:\Users\user\Downloads\adwcleaner_3.306.exe
2014-08-16 13:20 - 2014-08-16 13:20 - 00006904 _____ () C:\Users\Public\Documents\mbam.txt
2014-08-14 19:51 - 2014-08-14 19:51 - 00024420 _____ () C:\ComboFix.txt
2014-08-14 19:07 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-14 19:07 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-14 19:07 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-14 19:07 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-14 19:06 - 2014-08-14 19:52 - 00000000 ____D () C:\Qoobox
2014-08-14 19:06 - 2014-08-14 19:45 - 00000000 ____D () C:\Windows\erdnt
2014-08-14 19:05 - 2014-08-14 19:05 - 05571579 ____R (Swearware) C:\Users\user\Downloads\ComboFix.exe
2014-08-14 18:54 - 2014-08-14 18:54 - 00001264 _____ () C:\Users\user\Desktop\Revo Uninstaller.lnk
2014-08-14 18:54 - 2014-08-14 18:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-14 18:50 - 2014-08-14 18:50 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\user\Downloads\revosetup95.exe
2014-08-14 14:23 - 2014-08-14 14:23 - 00001483 _____ () C:\Users\Public\Desktop\Die Sims 4 Erstelle einen Sim-Demo.lnk
2014-08-14 14:23 - 2014-08-14 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 Erstelle einen Sim-Demo
2014-08-14 13:35 - 2014-08-07 03:52 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 13:35 - 2014-08-07 03:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 13:38 - 2014-08-13 13:38 - 00054089 _____ () C:\Users\Public\Documents\Addition.txt
2014-08-13 13:38 - 2014-08-13 13:38 - 00046979 _____ () C:\Users\Public\Documents\FRST.txt
2014-08-13 13:34 - 2014-08-13 13:35 - 00054089 _____ () C:\Users\user\Downloads\Addition.txt
2014-08-13 13:32 - 2014-08-16 13:56 - 00045183 _____ () C:\Users\user\Downloads\FRST.txt
2014-08-13 13:31 - 2014-08-17 13:44 - 00000000 ____D () C:\FRST
2014-08-13 13:29 - 2014-08-16 13:55 - 02101248 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-12 16:02 - 2014-08-12 16:02 - 06745792 _____ (Microsoft Corporation) C:\Users\user\Downloads\WindowsPhone.exe
2014-08-12 16:02 - 2014-08-12 16:02 - 00000000 ____D () C:\ProgramData\Applications
2014-08-12 16:00 - 2014-08-12 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-08-12 15:39 - 2014-08-12 15:39 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk
2014-08-12 15:39 - 2014-08-12 15:39 - 00000000 ____D () C:\Program Files\Adobe
2014-08-12 15:38 - 2014-08-12 15:38 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
2014-08-12 15:35 - 2014-08-12 15:35 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00001436 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-08-12 15:33 - 2014-08-12 15:33 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-08-12 15:30 - 2014-08-12 15:30 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2014-08-12 15:30 - 2014-08-12 15:30 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2014-08-12 15:29 - 2014-08-12 15:40 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-12 15:29 - 2014-08-12 15:29 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-08-12 00:15 - 2014-08-12 00:15 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 00:15 - 2014-08-12 00:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-06 11:41 - 2014-08-06 11:41 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-05 11:34 - 2014-08-14 14:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-01 22:19 - 2014-08-16 12:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 22:18 - 2014-08-01 22:18 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-01 22:18 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-01 22:18 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-01 22:17 - 2014-08-01 22:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-01 22:04 - 2014-08-12 00:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-01 22:04 - 2014-08-12 00:15 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-01 22:04 - 2014-08-01 22:04 - 00004686 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-01 22:01 - 2014-08-01 22:01 - 00918440 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall(3).exe
2014-08-01 21:52 - 2014-08-01 21:52 - 00692704 _____ () C:\Windows\Minidump\080114-29218-01.dmp
2014-07-31 23:31 - 2014-07-31 23:31 - 00273904 _____ () C:\Windows\Minidump\073114-36441-01.dmp
2014-07-31 16:58 - 2014-07-31 16:58 - 00273904 _____ () C:\Windows\Minidump\073114-34304-01.dmp
2014-07-30 17:27 - 2014-07-30 17:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 11:20 - 2014-07-28 11:20 - 00273904 _____ () C:\Windows\Minidump\072814-38625-01.dmp
2014-07-27 19:56 - 2014-07-27 19:57 - 00273904 _____ () C:\Windows\Minidump\072714-45271-01.dmp
2014-07-19 17:40 - 2014-08-12 15:31 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-07-19 15:50 - 2014-08-03 22:22 - 00000000 ____D () C:\Users\user\Documents\Kochen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-17 13:44 - 2014-08-16 13:55 - 00000000 ____D () C:\Users\user\Downloads\FRST-OlderVersion
2014-08-17 13:44 - 2014-08-13 13:31 - 00000000 ____D () C:\FRST
2014-08-17 13:44 - 2013-09-02 16:13 - 00000000 ___RD () C:\Users\user\Dropbox
2014-08-17 13:44 - 2013-09-02 16:11 - 00000000 ____D () C:\Users\user\AppData\Roaming\Dropbox
2014-08-17 13:44 - 2011-09-21 18:50 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-08-17 13:44 - 2011-09-21 18:50 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-08-17 13:44 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 13:42 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-17 13:42 - 2009-07-14 06:45 - 00013936 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-17 13:37 - 2013-05-17 17:42 - 00056832 _____ () C:\Windows\setupact.log
2014-08-17 13:36 - 2011-09-21 18:08 - 01362947 _____ () C:\Windows\WindowsUpdate.log
2014-08-17 13:34 - 2014-08-17 13:34 - 00000041 _____ () C:\Users\Public\Documents\checkup Security Check.txt
2014-08-17 13:33 - 2014-08-17 13:32 - 00854417 _____ () C:\Users\user\Downloads\SecurityCheck(1).exe
2014-08-17 13:29 - 2014-08-17 13:29 - 00854417 _____ () C:\Users\user\Downloads\SecurityCheck.exe
2014-08-17 13:18 - 2012-11-10 18:32 - 00000000 ____D () C:\Users\user\AppData\Roaming\DVDVideoSoft
2014-08-17 10:45 - 2014-08-17 10:44 - 02347384 _____ (ESET) C:\Users\user\Downloads\esetsmartinstaller_deu.exe
2014-08-17 03:11 - 2012-10-29 14:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-17 03:10 - 2013-08-30 00:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 03:06 - 2012-10-07 19:23 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-17 03:05 - 2014-07-10 23:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-16 18:07 - 2014-08-16 18:07 - 00002176 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Traumkarrieren.lnk
2014-08-16 18:07 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-16 18:06 - 2010-07-12 23:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-16 17:41 - 2014-08-16 17:41 - 00002356 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Reiseabenteuer.lnk
2014-08-16 17:41 - 2013-09-09 16:35 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-16 16:40 - 2013-09-09 16:22 - 00000000 ____D () C:\ProgramData\Origin
2014-08-16 16:39 - 2013-09-09 16:22 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-16 13:57 - 2014-08-16 13:57 - 00045183 _____ () C:\Users\Public\Documents\FRST 2.txt
2014-08-16 13:56 - 2014-08-13 13:32 - 00045183 _____ () C:\Users\user\Downloads\FRST.txt
2014-08-16 13:55 - 2014-08-13 13:29 - 02101248 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2014-08-16 13:54 - 2014-08-16 13:54 - 00002191 _____ () C:\Users\Public\Documents\JRT.txt
2014-08-16 13:53 - 2014-08-16 13:53 - 00002191 _____ () C:\Users\user\Desktop\JRT.txt
2014-08-16 13:45 - 2014-08-16 13:45 - 00000000 ____D () C:\Windows\ERUNT
2014-08-16 13:43 - 2014-08-16 13:43 - 01016261 _____ (Thisisu) C:\Users\user\Downloads\JRT.exe
2014-08-16 13:43 - 2013-09-02 16:13 - 00001015 _____ () C:\Users\user\Desktop\Dropbox.lnk
2014-08-16 13:43 - 2013-09-02 16:11 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-16 13:37 - 2014-08-16 13:37 - 00026481 _____ () C:\Users\Public\Documents\AdwCleaner[S0].txt
2014-08-16 13:36 - 2013-05-18 13:44 - 00091594 _____ () C:\Windows\PFRO.log
2014-08-16 13:33 - 2014-08-16 13:23 - 00000000 ____D () C:\AdwCleaner
2014-08-16 13:33 - 2014-03-14 20:24 - 00000000 ____D () C:\Users\user\AppData\Roaming\Common
2014-08-16 13:33 - 2012-10-31 12:56 - 00000000 ____D () C:\ProgramData\ICQ
2014-08-16 13:33 - 2012-10-17 22:14 - 00000000 ____D () C:\Users\user\AppData\Local\CRE
2014-08-16 13:21 - 2014-08-16 13:21 - 01361203 _____ () C:\Users\user\Downloads\adwcleaner_3.306.exe
2014-08-16 13:20 - 2014-08-16 13:20 - 00006904 _____ () C:\Users\Public\Documents\mbam.txt
2014-08-16 12:56 - 2014-08-01 22:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-16 12:39 - 2012-11-07 15:44 - 00000000 ____D () C:\Users\user\AppData\Roaming\Spotify
2014-08-14 19:52 - 2014-08-14 19:06 - 00000000 ____D () C:\Qoobox
2014-08-14 19:51 - 2014-08-14 19:51 - 00024420 _____ () C:\ComboFix.txt
2014-08-14 19:51 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-14 19:45 - 2014-08-14 19:06 - 00000000 ____D () C:\Windows\erdnt
2014-08-14 19:29 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-14 19:05 - 2014-08-14 19:05 - 05571579 ____R (Swearware) C:\Users\user\Downloads\ComboFix.exe
2014-08-14 18:54 - 2014-08-14 18:54 - 00001264 _____ () C:\Users\user\Desktop\Revo Uninstaller.lnk
2014-08-14 18:54 - 2014-08-14 18:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-14 18:50 - 2014-08-14 18:50 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\user\Downloads\revosetup95.exe
2014-08-14 14:35 - 2013-09-09 17:39 - 00000000 ____D () C:\Users\user\Documents\Electronic Arts
2014-08-14 14:35 - 2013-09-09 16:22 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-14 14:23 - 2014-08-14 14:23 - 00001483 _____ () C:\Users\Public\Desktop\Die Sims 4 Erstelle einen Sim-Demo.lnk
2014-08-14 14:23 - 2014-08-14 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4 Erstelle einen Sim-Demo
2014-08-14 14:22 - 2014-08-05 11:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-13 13:38 - 2014-08-13 13:38 - 00054089 _____ () C:\Users\Public\Documents\Addition.txt
2014-08-13 13:38 - 2014-08-13 13:38 - 00046979 _____ () C:\Users\Public\Documents\FRST.txt
2014-08-13 13:35 - 2014-08-13 13:34 - 00054089 _____ () C:\Users\user\Downloads\Addition.txt
2014-08-13 12:31 - 2012-10-06 17:49 - 00000000 ____D () C:\Users\user\AppData\Roaming\Adobe
2014-08-13 12:19 - 2009-07-14 06:45 - 03077528 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-13 11:26 - 2013-05-14 22:35 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-08-13 11:26 - 2013-02-23 23:49 - 00001532 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-08-13 11:26 - 2013-02-23 23:49 - 00001239 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2014-08-13 11:26 - 2012-11-10 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-08-12 18:10 - 2011-09-22 07:52 - 00124472 _____ () C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2014-08-12 16:03 - 2014-08-12 16:03 - 00000000 ____D () C:\Program Files (x86)\Windows Phone
2014-08-12 16:02 - 2014-08-12 16:02 - 06745792 _____ (Microsoft Corporation) C:\Users\user\Downloads\WindowsPhone.exe
2014-08-12 16:02 - 2014-08-12 16:02 - 00000000 ____D () C:\ProgramData\Applications
2014-08-12 16:00 - 2014-08-12 16:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-08-12 15:40 - 2014-08-12 15:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-12 15:39 - 2014-08-12 15:39 - 00001158 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4 (64 Bit).lnk
2014-08-12 15:39 - 2014-08-12 15:39 - 00000000 ____D () C:\Program Files\Adobe
2014-08-12 15:38 - 2014-08-12 15:38 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS4.lnk
2014-08-12 15:38 - 2011-09-21 18:19 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-12 15:35 - 2014-08-12 15:35 - 00001099 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00001436 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Drive CS4.lnk
2014-08-12 15:34 - 2014-08-12 15:34 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-08-12 15:34 - 2011-09-21 18:17 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-12 15:33 - 2014-08-12 15:33 - 00001192 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS4.lnk
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-08-12 15:33 - 2014-08-12 15:33 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-08-12 15:31 - 2014-07-19 17:40 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-08-12 15:30 - 2014-08-12 15:30 - 00001407 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2014-08-12 15:30 - 2014-08-12 15:30 - 00001283 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS4.lnk
2014-08-12 15:29 - 2014-08-12 15:29 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2014-08-12 00:16 - 2013-10-19 11:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-12 00:15 - 2014-08-12 00:15 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 00:15 - 2014-08-12 00:15 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-12 00:15 - 2014-08-01 22:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-12 00:15 - 2014-08-01 22:04 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-12 00:15 - 2012-10-06 17:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-07 20:15 - 2012-11-07 15:45 - 00000000 ____D () C:\Users\user\AppData\Local\Spotify
2014-08-07 03:52 - 2014-08-14 13:35 - 00526848 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:46 - 2014-08-14 13:35 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 11:41 - 2014-08-06 11:41 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-06 11:41 - 2012-12-05 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-06 11:41 - 2012-12-05 13:27 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-05 11:34 - 2012-12-05 13:27 - 00000000 ____D () C:\ProgramData\Avira
2014-08-05 09:20 - 2012-12-05 13:46 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 22:22 - 2014-07-19 15:50 - 00000000 ____D () C:\Users\user\Documents\Kochen
2014-08-01 22:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-08-01 22:18 - 2014-08-01 22:18 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-01 22:18 - 2014-08-01 22:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-01 22:18 - 2014-08-01 22:17 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\user\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-01 22:04 - 2014-08-01 22:04 - 00004686 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-08-01 22:01 - 2014-08-01 22:01 - 00918440 _____ (Oracle Corporation) C:\Users\user\Downloads\jxpiinstall(3).exe
2014-08-01 21:52 - 2014-08-01 21:52 - 00692704 _____ () C:\Windows\Minidump\080114-29218-01.dmp
2014-08-01 21:52 - 2013-05-29 00:32 - 488614066 _____ () C:\Windows\MEMORY.DMP
2014-08-01 21:52 - 2013-01-03 19:45 - 00000000 ____D () C:\Windows\Minidump
2014-07-31 23:31 - 2014-07-31 23:31 - 00273904 _____ () C:\Windows\Minidump\073114-36441-01.dmp
2014-07-31 23:31 - 2012-10-09 22:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 16:58 - 2014-07-31 16:58 - 00273904 _____ () C:\Windows\Minidump\073114-34304-01.dmp
2014-07-30 17:27 - 2014-07-30 17:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 11:20 - 2014-07-28 11:20 - 00273904 _____ () C:\Windows\Minidump\072814-38625-01.dmp
2014-07-27 19:57 - 2014-07-27 19:56 - 00273904 _____ () C:\Windows\Minidump\072714-45271-01.dmp
2014-07-27 19:56 - 2012-12-03 11:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 19:56 - 2012-12-03 11:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 19:54 - 2012-12-03 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-21 12:39 - 2014-02-23 15:19 - 00000000 ____D () C:\Users\user\Documents\Neuer Plan

Files to move or delete:
====================
C:\ProgramData\Shrew Soft VPN.dat


Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphu_rgu.dll
C:\Users\user\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2013-09-01 02:05

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Die Fehlermeldung ist auf jeden Fall mal weg, da würde ich sagen es ist alles wieder ok Vielen vielen Dank für die schnelle Hilfe

Alt 17.08.2014, 22:59   #13
schrauber
/// the machine
/// TB-Ausbilder
 

"RegSvr32 - Fehler beim Laden des Moduls " - Standard

"RegSvr32 - Fehler beim Laden des Moduls "



Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.




Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu "RegSvr32 - Fehler beim Laden des Moduls "
ausgeführt, conduit search, conduit search entfernen, conduit.search, conduit.search entfernen, fehler beim laden des moduls, fehlermeldung, pup.optional.conduit.a, pup.optional.crossrider.a, pup.optional.delta.a, pup.optional.opencandy, pup.optional.trovi.a, super, win32/adware.trymedia.a, win32/adware.yontoo.b, win32/conduit.searchprotect, win32/conduit.searchprotect.k, win32/conduit.searchprotect.n, win32/conduit.searchprotect.p, win32/downloadadmin.d, win32/downloadsponsor.a, win32/toolbar.conduit, win32/toolbar.conduit.ah, überfragt



Ähnliche Themen: "RegSvr32 - Fehler beim Laden des Moduls "


  1. Windows 7: "Fehler beim Laden des Moduls" - RegSvr32
    Log-Analyse und Auswertung - 13.07.2015 (10)
  2. RegSvr32, Fehler beim Laden des Moduls " "
    Log-Analyse und Auswertung - 11.05.2015 (11)
  3. "RegSvr32 Fehler beim Laden des Moduls..." Windows 8
    Log-Analyse und Auswertung - 18.12.2014 (10)
  4. RegSvr32 Fehler beim Laden des Moduls "", nach Virenscan mit Avira
    Log-Analyse und Auswertung - 18.09.2014 (13)
  5. RegSvr32, Fehler beim Laden des Moduls " "
    Plagegeister aller Art und deren Bekämpfung - 17.09.2014 (11)
  6. Win7: RegSvr32 - Fehler beim Laden des Moduls ""
    Log-Analyse und Auswertung - 28.08.2014 (15)
  7. Trojaner entfernt: RegSvr32 Fehler beim Laden des Moduls ""
    Plagegeister aller Art und deren Bekämpfung - 25.08.2014 (11)
  8. RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...)
    Log-Analyse und Auswertung - 21.08.2014 (6)
  9. RegSvr32 Fehler beim Laden des Moduls "".
    Plagegeister aller Art und deren Bekämpfung - 20.08.2014 (9)
  10. RegSvr32 - Fehler beim Laden des Moduls " " ?
    Plagegeister aller Art und deren Bekämpfung - 17.08.2014 (3)
  11. Fehlermeldung bei Systemstart von WINDOWS 7 64-bit: RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 17.08.2014 (10)
  12. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Alles rund um Windows - 12.08.2014 (18)
  13. Regsvr32 "Fehler beim Laden des Moduls" - Win 7
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (13)
  14. RegSvr32 - Fehler beim Laden des Moduls "". (Windows 7 64bit)
    Plagegeister aller Art und deren Bekämpfung - 19.06.2014 (13)
  15. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 16.06.2014 (11)
  16. Fehler beim Laden des Moduls "". RegSvr32
    Log-Analyse und Auswertung - 08.06.2014 (18)
  17. Meldung "regsvr32 - fehler beim laden des moduls"
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (15)

Zum Thema "RegSvr32 - Fehler beim Laden des Moduls " - Hallo, ich bin neu hier und hab nicht wirklich Ahnung von Pc's. Nun habe ich das Problem, dass mir nach dem Hochfahren des PC's folgende Fehlermeldung angezeigt wird: "RegSvr32 - - "RegSvr32 - Fehler beim Laden des Moduls "...
Archiv
Du betrachtest: "RegSvr32 - Fehler beim Laden des Moduls " auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.