Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.08.2014, 15:41   #1
Nordland02
 
Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar - Standard

Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar



Liebes Trojaner-Board-Team,

seit einiger Zeit habe ich das Gefühl, dass mein PC (Windows 7 Home Premium, Service Pack 1, 64 Bit-Betriebssystem) langsam läuft. Es liegt oft eine CPU-Auslastung von 50% und mehr vor.
Zudem erscheint mir die Internetverbindung an diesem Rechner sehr langsam zu sein. Bei einem anderen PC im gleichen Netzwerk erscheint mir die Geschwindigdkeit bzw. das Laden von Internetseiten deutlich schneller zu laufen.

Vielleicht hat es auch nichts damit zu tun, aber Itunes bricht beim Update immer kurz vor Ende der Installation ab. Begründung: Unbekannter Fehler. Bei der empfohlenen manuellen Installation passiert das gleiche.

Heute morgen ist mir dann aufgefallen, dass sich im Internetexplorer die Seiten von Google und Yahoo ("Die Navigation zur Webseite wurde abgebrochen") nicht mehr laden lassen. Im Firefox und in Opera ist dies kein Problem.


Eure Anleitung "Für alle Hilfesuchenden" bin ich durchgegangen. Die Logfiles sind zu lang, um sie direkt in diesen Thread zu posten. (Fehlermeldung beim Erstellen) Daher befinden sie sich im Anhang.

Vielen Dank & viele Grüße

Sonja





FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Neo (administrator) on NEO-VAIO on 27-08-2014 13:22:42
Running from C:\Users\Neo\Downloads\anti spy
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Expert System S.p.A.) C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Bibliographisches Institut GmbH) C:\Program Files (x86)\Duden\Duden-Bibliothek\dudenbib.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-24] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM-x32\...\Run: [SHTtray.exe] => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99624 2009-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1617704 2014-05-21] (Sophos Limited)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191016 2014-05-14] (Geek Software GmbH)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\VESWinlogon-x32: VESWinlogon.dll [X]
HKU\.DEFAULT\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe [332432 2011-07-06] (Expert System S.p.A.)
HKU\S-1-5-21-2692801368-1878214995-1402500385-1000\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\DKTray.exe [332432 2011-07-06] (Expert System S.p.A.)
HKU\S-1-5-21-2692801368-1878214995-1402500385-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured_x64.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-21] (Sophos Limited)
AppInit_DLLs: ,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217160 2014-05-21] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\sophos_detoured.dll => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-21] (Sophos Limited)
AppInit_DLLs-x32: ,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2014-05-21] (Sophos Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Neo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - No Name - {ED0E8CA5-42FB-4B18-997B-769E0408E79D} -  No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
DPF: HKLM-x32 {85C86CCC-2158-4123-9C7D-785190CED875} https://lernboerse.arbeitsagentur.de/exklusiv/ilias/data/balihob/lm_data/httppath/dpLaunchPlugin.cab
DPF: HKLM-x32 {DAF7E6E6-D53A-439A-B28D-12271406B8A9} hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 05 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 06 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 07 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 08 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 09 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 10 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 11 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 12 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 13 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 14 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 15 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 16 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9 17 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 18 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 19 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 31 C:\Windows\SysWOW64\BGLsp.dll [82776] (BullGuard Ltd.)
Winsock: Catalog9 32 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [126760] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 05 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 06 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 07 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 08 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 09 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 10 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 11 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 12 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 13 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 14 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 15 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 16 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Winsock: Catalog9-x64 17 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 18 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 19 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 31 C:\Windows\system32\BGLsp.dll [98648] (BullGuard Ltd.)
Winsock: Catalog9-x64 32 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [173864] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.9 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Neo\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdjvu.dll (Caminova, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: dp Launcher Plugin - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\dplauncher@digitalpublishing.de [2014-01-29]
FF Extension: FireShot - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-08-14]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\adblockpopups@jessehakanen.net.xpi [2011-11-24]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\elemhidehelper@adblockplus.org.xpi [2011-11-24]
FF Extension: Firefox 2 theme for Firefox 4+ - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\ffe_ff2ff4@game-point.net.xpi [2011-11-24]
FF Extension: Ghostery - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]
FF Extension: PlugIn-Checker - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\jid0-c1av474BVPIHcGJfBp3GkhlhAa4@jetpack.xpi [2014-01-29]
FF Extension: Beef Taco (Targeted Advertising Cookie Opt-Out) - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\john@velvetcache.org.xpi [2014-01-03]
FF Extension: UploadScreenshot.com Capture - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\uss-button@uploadscreenshot.com.xpi [2014-06-06]
FF Extension: NoScript - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-11-24]
FF Extension: BetterPrivacy - C:\Users\Neo\AppData\Roaming\Mozilla\Firefox\Profiles\ww9j94z1.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2011-11-24]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE} [2014-05-14]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-05]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2014-07-16]
FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard Spamfilter\Files32\Spamfilter\TbSpamfilter
FF Extension: BullGuard Spamfilter - C:\Program Files\BullGuard Ltd\BullGuard Spamfilter\Files32\Spamfilter\TbSpamfilter [2012-04-17]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (KPI Watchdog reporting and analytics) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\abkbcmodekcnbanhghjmieeghgglojop [2014-03-27]
CHR Extension: (TopicHeads - SEO Browser) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahicambbikodcabkphhbidajdjfhakcm [2014-03-27]
CHR Extension: (Angry Birds) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-03-27]
CHR Extension: (Google Docs) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-28]
CHR Extension: (Google Drive) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-28]
CHR Extension: (Brushed) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfjgbcjfpbbfepcccpaffkjofcmglifg [2014-04-29]
CHR Extension: (News Reader (von Google)) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhhcdlggicnjoobiphdkdgmblbknkjjp [2014-04-29]
CHR Extension: (YouTube) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-28]
CHR Extension: (Twitter for Chrome) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdoinklelehcpndgmcddkkdhibpoglnk [2014-03-16]
CHR Extension: (Google-Suche) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-28]
CHR Extension: (Web page captures from browser) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fomlbefjpamblimccfdomfgpgokdljcg [2014-07-02]
CHR Extension: (The QR Code Generator) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2014-03-27]
CHR Extension: (PracticalSEO) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjemmmpehaenpbhhliiojngekignfmkh [2014-03-27]
CHR Extension: (Google Wallet) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-28]
CHR Extension: (ClicData) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\noonihaagcfbicjbekglpimaebcjefbo [2014-03-27]
CHR Extension: (Instagram for Chrome) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2014-03-16]
CHR Extension: (Google Mail) - C:\Users\Neo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-28]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2014-07-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-03-16] (Adobe Systems) [File not signed]
S3 BgRaSvc; C:\Program Files\BullGuard Ltd\BullGuard Spamfilter\Support\BgRaSvc.exe [161112 2011-06-29] (BullGuard Ltd.)
S4 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard Spamfilter\BsMailProxy\BsMailProxy.dll [261976 2012-04-17] (BullGuard Ltd.)
S4 BsMain; C:\Program Files\BullGuard Ltd\BullGuard Spamfilter\BsMain.dll [269656 2012-05-25] (BullGuard Ltd.)
S4 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard Spamfilter\BullGuardUpdate.exe [409944 2012-05-25] (BullGuard Ltd.)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1529856 2011-03-04] (Cisco Systems, Inc.)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [2650112 2010-05-28] (DATA BECKER GmbH & Co KG) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S4 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-06-26] (Sonic Solutions)
S4 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-06-26] (Sonic Solutions)
S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-07-24] (Realtek Semiconductor)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-21] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [205096 2014-05-21] (Sophos Limited)
S3 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-07-27] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-07-27] (Sony Corporation)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [341800 2014-05-21] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [355624 2014-05-21] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3174696 2014-05-21] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2065704 2014-05-21] (Sophos Limited)
S3 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-07-23] (Sony Corporation) [File not signed]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642920 2009-07-22] (Sony Corporation)
S3 Vcsw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-07-23] (Sony Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
S3 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-07-23] (Sony Corporation) [File not signed]
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec) [File not signed]
S3 AVerAF15DMBTH64; C:\Windows\System32\Drivers\AVerAF15DMBTH64.sys [592256 2009-07-27] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7345632 2009-08-05] (Intel Corporation) [File not signed]
S3 IntcHdmiAddService; C:\Windows\System32\drivers\IntcHdmi.sys [139264 2009-08-05] (Intel(R) Corporation) [File not signed]
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-04-30] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-04-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-04-30] (Kaspersky Lab ZAO)
S3 pelmouse; C:\Windows\System32\DRIVERS\pelmouse.sys [35840 2006-12-20] (Primax Electronics Ltd.)
S3 pelusblf; C:\Windows\System32\DRIVERS\pelusblf.sys [46080 2006-12-20] (Primax Electronics Ltd.)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R2 risdptsk; C:\Windows\system32\DRIVERS\risdsn64.sys [76288 2009-07-31] (REDC)
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [158976 2014-05-21] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2014-05-21] (Sophos Limited)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2010-05-22] (Sony Ericsson Mobile Communications)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2014-05-21] (Sophos Limited)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450968 2014-05-30] (Check Point Software Technologies Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-27 13:22 - 2014-08-27 13:22 - 00000000 ____D () C:\FRST
2014-08-27 13:21 - 2014-08-27 13:21 - 00015993 _____ () C:\Users\Neo\Downloads\default (2).htm
2014-08-27 13:20 - 2014-08-27 13:20 - 00000000 _____ () C:\Users\Neo\defogger_reenable
2014-08-27 13:18 - 2014-08-27 13:22 - 00000000 ____D () C:\Users\Neo\Downloads\anti spy
2014-08-27 13:16 - 2014-08-27 13:16 - 00014854 _____ () C:\Users\Neo\Downloads\default (1).htm
2014-08-27 13:07 - 2014-08-27 13:07 - 00015994 _____ () C:\Users\Neo\Downloads\default.htm
2014-08-27 13:01 - 2014-08-27 13:01 - 00000000 __SHD () C:\Users\Neo\AppData\Local\EmieUserList
2014-08-27 13:01 - 2014-08-27 13:01 - 00000000 __SHD () C:\Users\Neo\AppData\Local\EmieSiteList
2014-08-27 12:19 - 2014-04-30 11:01 - 00490592 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-08-27 12:19 - 2014-04-30 11:01 - 00092768 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-08-27 12:19 - 2014-04-30 11:00 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-08-27 12:11 - 2014-08-27 12:11 - 00002170 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-08-27 12:11 - 2014-08-27 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-27 12:11 - 2014-08-27 12:11 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-27 12:11 - 2014-08-27 12:11 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-08-25 16:40 - 2014-08-25 16:40 - 00000973 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMWi Businessplan.lnk
2014-08-25 16:40 - 2014-08-25 16:40 - 00000961 _____ () C:\Users\Public\Desktop\BMWi Businessplan.lnk
2014-08-25 16:40 - 2014-08-25 16:40 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\de.bmwi.businessplan
2014-08-25 16:40 - 2014-08-25 16:40 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-25 16:40 - 2014-08-25 16:40 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-25 16:40 - 2014-08-25 16:40 - 00000000 ____D () C:\Program Files (x86)\BMWi Businessplan
2014-08-21 12:58 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 12:58 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 12:58 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 12:58 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 12:58 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 12:58 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 12:58 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 12:58 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 12:58 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 12:58 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 12:57 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 12:57 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 12:57 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 12:57 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-20 15:14 - 2014-08-20 15:14 - 00148177 _____ () C:\Users\Neo\Downloads\FRITZ.Box Fon WLAN 7320 (UI) 100.05.20_01.01.70_0104.export
2014-08-20 09:30 - 2014-08-20 09:30 - 00000634 _____ () C:\Users\Neo\Desktop\lohmannh@lohmann-history-consulting.de.duck
2014-08-19 16:11 - 2014-08-19 16:11 - 00117709 _____ () C:\Users\Neo\Downloads\design1.t3d
2014-08-19 15:04 - 2014-08-19 15:04 - 02947636 _____ () C:\Users\Neo\Downloads\sunflower_typo3template.zip
2014-08-19 10:30 - 2014-08-19 10:30 - 00288351 _____ () C:\Users\Neo\Documents\bookmarks_19.08.14.html
2014-08-14 23:58 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 23:58 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 23:58 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 23:58 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 23:58 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 23:58 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 23:57 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 23:57 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 10:08 - 2014-08-14 10:08 - 01058200 _____ (Adobe) C:\Users\Neo\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-14 09:40 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 09:40 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 09:40 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 09:40 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 09:40 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 09:40 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 09:40 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 09:40 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 09:40 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 09:40 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 09:40 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 09:40 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 09:40 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 09:40 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 09:40 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 09:40 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 09:40 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 09:40 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 09:40 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 09:40 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 09:40 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 09:40 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 09:40 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 09:40 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 09:40 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 09:40 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 09:40 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 09:40 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 09:40 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 09:40 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 09:40 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 09:40 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 09:40 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 09:40 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 09:40 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 09:40 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 09:40 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 09:40 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 09:40 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 09:40 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 09:40 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 09:40 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 09:40 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 09:40 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 09:40 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 09:40 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 09:40 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 09:40 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 09:40 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 09:40 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 09:40 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 09:40 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 09:40 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 09:40 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 09:40 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 09:40 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 09:40 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 09:40 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 09:40 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 09:40 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 09:40 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 09:40 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 09:40 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 09:40 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 09:40 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 09:40 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 09:40 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 09:40 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 09:40 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-14 09:40 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-14 09:38 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 09:38 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 09:38 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 09:38 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 14:28 - 2014-08-13 14:28 - 00000000 ____D () C:\Users\Neo\Desktop\bookmarks
2014-08-13 14:20 - 2014-08-19 15:10 - 00000000 __SHD () C:\Users\Neo\wc
2014-08-13 14:19 - 2014-08-13 14:22 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Cyberduck
2014-08-13 14:19 - 2014-08-13 14:19 - 00000000 __SHD () C:\Users\Neo\AppData\Roaming\wyUpdate AU
2014-08-13 14:17 - 2014-08-13 14:17 - 00001023 _____ () C:\Users\Public\Desktop\Cyberduck.lnk
2014-08-13 14:17 - 2014-08-13 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberduck
2014-08-13 14:15 - 2014-08-13 14:17 - 00000000 ____D () C:\Program Files (x86)\Cyberduck
2014-08-13 14:14 - 2014-08-13 14:15 - 16547632 _____ () C:\Users\Neo\Downloads\Cyberduck-Installer-4.5.1.exe
2014-08-13 11:40 - 2014-08-27 12:13 - 00000000 ____D () C:\Users\Neo\Desktop\G!
2014-08-12 10:09 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-08-12 10:09 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-08-12 10:09 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-08-12 10:09 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-08-12 10:09 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-08-12 10:09 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-12 10:09 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-08-12 10:09 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-08-12 10:09 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-08-12 10:09 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-08-12 10:09 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-08-12 10:09 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-08-12 10:09 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-08-12 10:09 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-08-12 10:09 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-08-12 10:09 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-08-12 10:08 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-08-12 10:08 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-08-11 11:24 - 2014-08-11 11:24 - 00009139 _____ () C:\Users\Neo\Documents\Ausgaben_Rheinbahn_Stempeltickets.xlsx
2014-07-31 20:18 - 2014-07-31 20:18 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-31 20:18 - 2014-07-31 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-31 20:17 - 2014-07-31 20:18 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-31 20:17 - 2014-07-31 20:18 - 00000000 ____D () C:\Program Files\iTunes
2014-07-31 20:17 - 2014-07-31 20:18 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-27 13:22 - 2014-08-27 13:22 - 00000000 ____D () C:\FRST
2014-08-27 13:22 - 2014-08-27 13:18 - 00000000 ____D () C:\Users\Neo\Downloads\anti spy
2014-08-27 13:21 - 2014-08-27 13:21 - 00015993 _____ () C:\Users\Neo\Downloads\default (2).htm
2014-08-27 13:20 - 2014-08-27 13:20 - 00000000 _____ () C:\Users\Neo\defogger_reenable
2014-08-27 13:20 - 2009-11-11 15:00 - 00000000 ____D () C:\Users\Neo
2014-08-27 13:18 - 2010-05-10 19:48 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-27 13:16 - 2014-08-27 13:16 - 00014854 _____ () C:\Users\Neo\Downloads\default (1).htm
2014-08-27 13:14 - 2009-12-17 02:10 - 00000000 ____D () C:\Users\Neo\Documents\!Wichtiges
2014-08-27 13:07 - 2014-08-27 13:07 - 00015994 _____ () C:\Users\Neo\Downloads\default.htm
2014-08-27 13:01 - 2014-08-27 13:01 - 00000000 __SHD () C:\Users\Neo\AppData\Local\EmieUserList
2014-08-27 13:01 - 2014-08-27 13:01 - 00000000 __SHD () C:\Users\Neo\AppData\Local\EmieSiteList
2014-08-27 12:51 - 2012-04-11 22:09 - 01667398 ____N () C:\Windows\WindowsUpdate.log
2014-08-27 12:37 - 2012-04-17 09:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-27 12:18 - 2010-05-10 19:48 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-27 12:13 - 2014-08-13 11:40 - 00000000 ____D () C:\Users\Neo\Desktop\G!
2014-08-27 12:13 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-27 12:13 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-27 12:11 - 2014-08-27 12:11 - 00002170 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-08-27 12:11 - 2014-08-27 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-27 12:11 - 2014-08-27 12:11 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-27 12:11 - 2014-08-27 12:11 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-08-27 12:11 - 2012-04-17 09:44 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-27 12:11 - 2012-04-17 09:44 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-27 12:11 - 2011-05-25 23:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-27 12:05 - 2014-05-28 09:38 - 00250648 _____ () C:\Users\Neo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-27 12:05 - 2014-05-28 09:37 - 00762112 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 12:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-27 09:29 - 2009-09-07 06:48 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-26 16:20 - 2012-01-06 15:52 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Ahnenblatt
2014-08-26 14:39 - 2009-11-11 15:03 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B3C80F3B-4214-40A1-A232-ACF4511EC442}
2014-08-26 11:22 - 2013-12-25 20:37 - 00000000 _____ () C:\Windows\system32\vireng.log
2014-08-25 18:28 - 2014-05-12 18:50 - 00000000 ____D () C:\Users\Neo\AppData\Local\F7549912-3EB1-475E-A125-2BAE861C18F7.aplzod
2014-08-25 16:40 - 2014-08-25 16:40 - 00000973 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMWi Businessplan.lnk
2014-08-25 16:40 - 2014-08-25 16:40 - 00000961 _____ () C:\Users\Public\Desktop\BMWi Businessplan.lnk
2014-08-25 16:40 - 2014-08-25 16:40 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\de.bmwi.businessplan
2014-08-25 16:40 - 2014-08-25 16:40 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-25 16:40 - 2014-08-25 16:40 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-25 16:40 - 2014-08-25 16:40 - 00000000 ____D () C:\Program Files (x86)\BMWi Businessplan
2014-08-25 16:40 - 2010-10-09 15:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-25 16:40 - 2009-09-07 06:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-25 16:38 - 2009-11-11 15:23 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Adobe
2014-08-25 14:11 - 2012-06-10 19:40 - 00000000 ____D () C:\Users\Neo\Documents\Freizeit
2014-08-20 15:14 - 2014-08-20 15:14 - 00148177 _____ () C:\Users\Neo\Downloads\FRITZ.Box Fon WLAN 7320 (UI) 100.05.20_01.01.70_0104.export
2014-08-20 09:30 - 2014-08-20 09:30 - 00000634 _____ () C:\Users\Neo\Desktop\lohmannh@lohmann-history-consulting.de.duck
2014-08-19 16:11 - 2014-08-19 16:11 - 00117709 _____ () C:\Users\Neo\Downloads\design1.t3d
2014-08-19 15:10 - 2014-08-13 14:20 - 00000000 __SHD () C:\Users\Neo\wc
2014-08-19 15:04 - 2014-08-19 15:04 - 02947636 _____ () C:\Users\Neo\Downloads\sunflower_typo3template.zip
2014-08-19 10:33 - 2014-03-12 11:15 - 00000000 ____D () C:\Users\Neo\Documents\!Blog
2014-08-19 10:30 - 2014-08-19 10:30 - 00288351 _____ () C:\Users\Neo\Documents\bookmarks_19.08.14.html
2014-08-19 09:18 - 2009-07-14 19:58 - 00703192 _____ () C:\Windows\system32\perfh007.dat
2014-08-19 09:18 - 2009-07-14 19:58 - 00150800 _____ () C:\Windows\system32\perfc007.dat
2014-08-19 09:18 - 2009-07-14 07:13 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-15 13:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-15 09:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 00:19 - 2013-08-18 19:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 00:04 - 2009-11-13 12:51 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 23:57 - 2014-05-06 22:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 20:25 - 2014-01-28 18:09 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-14 10:08 - 2014-08-14 10:08 - 01058200 _____ (Adobe) C:\Users\Neo\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-13 14:28 - 2014-08-13 14:28 - 00000000 ____D () C:\Users\Neo\Desktop\bookmarks
2014-08-13 14:22 - 2014-08-13 14:19 - 00000000 ____D () C:\Users\Neo\AppData\Roaming\Cyberduck
2014-08-13 14:19 - 2014-08-13 14:19 - 00000000 __SHD () C:\Users\Neo\AppData\Roaming\wyUpdate AU
2014-08-13 14:17 - 2014-08-13 14:17 - 00001023 _____ () C:\Users\Public\Desktop\Cyberduck.lnk
2014-08-13 14:17 - 2014-08-13 14:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyberduck
2014-08-13 14:17 - 2014-08-13 14:15 - 00000000 ____D () C:\Program Files (x86)\Cyberduck
2014-08-13 14:15 - 2014-08-13 14:14 - 16547632 _____ () C:\Users\Neo\Downloads\Cyberduck-Installer-4.5.1.exe
2014-08-11 11:24 - 2014-08-11 11:24 - 00009139 _____ () C:\Users\Neo\Documents\Ausgaben_Rheinbahn_Stempeltickets.xlsx
2014-08-07 04:06 - 2014-08-14 09:38 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 09:38 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 09:20 - 2009-11-11 16:02 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-02 07:47 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-01 13:32 - 2013-03-16 16:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-01 13:32 - 2013-03-16 16:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-01 01:41 - 2014-08-14 09:40 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 09:40 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 21:40 - 2013-03-16 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-31 20:18 - 2014-07-31 20:18 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-31 20:18 - 2014-07-31 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-31 20:18 - 2014-07-31 20:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-31 20:18 - 2014-07-31 20:17 - 00000000 ____D () C:\Program Files\iTunes
2014-07-31 20:18 - 2014-07-31 20:17 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-31 20:17 - 2014-07-31 20:17 - 00000000 ____D () C:\Program Files\iPod

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-20 19:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Geändert von Nordland02 (27.08.2014 um 15:53 Uhr)

Alt 27.08.2014, 15:45   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar - Standard

Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 27.08.2014, 15:56   #3
Nordland02
 
Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar - Standard

Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar



Liebes Team,

das FRST Logfile habe ich nun oben in CODE-Tags gepostet. Es folgen hier nun die weiteren. Bei der Benutzung von deffoger kam nur folgendes heraus:

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:20 on 27/08/2014 (Neo)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Gruß Sonja

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by Neo at 2014-08-27 13:25:20
Running from C:\Users\Neo\Downloads\anti spy
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AV: ZoneAlarm Free Firewall Antivirus (Disabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Free Firewall Anti-Spyware (Disabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Ad-Aware Antivirus (HKLM\...\{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater) (Version: 11.2.5952.0 - Lavasoft)
AdAwareUpdater (Version: 11.2.5952.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.7.609 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Ahnenblatt 2.70 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.70.0.0 - Dirk Boettcher)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
AMP WinOFF (HKLM-x32\...\AMP WinOFF) (Version:  - )
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.390 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{A4BC24CB-F8C7-27FB-41D5-47A405031A41}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1999256782.48.56.36383578 - Audible, Inc.)
Blobby Volley 2 Version 1.0RC1 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC1_is1) (Version:  - )
BMWi Businessplan (HKLM-x32\...\de.bmwi.businessplan) (Version: 1.4.0 - Bundesministerium für Wirtschaft und Energie)
BMWi Businessplan (x32 Version: 1.4.0 - Bundesministerium für Wirtschaft und Energie) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BullGuard Spamfilter (HKLM\...\BullGuard) (Version: 10 - BullGuard Ltd.)
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.2 - Activision)
Call of Duty(R) 2 (x32 Version: 1.2 - Activision) Hidden
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0710.1127.18698 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0710.1127.18698 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help English (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help French (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help German (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0720.2144.37243 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0710.1127.18698 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0710.1127.18698 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
Click to Disc (HKLM-x32\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.73.04270 - Sony Corporation)
Click to Disc (x32 Version: 1.2.73.04270 - Sony Corporation) Hidden
Click to Disc Editor (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.03.04150 - Sony Corporation)
Click to Disc Editor (x32 Version: 2.0.02 - Sony Corporation) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{33017152-D6EA-46DD-93E0-7D2679CCBB51}) (Version: 8.8.0.285 - Corel Inc.)
Cyberduck 4.5.1 (14915) (HKLM-x32\...\Cyberduck) (Version: 4.5.1 (14915) - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4017 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.4017 - CyberLink Corp.) Hidden
DATA BECKER BewerbungsGenie 7 (HKLM-x32\...\BewerbungsGenie 7_is1) (Version: 6.0.10.49 - DATA BECKER GmbH & Co. KG)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
Document Express DjVu Plug-in (HKLM-x32\...\{4D8E1ADE-CEA6-4A35-8D73-963F16C40FD3}) (Version: 6.1.27549 - Caminova, Inc.)
Duden Bewerbungstrainer (HKLM-x32\...\Duden Bewerbungstrainer) (Version:  - )
Duden-Rechtschreibprüfung PLUS (HKLM-x32\...\{45C5C113-AD43-414B-867D-7C0AF54276CB}) (Version: 8.01 - Bibliographisches Institut GmbH)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 6.1.0.42598 - Electronic Arts, Inc.)
Einstellungen für VAIO-Inhaltsüberwachung (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.4.0.06120 - Sony Corporation)
ELECOM Mouse Driver (HKLM\...\MouseSuite98) (Version:  - )
Enigma (HKLM-x32\...\Enigma) (Version: 1.01 - Enigma Devel)
Family Tree Maker World Express (HKLM-x32\...\Family Tree Maker World Express) (Version: 21.1.865 - Ancestry.com, Inc.)
Family Tree Maker World Express (x32 Version: 21.1.865 - Ancestry.com, Inc.) Hidden
ffdshow [rev 2946] [2009-05-15] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.0.0.0 - Electronic Arts)
Finale NotePad 2008 (HKLM-x32\...\Finale NotePad 2008) (Version: 13.0.0.0 - MakeMusic)
Free YouTube to iPhone Converter version 2.12.41.623 (HKLM-x32\...\Free YouTube to iPhone Converter_is1) (Version: 2.12.41.623 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
FreeOCR v4.2 (HKLM-x32\...\freeocr_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPS Master 2.0.13 (HKLM-x32\...\GPS Master_is1) (Version: 1.0 - GPS Master)
gretl version 1.8.7 (HKLM-x32\...\gretl_is1) (Version: 1.8.7 - The gretl team)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet-TV für Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 x64 English (HKLM\...\{F83779DF-E1F5-43A2-A7BE-732F856FADB7}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd)
Moorhuhn Remake (HKLM-x32\...\{52210D57-0B1F-4681-90DD-8659DF4BCC40}) (Version: 1.00.0000 - )
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Transfer (HKLM-x32\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.3.01.13160 - Sony Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 0.16 - MusicBrainz)
MusicStation (HKLM-x32\...\{51CFD8DC-5C66-42ec-9598-72E28FD62ED5}) (Version: 1.2.2.180 - Omnifone)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Control Center 10 (x32 Version: 10.0.13100.3.1 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.15100.0.1 - Nero AG) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF24 Creator 6.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
PrintFit Visitenkarten-Druckerei (HKLM-x32\...\Visitenkarten-Druckerei_is1) (Version:  - )
Protect Disc License Helper 1.0.125 (IE) (HKCU\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5897 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Central Audio (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Copy (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Core (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Data (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Central Tools (x32 Version: 3.8.0 - Roxio) Hidden
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio Easy Media Creator Home (x32 Version: 10.3.121 - Roxio) Hidden
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Security Task Manager 1.8c (HKLM-x32\...\Security Task Manager) (Version: 1.8c - Neuber Software)
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.0.0.07300 - Sony Corporation)
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.00.0000 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.00.0000 - Firaxis Games) Hidden
Sid Meier's Civilization 4 Complete (HKLM-x32\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartTools Publishing · Word Falz und Lochmarken-Assistent (HKCU\...\SmartTools Publishing · Word Falz und Lochmarken-Assistent) (Version: v3.50 - SmartTools Publishing)
Sony Home Network Library (HKLM-x32\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 2.0.0.07280 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.0.0.07280 - Sony Corporation) Hidden
Sony Picture Utility (HKLM-x32\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 4.2.12.16210 - Sony Corporation)
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.7 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{D924231F-D02D-4E0B-B511-CC4A0E3ED547}) (Version: 3.1.1.18 - Sophos Limited)
SRWare Iron Version SRWare Iron 26.0.1450.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 26.0.1450.0 - SRWare)
Steuersparer 2014 (HKLM-x32\...\{485DBEA2-58E9-4136-9E6C-6C3022B02349}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer-Spar-Erklärung 2012 (HKLM-x32\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.02 - Wolters Kluwer Deutschland GmbH)
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.0.7572  - TeamViewer GmbH)
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
Tsunami-Filter-Pack (HKLM-x32\...\{DCFF9230-22DC-40ED-BBCC-0F260B85734C}) (Version: 3.8.8 - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unterstützung für VAIO-Präsentation (HKLM-x32\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 2.0.0.05270 - Sony Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{0A5F02E5-1A52-4F85-892C-A35227641C75}) (Version: 3.5.0.06261 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.5.0.06261 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Network Service Manager (HKLM-x32\...\{3B1168DE-1F8C-471C-AC49-0CA52F096170}) (Version: 3.5.0.06260 - Sony Corporation)
VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.5.0.06260 - Sony Corporation) Hidden
VAIO Content Metadata Manager Settings (HKLM-x32\...\{7395DD51-0D1A-47A7-9993-742073ECF4CE}) (Version: 3.5.0.06260 - Sony Corporation)
VAIO Content Metadata Manager Settings (x32 Version: 3.5.0.06260 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM-x32\...\{949419DF-F4AF-4693-B60A-522B24F233C6}) (Version: 3.5.0.06180 - Sony Corporation)
VAIO Content Metadata XML Interface Library (x32 Version: 3.5.0.06180 - Sony Corporation) Hidden
VAIO Content Monitoring Settings (x32 Version: 2.4.0.06120 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.0.0.06120 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.1.01.06290 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Energie Verwaltung (HKLM-x32\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 4.0.0.07160 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.5.0.07230 - Sony Corporation)
VAIO Entertainment Platform (x32 Version: 3.5.0.07230 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.0.0.07010 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.1.09131 - Sony Corporation)
VAIO Marketing Tools (HKLM-x32\...\MarketingTools) (Version:  - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.0.07280 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 1.2.0.09100 - Sony Corporation)
VAIO Movie Story (HKLM-x32\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO Movie Story (x32 Version: 1.5.00.06191 - Sony Corporation) Hidden
VAIO Movie Story 1.5 Upgrade (x32 Version: 1.5.01.05120 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM-x32\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO NW screensaver (HKLM-x32\...\VAIO NW screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden
VAIO Original Funktion Einstellungen (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 2.0.0.07010 - Sony Corporation)
VAIO Premium Partners 1.00 (HKLM-x32\...\VAIO Premium Partners 1.00) (Version:  - )
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.1.2.4 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.1.2.4 - Sony Corporation) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.5.1.09220 - Sony Corporation)
VAIO Update Merge Module x64 (Version: 5.5.19220 - Sony Corporation) Hidden
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.2.06030 - Sony Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual C++ 8.0 ATL (x86) WinSXS MSM (x32 Version: 8.0.50727.762 - Microsoft Corporation) Hidden
Visual C++ 8.0 CRT (x86) WinSXS MSM (x32 Version: 8.0.50727.762 - Microsoft Corporation) Hidden
VLC media player 1.1.9 (HKLM-x32\...\VLC media player) (Version: 1.1.9 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9600 - Broadcom Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/11/2009 2.0.0010.00002) (HKLM\...\B81055EA372C9E3EA5000B4BD9585D992D51F1DE) (Version: 08/11/2009 2.0.0010.00002 - Google, Inc.)
Windows-Treiberpaket - Sunplus (SPCP825K) Ports  (07/01/2010 1.0.9.0) (HKLM\...\20986CDBFBCA238AA12329A115B1CC9D88E9C06C) (Version: 07/01/2010 1.0.9.0 - Sunplus)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
ZoneAlarm Antivirus (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.2.015.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2692801368-1878214995-1402500385-1000_Classes\CLSID\{69BFF520-330C-7978-A257-A6D3800259BF}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)

==================== Restore Points  =========================

12-08-2014 08:08:16 Windows Update
14-08-2014 21:56:25 Windows Update
19-08-2014 07:17:08 Windows Update
19-08-2014 07:47:52 Windows Modules Installer
21-08-2014 10:56:50 Windows Update
25-08-2014 10:30:23 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-17 00:21 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {009BF0E2-73FB-4FDE-9F02-2270496B8BE5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-20] (Google Inc.)
Task: {1078DE61-17C4-48F7-A9BB-568ECCC16DFB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {306E18EF-C75D-41EA-A6D9-D62373839AA8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {424133D9-D1B9-47F7-97BD-B236F6F2C789} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-10-25] (Sony Corporation)
Task: {476DF3BC-3D98-4646-9A75-5142FAA1F73B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {A8B00D7A-C2E2-4084-9216-A261F0FB30FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-20] (Google Inc.)
Task: {B5161A59-FA8C-4FDB-9298-ED0B4F613718} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-10-25] (Sony Corporation)
Task: {CDAAEA12-F7CB-449D-A6B2-6CABAC48B58D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D9352557-B626-45AA-8B3E-3E5861C58AE8} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-10-12 01:50 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-12-27 21:42 - 2013-01-28 04:49 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2011-07-01 11:37 - 2011-07-01 11:37 - 00116736 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\MBControls.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 13:49 - 2011-03-04 13:49 - 00202752 _____ () C:\Program Files\Cisco Systems\VPN Client\vpnapi.dll
2009-09-07 06:58 - 2009-07-01 11:49 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2009-09-07 06:58 - 2009-07-01 11:49 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2011-07-01 11:37 - 2011-07-01 11:37 - 00471696 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\adxloader.dll
2011-07-01 11:38 - 2011-07-01 11:38 - 00786432 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.Access.dll
2011-07-01 11:38 - 2011-07-01 11:38 - 00950272 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.Excel.dll
2011-07-01 11:38 - 2011-07-01 11:38 - 00065536 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.FrontPage.dll
2011-07-01 11:37 - 2011-07-01 11:37 - 00286720 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.Outlook.dll
2011-07-01 11:37 - 2011-07-01 11:37 - 00204800 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.PowerPoint.dll
2011-07-01 11:37 - 2011-07-01 11:37 - 00495616 _____ () C:\Program Files (x86)\Duden\Duden-Rechtschreibprüfung\Interop.Word.dll
2014-08-14 20:25 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-14 20:25 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-14 20:25 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-14 20:25 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-14 20:25 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: BsMailProxy => 2
MSCONFIG\Services: BsMain => 2
MSCONFIG\Services: BsUpdate => 2
MSCONFIG\Services: Fax => 2
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IviRegMgr => 2
MSCONFIG\Services: KtmRm => 3
MSCONFIG\Services: Lavasoft Ad-Aware Service => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: RemoteRegistry => 3
MSCONFIG\Services: Roxio UPnP Renderer 10 => 3
MSCONFIG\Services: Roxio Upnp Server 10 => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: RtkAudioService => 2
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TeamViewer5 => 2
MSCONFIG\Services: WerSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^phase-6 Reminder.lnk => C:\Windows\pss\phase-6 Reminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Philips SA19xx Gere-Manager.lnk => C:\Windows\pss\Philips SA19xx Gere-Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk => C:\Windows\pss\vpngui.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Apoint => %programFiles%\Apoint\Apoint.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: BlackBerryAutoUpdate => C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
MSCONFIG\startupreg: BullGuard => "C:\Program Files\BullGuard Ltd\BullGuard Spamfilter\bullguard.exe" -boot
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Update => "C:\Users\Neo\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: MarketingTools => C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
MSCONFIG\startupreg: Mouse Suite 98 Daemon => ICO.EXE
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: Sophos AutoUpdate Monitor => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Windows Mobile-based device management => %WINDIR%\WindowsMobile\wmdcBase.exe

==================== Faulty Device Manager Devices =============

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/27/2014 09:28:45 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/27/2014 09:28:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/27/2014 09:28:44 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/26/2014 03:52:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: msieftp.dll, Version: 6.1.7601.18300, Zeitstempel: 0x5270700a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018c00
ID des fehlerhaften Prozesses: 0x5cc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/25/2014 00:29:26 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (08/20/2014 07:51:17 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (08/17/2014 07:00:05 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (08/15/2014 07:56:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 12.0.6691.5000, Zeitstempel: 0x52e8c57c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x11f4
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3

Error: (08/15/2014 01:03:09 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (08/14/2014 10:32:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1108


System errors:
=============
Error: (08/27/2014 00:07:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (08/27/2014 00:05:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ASPI32

Error: (08/27/2014 00:05:32 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (08/27/2014 00:04:30 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (08/27/2014 00:04:30 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (08/27/2014 00:04:12 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\ASPI32.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (08/27/2014 09:01:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (08/27/2014 08:59:52 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ASPI32

Error: (08/27/2014 08:59:42 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (08/27/2014 08:59:00 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active


Microsoft Office Sessions:
=========================
Error: (08/15/2014 07:56:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 35810 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (08/12/2014 10:46:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/26/2014 08:10:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 29258 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (04/02/2014 06:06:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4346 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (11/09/2013 04:17:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1115 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (05/03/2012 01:29:29 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30362 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/19/2012 10:41:54 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 83807 seconds with 1560 seconds of active time.  This session ended with a crash.

Error: (04/17/2012 04:26:29 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11696 seconds with 1320 seconds of active time.  This session ended with a crash.

Error: (03/17/2012 00:07:04 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3234 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/16/2012 08:20:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3323 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-07-17 00:14:45.312
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-07-17 00:14:45.094
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-21 20:30:46.440
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-21 20:29:52.143
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-21 20:29:51.940
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-21 20:29:51.731
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-21 20:29:51.527
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\gpapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-05 16:57:44.317
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-05 16:57:44.115
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-02-21 19:40:21.562
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU P7450 @ 2.13GHz
Percentage of memory in use: 55%
Total physical RAM: 4063.03 MB
Available physical RAM: 1810.08 MB
Total Pagefile: 8124.23 MB
Available Pagefile: 5326.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:456.11 GB) (Free:266.99 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 35EE29C6)
Partition 1: (Not Active) - (Size=9.6 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---


GMER Logfile:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-27 15:10:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1 465,76GB
Running: 4n61qhx6.exe; Driver: C:\Users\Neo\AppData\Local\Temp\pwldqpow.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                            fffff80002a0a000 45 bytes [00, 00, 15, 02, 46, 69, 6C, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                            fffff80002a0a02f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\Windows\Explorer.EXE[1496] C:\Windows\system32\kernel32.dll!CopyFileExW                                                                    0000000076b91890 5 bytes JMP 000000016fff00d8
.text     C:\Windows\Explorer.EXE[1496] C:\Windows\system32\kernel32.dll!MoveFileWithProgressW                                                          0000000076c0f490 8 bytes JMP 000000016fff0110
.text     C:\Windows\Explorer.EXE[1496] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                  000007fefd077490 11 bytes JMP 000007fffd0400d8
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                    0000000076f51465 2 bytes [F5, 76]
.text     C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe[2520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                   0000000076f514bb 2 bytes [F5, 76]
.text     ...                                                                                                                                           * 2
.text     C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe[2092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69            0000000076f51465 2 bytes [F5, 76]
.text     C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe[2092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155           0000000076f514bb 2 bytes [F5, 76]
.text     ...                                                                                                                                           * 2
.text     C:\ProgramData\MobileBrServ\mbbservice.exe[3128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                      0000000076f51465 2 bytes [F5, 76]
.text     C:\ProgramData\MobileBrServ\mbbservice.exe[3128] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                     0000000076f514bb 2 bytes [F5, 76]
.text     ...                                                                                                                                           * 2
.text     C:\Program Files (x86)\PDF Architect\ConversionService.exe[3396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                      0000000076f51465 2 bytes [F5, 76]
.text     C:\Program Files (x86)\PDF Architect\ConversionService.exe[3396] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                     0000000076f514bb 2 bytes [F5, 76]
.text     ...                                                                                                                                           * 2
.text     C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000076f51465 2 bytes [F5, 76]
.text     C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe[3424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000076f514bb 2 bytes [F5, 76]
.text     ...                                                                                                                                           * 2
.text     C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe[5468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69           0000000076f51465 2 bytes [F5, 76]
.text     C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe[5468] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155          0000000076f514bb 2 bytes [F5, 76]
.text     ...                                                                                                                                           * 2
.text     C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe[6656] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69             0000000076f51465 2 bytes [F5, 76]
.text     C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe[6656] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155            0000000076f514bb 2 bytes [F5, 76]
.text     ...                                                                                                                                           * 2
.text     C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[6892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                           0000000076f51465 2 bytes [F5, 76]
.text     C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[6892] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                          0000000076f514bb 2 bytes [F5, 76]
.text     ...                                                                                                                                           * 2
.text     C:\Users\Neo\Downloads\anti spy\4n61qhx6.exe[7276] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                    0000000076f51465 2 bytes [F5, 76]
.text     C:\Users\Neo\Downloads\anti spy\4n61qhx6.exe[7276] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                   0000000076f514bb 2 bytes [F5, 76]
.text     ...                                                                                                                                           * 2

---- Registry - GMER 2.1 ----

Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0024337512d1                                                                   
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\002433d3db9f                                                                   
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264374259d                                                                   
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264374259d@001a756471e8                                                      0x8B 0x8E 0xA0 0xA9 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264374259d@00234532d966                                                      0x29 0x2B 0x1B 0x14 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264374259d@000f86d05c82                                                      0xCA 0xF6 0x9E 0xED ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264374259d@34159e671a91                                                      0x65 0x85 0x04 0x8D ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264374259d@bcc6db75e97c                                                      0xCB 0x51 0xBE 0xA2 ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264374259d@205476073bb0                                                      0x91 0xE6 0x98 0x5A ...
Reg       HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00264374259d@0c37dce6c138                                                      0x12 0xBD 0x94 0xBC ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0024337512d1 (not active ControlSet)                                               
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\002433d3db9f (not active ControlSet)                                               
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264374259d (not active ControlSet)                                               
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264374259d@001a756471e8                                                          0x8B 0x8E 0xA0 0xA9 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264374259d@00234532d966                                                          0x29 0x2B 0x1B 0x14 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264374259d@000f86d05c82                                                          0xCA 0xF6 0x9E 0xED ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264374259d@34159e671a91                                                          0x65 0x85 0x04 0x8D ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264374259d@bcc6db75e97c                                                          0xCB 0x51 0xBE 0xA2 ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264374259d@205476073bb0                                                          0x91 0xE6 0x98 0x5A ...
Reg       HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00264374259d@0c37dce6c138                                                          0x12 0xBD 0x94 0xBC ...

---- EOF - GMER 2.1 ----
         
--- --- ---
__________________

Alt 27.08.2014, 16:50   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar - Standard

Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar



Gerblich genutztes System? Wenn nicht, wo kommt dann der Enterprise Office 2007 her?

Zitat:
AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AV: ZoneAlarm Free Firewall Antivirus (Disabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
Mal davon abgesehen, dass ich Sophos AV noch nie auf ner reinen Privatkiste bisher gesehen habe: man nutzt niemals zwei AVPs, also niemals Sophos, ZoneAlarm AV, Avira, Avast oder oder oder parallel. Immer nur eins.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 27.08.2014, 17:14   #5
Nordland02
 
Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar - Standard

Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar



Zitat:
Zitat von cosinus Beitrag anzeigen
Gerblich genutztes System? Wenn nicht, wo kommt dann der Enterprise Office 2007 her?
Das Office habe ich über die Uni bekommen. Man konnte es als Student damals zu einem günstigeren Preis über das Rechenzentrum erwerben.

Zitat:
Zitat von cosinus Beitrag anzeigen
Mal davon abgesehen, dass ich Sophos AV noch nie auf ner reinen Privatkiste bisher gesehen habe.
Virenschutz ist Pflicht im Netz der Universität.Das gilt auch für Sophos. Es ist sogar Pflicht eines zu installieren: Nach Beschluss der zuständigen Gremien und des Rektorats soll Virenschutzsoftware auf dienstlichen und auf privaten Rechnern der Mitarbeiter/innen und Studierenden installiert werden, wenn diese im Netz der Universität genutzt werden. Für Studierende und Mitarbeiter bietet sich dazu besonders die hier zur Verfügung gestellte SAV-Software an. Es sei betont, dass Sophos auch auf privaten Arbeitsplätzen installiert werden darf und soll. (Zitat Rechenzentrum)

So lange ich eingeschrieben bin ist die Nutzung beider Programme legal. Laut Aussage des Rechenzentrums darf man privat Office aber auch danach wohl weiternutzen.

ZoneAlarm habe ich auf Rat eines Bekannten installiert. Wenn es sinnvoll ist, deinstalliere ich es, da ich lieber Sophos weiterverwende.


Geändert von Nordland02 (27.08.2014 um 17:43 Uhr)

Alt 28.08.2014, 12:18   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar - Standard

Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar



Zitat:
Virenschutz ist Pflicht im Netz der Universität.
Das hab ich nicht angezweifelt, hab ja nicht gesagt du sollst alles wegkloppen. Nur nicht zwei AVPs verwenden. Denn die kommen sich gegenseitig in die Quere und können sich aushebeln.
__________________
--> Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar

Antwort

Themen zu Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar
abgebrochen, auslastung, cpu, cpu-auslastung, dvdvideosoft ltd., explorer, fehlermeldung, firefox, google, home, installation, internetseite, internetverbindung, langsam, logfiles, netzwerk, nicht mehr, opera, rechner, seite, seiten, update, verbindung, windows, yahoo, youtube



Ähnliche Themen: Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar


  1. IE11 wird nicht mehr angezeigt und nicht in den Programmen gefunden
    Log-Analyse und Auswertung - 07.09.2015 (29)
  2. Malwarebytes lässt sich nicht mehr starten - hohe CPU-Auslastung durch Dienste
    Log-Analyse und Auswertung - 28.01.2015 (8)
  3. kurz nach google chrome start funktioniert Internetverbindung teilweise nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 18.02.2014 (6)
  4. Windows 7: Viele Webseiten sporadisch nicht aufrufbar oder langsam, Google Earth findet Server nicht
    Log-Analyse und Auswertung - 12.12.2013 (17)
  5. Google.de, Youtube und JDownloader nicht mehr erreichbar/funktionieren nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 30.11.2013 (1)
  6. Windows 7: Ständige Browserabstürze und sehr langsame Reaktion des PCs, Starten des Google Chrome - Browsers gar nicht mehr möglich
    Log-Analyse und Auswertung - 06.09.2013 (9)
  7. Langsame Browser & Youtube-Videos laden nicht ?
    Plagegeister aller Art und deren Bekämpfung - 21.08.2013 (16)
  8. Google nicht aufrufbar/Firefox Sicherheitsmeldung
    Log-Analyse und Auswertung - 11.09.2012 (1)
  9. Google Chrome kein ton mehr bei youtube?
    Alles rund um Windows - 22.03.2012 (1)
  10. Avira Antivir updatet nicht mehr / hohe CPU-Auslastung
    Log-Analyse und Auswertung - 29.10.2011 (3)
  11. langsame internetverbindung
    Log-Analyse und Auswertung - 27.02.2011 (1)
  12. TR/PSW.LdPinch.aogg & Seiten über Google nicht aufrufbar
    Log-Analyse und Auswertung - 10.08.2010 (10)
  13. XP Firewall nicht aktiviebar/regedit nicht aufrufbar/Google Umleitung zu Werbung
    Plagegeister aller Art und deren Bekämpfung - 20.04.2009 (11)
  14. langsame Programmstarts und hohe CPU-Auslastung
    Log-Analyse und Auswertung - 29.10.2008 (1)
  15. Google Links und leider mehr - einige Seiten nicht aufrufbar
    Plagegeister aller Art und deren Bekämpfung - 03.10.2008 (13)
  16. Google links umgeleitet / nicht aufrufbar
    Plagegeister aller Art und deren Bekämpfung - 15.09.2008 (3)
  17. Langsame Internetverbindung
    Log-Analyse und Auswertung - 03.12.2007 (5)

Zum Thema Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar - Liebes Trojaner-Board-Team, seit einiger Zeit habe ich das Gefühl, dass mein PC (Windows 7 Home Premium, Service Pack 1, 64 Bit-Betriebssystem) langsam läuft. Es liegt oft eine CPU-Auslastung von 50% - Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar...
Archiv
Du betrachtest: Hohe CPU Auslastung / Langsame Internetverbindung bei betroffenem PC / google & youtube mit IE11 nicht mehr aufrufbar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.