lrcnta + srptm, graue Felder

Snoosel · 07.09.2014, 12:52

Hallo,
es öffnen sich seit gestern
2 graue Felder grauen Feld (lrcnta + srptm), beim weggeklicken

erscheinen sie sie im Sekundentakt.
Arbeiten am Rechner ist unmöglich.
Ich muß dazu sagen, dass ich jetzt von meinem Rechner schreibe, das Problem ist auf dem Rechner meines Mannes.

Kann mir jemand helfen?

Schöne Grüße Ute

cosinus · 07.09.2014, 13:08

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Snoosel · 07.09.2014, 17:45

Hallo Cosinus,

schon beim Runterladen des Farbar's Recovery Scan Tool´s reagiert das Programm nicht mehr. Wir kommen bis zum Scan, dann ist Feierabend. Der Balken bleibt stehen bei: Scanning Registry: HKCU/Software/Classes/CLSID.

das Virenprogramm läßt den download zu

Das Virenprogramm G-Data hat einen Virus gefunden. Keine Ahnung welchen, mein Mann hat ihn sofort gelöscht.

Nach langem experimentieren sind weitere Probleme entstanden.
Weder Farbar's Recovery Scan Tool noch Malwarebytes Anti-Malware können ihren Job machen. Beide Programme reagieren mit der Zeit nicht mehr und sind dann verschwunden.
Puhhh, habt Ihr noch eine Möglichkeit?
Gruß Ute

cosinus · 07.09.2014, 17:50

GDATA komplett deaktivieren, dann mit FRST nochmal probieren

Snoosel · 07.09.2014, 18:30

Nach nochmaligen Versuchen Malwarebytes zu aktivieren (mit G-Data aus) kommt das graue Feld:
Malewarebytes Anti-Maleware funktioniert nicht mehr. Das Programm wird aufgrund eines Problems nicht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist.

Und nix geht mehr.

cosinus · 07.09.2014, 21:48

Wir sind immer noch bei FRST, nicht bei malwarebytes

Snoosel · 07.09.2014, 21:57

Sorry,
bei FRST ist es so wie mit G-Data und ohne, ich komme bis "Scan" und dann bleibt das Programm (eigentlich der ganze Rechner) stehen. Nichts tut sich. Erst wenn der Task-Manager das Programm beendet läuft der Rechner wieder.

cosinus · 07.09.2014, 22:21

In Windows mit einem anderen Benutzerkonto anmelden und von da aus erneut FRST runterladen und starten. Falls kein anderes Benutzerkonto da ist, musst du eins mit Adminrechten erstellen über die Systemsteuerung/Benutzerkonten

Snoosel · 08.09.2014, 08:53

Guten Morgen,
Benutzerkonto geändert, MS Windows sagt, Windows-Sidebar funktioniert nicht mehr.
Er hängt sich auf, Task-Manager anschließend auch. Anzeige: "Keine Rückmeldung"

Seit 1 Std. schon

cosinus · 08.09.2014, 08:56

Und weiter? Was ist jetzt mit FRST?

Snoosel · 08.09.2014, 10:58

ich komme nicht soweit. FRST wird gestartet und bleibt stehen bei: Scanning Registry: HKCU/Software/Classes/CLSID.

cosinus · 08.09.2014, 10:59

Welches Windows hast du da eigentlich? Vista? 7? 8? 8.1?

Snoosel · 08.09.2014, 11:21

Obwohl die Administrationsrechte geändert sind.

Zitat:

Zitat von cosinus

Welches Windows hast du da eigentlich? Vista? 7? 8? 8.1?

wo kann ich das erfahren?

Hab über Tune Up nachgesehen.
Vista Home Premium 64 bit.
Version 6.0.6002 Service Pack 2

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Ute (administrator) on MANOPOST-PC on 08-09-2014 12:14:52
Running from C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AOL LLC) C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\LPT\srpts.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\LPT\srptsl.exe
() J:\Tobit Radio.fx\Server\rfx-server.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKBap64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(AOL, LLC.) C:\Program Files (x86)\AOL 9.0 VR\waol.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
(America Online, Inc.) C:\Program Files (x86)\Common Files\aol\1231342872\ee\aolsoftware.exe
(AOL, LLC.) C:\Program Files (x86)\AOL 9.0 VR\shellmon.exe
(TuneUp Software) C:\Windows\System32\TuneUpDefragService.exe
() C:\Program Files (x86)\LPT\srptm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
(America Online Inc) C:\Program Files (x86)\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Farbar) C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K\FRST64[1].exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-243317379-2889874547-3061927781-1001\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE [50480 2007-06-21] (AOL, LLC.)
AppInit_DLLs: C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found
AppInit_DLLs-x32: C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bip_camera1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\browser7.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\btassist1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\coverdes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\discspeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\drivespeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\eccenter1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\frontpg.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\infotool.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\lifecam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mobiletrans.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mypc backup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nero.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neroburnrights.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerohome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neromediahome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerorescueagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neroscoutoptions.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerovision.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\osa.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\photosnap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\photosnapviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\pptview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\recode.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setupx.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\showtime.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\soundtrax.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\tosbtmng.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\tosbtproc1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\usrguide.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\waveedit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\wirelessftp1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\wlangui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\zune.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/cpm-redir/ie-9.html
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-9.html
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.t-online.de/cpm-redir/ie-9.html
hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-9.html
hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1408538863&from=cor&uid=395049983_1052451_7047A004
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1408538863&from=cor&uid=395049983_1052451_7047A004
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} -  No File
URLSearchHook: HKLM-x32 - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
URLSearchHook: HKLM-x32 - (No Name) - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}
SearchScopes: HKLM - {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {F137222E-6DE9-44E9-8EF2-CC5A8D3833BB} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpXhO1w6Yb0c1W9-FhgkQWK4Ehfdcz3I3UPArKQFSZNlsdq5hyma9cy00L27XTCH8NP7vFjk0yFgGduK9dBuoGkYUY0-22LRv-4czOZ-p-bZAf0CeOHjuDAscDUZ6_hKRoRcEYt0oaxLZu2rTwuPYGxxcvT1FlCb8enA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpXhO1w6Yb0c1W9-FhgkQWK4Ehfdcz3I3UPArKQFSZNlsdq5hyma9cy00L27XTCH8NP7vFjk0yFgGduK9dBuoGkYUY0-22LRv-4czOZ-p-bZAf0CeOHjuDAscDUZ6_hKRoRcEYt0oaxLZu2rTwuPYGxxcvT1FlCb8enA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=tb50-ie-aolde-chromesbox-de-de
SearchScopes: HKLM-x32 - {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKCU - DefaultScope {83CB6700-9424-4FE4-B1F4-F9BC555167F3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKCU - {6C7BD9C4-A466-46C4-82C4-CC66701D1395} URL = hxxp://rover.ebay.com/rover/1/707-1403-276402/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={sear chTerms}
SearchScopes: HKCU - {83CB6700-9424-4FE4-B1F4-F9BC555167F3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKCU - {E6396811-2413-44EC-A69B-A788B0E124FC} URL = hxxp://suche.t-online.de/fastcgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&d ia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wikitab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKCU - {F048D832-4CD6-4A55-AAC4-45E3EE19F9B4} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag= interactivemesuche21&index=blended&linkCode=ur2&camp=1638&creative=6742
BHO: SafeFinder SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: AOL Deutschland Toolbar Loader -> {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} -> C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
DPF: HKLM-x32 {477E2667-7E7A-4737-BFF5-121D68EF7816} hxxp://musikdownloads.aol.de/imcdms-static/code/AOL%20Download%20Assistent.ocx
DPF: HKLM-x32 {74E4A24D-5224-4F05-8A41-99445E0FC22B} hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @funwebproducts.com/Plugin -> C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFunWeb.dll No File
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-21]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-07]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Manopost\AppData\Roaming\Mozilla\Firefox\Profiles\rjmb4qdq.default\extensions\faststartff@gmail.com
FF Extension: Fast Start - C:\Users\Manopost\AppData\Roaming\Mozilla\Firefox\Profiles\rjmb4qdq.default\extensions\faststartff@gmail.com [2014-08-20]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-07-30] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin) [File not signed]
S4 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2009-01-28] (BOONTY) [File not signed]
S4 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [112128 2014-08-26] (Deutsche Telekom AG) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
S3 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-10-16] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32768 2014-08-27] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)
S4 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Radio.fx; J:\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
S4 ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed]
R3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [506696 2010-02-27] (TuneUp Software)
S3 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [842056 2010-02-27] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-20] (AVG Secure Search)
S2 scores; C:\Windows\score.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [103936 2013-04-23] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2010-07-22] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-20] (AVG Technologies)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [34704 2010-02-05] (CSR, plc)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-09-01] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-06] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-09-01] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-06] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-09-01] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-08-31] (G Data Software)
R3 HCW3x64; C:\Windows\System32\DRIVERS\HCW3x64.sys [1087872 2007-03-26] (Hauppauge Computer Works inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-06] (G Data Software AG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2010-07-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-06-06] (NVIDIA Corporation)
S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1368960 2006-09-30] (Philips Semiconductors GmbH)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-20] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gt64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys [60056 2014-09-06] (StdLib)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 09:47 - 2014-09-08 09:47 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Adobe
2014-09-08 09:46 - 2014-09-08 11:00 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\TuneUp Software
2014-09-08 09:46 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\TuneUp Software
2014-09-08 09:45 - 2014-09-08 09:45 - 00000951 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\AOL
2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Local\AOL
2014-09-08 09:44 - 2014-09-08 09:45 - 00000941 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-08 09:44 - 2014-09-08 09:44 - 00000936 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-08 09:42 - 2014-09-08 09:44 - 00000917 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-09-08 09:41 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\VirtualStore
2014-09-08 09:41 - 2014-09-08 09:44 - 00000000 ____D () C:\Users\Ute
2014-09-08 09:41 - 2014-09-08 09:41 - 00000020 ___SH () C:\Users\Ute\ntuser.ini
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Vorlagen
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Startmenü
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Netzwerkumgebung
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Lokale Einstellungen
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Eigene Dateien
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Druckumgebung
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Musik
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Bilder
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Verlauf
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Anwendungsdaten
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Anwendungsdaten
2014-09-08 09:41 - 2014-04-09 17:34 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Garmin
2014-09-08 09:41 - 2011-11-18 04:55 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Macromedia
2014-09-08 09:41 - 2010-11-16 00:09 - 00000000 ____D () C:\Users\Ute\AppData\Local\Microsoft Help
2014-09-08 09:41 - 2008-01-21 05:20 - 00000000 ___RD () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-08 09:41 - 2008-01-21 05:20 - 00000000 ___RD () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-08 08:03 - 2014-09-08 08:03 - 00003631 _____ () C:\Users\Manopost\Downloads\FRST.txt
2014-09-08 08:02 - 2014-09-08 08:03 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64(1).exe
2014-09-08 07:44 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2014-09-08 07:44 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll
2014-09-08 07:43 - 2014-09-08 07:43 - 01101648 _____ () C:\Users\Manopost\Downloads\HijackThis - CHIP-Installer.exe
2014-09-07 19:19 - 2014-09-07 19:19 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64.exe
2014-09-07 16:20 - 2014-09-08 10:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-07 16:19 - 2014-09-07 16:19 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-07 16:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-07 16:19 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-07 16:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-07 16:18 - 2014-09-07 16:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manopost\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-07 15:00 - 2014-09-08 12:14 - 00000000 ____D () C:\FRST
2014-09-07 10:24 - 2014-09-07 10:24 - 00388152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-07 10:23 - 2014-09-07 10:23 - 00185186 _____ () C:\Windows\PFRO.log
2014-09-06 23:41 - 2014-09-06 23:42 - 00895120 _____ (Google Inc.) C:\Users\Manopost\Downloads\ChromeSetup.exe
2014-09-06 23:27 - 2014-09-06 23:27 - 00000000 ____D () C:\Users\Manopost\Documents\PC Speed Maximizer
2014-09-06 23:27 - 2014-09-06 04:13 - 00060056 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys
2014-09-06 23:24 - 2014-09-07 16:25 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-09-06 23:24 - 2014-09-06 23:24 - 00106712 _____ () C:\Users\Manopost\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-06 23:24 - 2014-09-06 23:24 - 00002379 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-06 23:22 - 2014-09-07 00:24 - 00000000 ____D () C:\Users\Manopost\AppData\Local\LPT
2014-09-06 23:22 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Smartbar
2014-09-06 23:16 - 2014-09-06 23:57 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Gameo
2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\Desktop\Play Games Online.url
2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-06 23:16 - 2014-09-06 23:16 - 00000000 ___HD () C:\Users\Manopost\AppData\Roaming\GoldenGate
2014-09-06 21:50 - 2014-09-06 21:50 - 00602112 _____ (OldTimer Tools) C:\Users\Manopost\Desktop\OTL.exe
2014-09-06 16:11 - 2014-09-06 16:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Deployment
2014-09-01 23:00 - 2014-09-01 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS
2014-08-28 21:52 - 2014-08-23 03:05 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:52 - 2014-08-23 02:42 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:52 - 2014-08-23 01:38 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 10:03 - 2014-08-27 10:03 - 00000630 _____ () C:\Users\Manopost\Desktop\BLT14-15_209.exe - Verknüpfung.lnk
2014-08-27 09:52 - 2014-08-27 09:52 - 00724992 _____ (Maximilian Stangel) C:\Users\Manopost\Downloads\BLT14-15_209.exe
2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar
2014-08-26 18:52 - 2014-08-31 22:03 - 00000000 ___HD () C:\Users\Public\Temp
2014-08-26 18:49 - 2014-08-26 18:50 - 00000000 ____D () C:\Users\Public\29B3597AA0BC4491BC3F1A409CD7CF3F
2014-08-26 14:15 - 2013-12-27 16:17 - 37650432 _____ () C:\Users\Manopost\Desktop\M2U00050.MPG
2014-08-26 13:28 - 2014-09-06 23:26 - 00000000 ____D () C:\Users\Manopost\Desktop\Tablet
2014-08-26 13:13 - 2014-08-26 13:13 - 00000000 ____D () C:\ProgramData\Telekom-Browser 7
2014-08-25 17:43 - 2014-09-07 01:20 - 00000000 ___RD () C:\Users\Manopost\Dropbox
2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Program Files (x86)\Dropbox
2014-08-25 17:39 - 2014-09-06 22:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Dropbox
2014-08-25 07:52 - 2014-08-25 07:52 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Adobe
2014-08-22 15:27 - 2014-08-22 15:27 - 00000000 ____D () C:\ProgramData\Xerox
2014-08-22 14:28 - 2014-09-06 23:32 - 00000000 ____D () C:\Users\Manopost\Desktop\Neuer Ordner
2014-08-22 12:43 - 2014-08-22 12:45 - 00000000 ____D () C:\Users\Public\10F34257C92C4CB28669BE8F744057EF
2014-08-22 10:23 - 2014-08-22 10:24 - 00000000 ____D () C:\Users\Public\39203AE8A0DE4F819CFD816F114013DB
2014-08-22 10:23 - 2014-08-22 10:24 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\InetStat
2014-08-22 10:23 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-22 10:00 - 2014-04-19 17:34 - 00000426 _____ () C:\AVScanner.ini
2014-08-22 09:12 - 2014-08-29 15:01 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-22 09:11 - 2014-08-31 15:59 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air
2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\globalUpdate
2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-22 09:10 - 2014-09-07 18:16 - 00000000 ____D () C:\Program Files (x86)\ver1Re-markit
2014-08-22 09:10 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\VOPackage
2014-08-22 09:10 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-22 09:10 - 2014-08-22 09:12 - 00062602 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistMSI61B3.txt
2014-08-22 09:10 - 2014-08-22 09:12 - 00012036 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistUI61B3.txt
2014-08-20 14:49 - 2014-08-20 14:49 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-20 14:49 - 2014-08-20 14:49 - 00000000 ____D () C:\Users\Manopost\AppData\Local\SlimWare Utilities Inc
2014-08-20 14:48 - 2014-08-20 14:48 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-20 14:45 - 2014-08-20 15:13 - 00000732 _____ () C:\Users\Manopost\AppData\Local\d3d9caps64.dat
2014-08-20 14:44 - 2014-08-20 14:44 - 00796720 _____ ( ) C:\Users\Manopost\Downloads\nero_setup.exe
2014-08-17 18:20 - 2014-08-17 18:45 - 00001653 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotostory 3 für Windows.lnk
2014-08-17 18:20 - 2014-08-17 18:20 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows
2014-08-17 18:18 - 2014-08-17 18:18 - 01101648 _____ () C:\Users\Manopost\Documents\Microsoft Photo Story - CHIP-Installer.exe
2014-08-17 13:33 - 2014-08-22 13:21 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo Video 1
2014-08-17 13:26 - 2014-08-22 14:59 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo 2
2014-08-17 11:21 - 2014-08-26 14:04 - 00000000 ____D () C:\Users\Manopost\Desktop\Meine Bilder
2014-08-17 08:49 - 2014-08-17 08:49 - 01058200 _____ (Adobe) C:\Users\Manopost\Downloads\install_flashplayer14x32au_mssa_awc_aih.exe
2014-08-17 08:36 - 2014-06-27 00:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 08:36 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-17 08:36 - 2014-06-27 00:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-17 08:36 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-17 08:36 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-17 08:36 - 2014-06-27 00:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 08:36 - 2014-06-06 06:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 08:36 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 08:32 - 2014-08-17 08:32 - 00001757 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-08-17 08:32 - 2014-08-17 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-08-17 00:05 - 2014-08-14 12:15 - 36898446 _____ () C:\Users\Manopost\Desktop\20140814_131447.mp4
2014-08-16 23:56 - 2014-08-20 19:35 - 00000000 ____D () C:\Users\Manopost\Desktop\Handy Tolo
2014-08-16 23:37 - 2014-06-14 02:56 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-16 23:37 - 2014-06-14 02:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-16 23:37 - 2014-06-02 23:30 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-16 23:37 - 2014-06-02 23:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-16 23:37 - 2014-06-02 23:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-16 23:37 - 2014-06-02 23:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-16 23:37 - 2014-06-02 22:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-16 23:37 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-16 23:37 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-16 23:37 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-16 23:36 - 2014-07-24 21:28 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-16 23:36 - 2014-07-24 21:12 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-16 23:36 - 2014-07-24 21:10 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-16 23:36 - 2014-07-24 21:07 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-16 23:36 - 2014-07-24 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-16 23:36 - 2014-07-24 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-16 23:36 - 2014-07-24 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-16 23:36 - 2014-07-24 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-16 23:36 - 2014-07-24 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-16 23:36 - 2014-07-24 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-16 23:36 - 2014-07-24 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-16 23:36 - 2014-07-24 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-16 23:36 - 2014-07-24 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-16 23:36 - 2014-07-24 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-16 23:36 - 2014-07-24 21:02 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-16 23:36 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-16 23:36 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-16 23:36 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-16 23:36 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-16 23:36 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-16 23:36 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-16 23:36 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-16 23:36 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-16 23:36 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-16 23:36 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-16 23:36 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-16 23:36 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-16 23:36 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-16 23:36 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-16 23:36 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-16 23:36 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-16 23:36 - 2014-07-08 03:12 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-16 23:36 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-16 23:06 - 2014-09-06 23:25 - 00000000 ____D () C:\Users\Manopost\Desktop\Kamera Tolo

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 12:14 - 2014-09-07 15:00 - 00000000 ____D () C:\FRST
2014-09-08 12:12 - 2010-11-02 18:19 - 01084488 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 11:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 11:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 11:35 - 2012-07-19 18:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-08 11:00 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\TuneUp Software
2014-09-08 10:59 - 2014-09-07 16:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-08 09:55 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 09:54 - 2006-11-02 17:42 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-08 09:47 - 2014-09-08 09:47 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Adobe
2014-09-08 09:46 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\TuneUp Software
2014-09-08 09:46 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Ute\AppData\Local\VirtualStore
2014-09-08 09:45 - 2014-09-08 09:45 - 00000951 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\AOL
2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Local\AOL
2014-09-08 09:45 - 2014-09-08 09:44 - 00000941 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-08 09:44 - 2014-09-08 09:44 - 00000936 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-08 09:44 - 2014-09-08 09:42 - 00000917 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-09-08 09:44 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Ute
2014-09-08 09:41 - 2014-09-08 09:41 - 00000020 ___SH () C:\Users\Ute\ntuser.ini
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Vorlagen
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Startmenü
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Netzwerkumgebung
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Lokale Einstellungen
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Eigene Dateien
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Druckumgebung
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Musik
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Bilder
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Verlauf
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Anwendungsdaten
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Anwendungsdaten
2014-09-08 08:03 - 2014-09-08 08:03 - 00003631 _____ () C:\Users\Manopost\Downloads\FRST.txt
2014-09-08 08:03 - 2014-09-08 08:02 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64(1).exe
2014-09-08 07:52 - 2009-02-04 12:45 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-09-08 07:43 - 2014-09-08 07:43 - 01101648 _____ () C:\Users\Manopost\Downloads\HijackThis - CHIP-Installer.exe
2014-09-08 06:31 - 2013-09-17 15:45 - 00000425 _____ () C:\Windows\BRWMARK.INI
2014-09-07 21:28 - 2011-06-11 10:44 - 00003714 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7D2327BF-DAC5-43D7-8EB3-6EA0AF4A749D}
2014-09-07 19:19 - 2014-09-07 19:19 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64.exe
2014-09-07 18:29 - 2009-01-28 11:48 - 00000108 _____ () C:\Users\Manopost\AppData\Roaming\default.pls
2014-09-07 18:16 - 2014-08-22 09:10 - 00000000 ____D () C:\Program Files (x86)\ver1Re-markit
2014-09-07 16:25 - 2014-09-06 23:24 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-09-07 16:19 - 2014-09-07 16:19 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-07 16:19 - 2014-09-07 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manopost\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-07 11:08 - 2010-11-15 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-07 11:08 - 2010-11-15 00:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-07 10:24 - 2014-09-07 10:24 - 00388152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-07 10:23 - 2014-09-07 10:23 - 00185186 _____ () C:\Windows\PFRO.log
2014-09-07 01:20 - 2014-08-25 17:43 - 00000000 ___RD () C:\Users\Manopost\Dropbox
2014-09-07 00:24 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\LPT
2014-09-07 00:16 - 2009-01-10 16:50 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-06 23:57 - 2014-09-06 23:16 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Gameo
2014-09-06 23:42 - 2014-09-06 23:41 - 00895120 _____ (Google Inc.) C:\Users\Manopost\Downloads\ChromeSetup.exe
2014-09-06 23:35 - 2013-12-03 13:32 - 00000000 ___RD () C:\Users\Manopost\Documents\Fugen-T-Poster
2014-09-06 23:34 - 2014-01-02 12:23 - 00000000 ____D () C:\Users\Manopost\Desktop\2014
2014-09-06 23:33 - 2014-01-02 15:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Bayrischer Wald
2014-09-06 23:32 - 2014-08-22 14:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Neuer Ordner
2014-09-06 23:27 - 2014-09-06 23:27 - 00000000 ____D () C:\Users\Manopost\Documents\PC Speed Maximizer
2014-09-06 23:27 - 2013-01-21 16:39 - 00000000 ____D () C:\Users\Manopost\Desktop\Bilder1
2014-09-06 23:26 - 2014-08-26 13:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Tablet
2014-09-06 23:25 - 2014-08-16 23:06 - 00000000 ____D () C:\Users\Manopost\Desktop\Kamera Tolo
2014-09-06 23:24 - 2014-09-06 23:24 - 00106712 _____ () C:\Users\Manopost\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-06 23:24 - 2014-09-06 23:24 - 00002379 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-06 23:22 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Smartbar
2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\Desktop\Play Games Online.url
2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-06 23:16 - 2014-09-06 23:16 - 00000000 ___HD () C:\Users\Manopost\AppData\Roaming\GoldenGate
2014-09-06 22:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-06 22:50 - 2009-01-07 16:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-06 22:50 - 2006-11-02 17:15 - 00000000 ____D () C:\Windows\WindowsMobile
2014-09-06 22:46 - 2014-08-25 17:39 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Dropbox
2014-09-06 22:41 - 2013-04-11 17:22 - 00000000 ____D () C:\Program Files\Google
2014-09-06 22:40 - 2013-09-17 15:40 - 00000000 ____D () C:\ProgramData\InstallShield
2014-09-06 22:39 - 2013-09-17 15:42 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-09-06 21:50 - 2014-09-06 21:50 - 00602112 _____ (OldTimer Tools) C:\Users\Manopost\Desktop\OTL.exe
2014-09-06 16:12 - 2009-01-10 16:51 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Google
2014-09-06 16:11 - 2014-09-06 16:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Deployment
2014-09-06 16:11 - 2010-06-03 12:57 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Apps\2.0
2014-09-06 15:57 - 2009-01-10 16:51 - 00000000 ____D () C:\ProgramData\Google
2014-09-06 15:36 - 2011-06-13 13:08 - 00003292 _____ () C:\Windows\System32\Tasks\{4231AEF2-8460-496A-9460-D6D1F6493ADF}
2014-09-06 04:13 - 2014-09-06 23:27 - 00060056 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys
2014-09-02 16:07 - 2008-09-13 07:16 - 00699062 _____ () C:\Windows\system32\perfh007.dat
2014-09-02 16:07 - 2008-09-13 07:16 - 00156416 _____ () C:\Windows\system32\perfc007.dat
2014-09-02 16:07 - 2006-11-02 14:46 - 01638136 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-01 23:00 - 2014-09-01 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS
2014-09-01 23:00 - 2014-04-12 12:28 - 00001794 _____ () C:\Users\Public\Desktop\G DATA ANTIVIRUS.lnk
2014-09-01 23:00 - 2009-10-03 14:49 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-09-01 23:00 - 2009-06-20 14:57 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-09-01 23:00 - 2009-06-20 14:56 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-08-31 23:00 - 2014-02-28 00:00 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-08-31 23:00 - 2009-07-28 16:34 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2014-08-31 22:03 - 2014-08-26 18:52 - 00000000 ___HD () C:\Users\Public\Temp
2014-08-31 15:59 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air
2014-08-29 15:01 - 2014-08-22 09:12 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-29 15:01 - 2009-01-08 19:24 - 00003784 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-08-29 15:00 - 2014-04-06 16:26 - 00003558 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-08-27 10:03 - 2014-08-27 10:03 - 00000630 _____ () C:\Users\Manopost\Desktop\BLT14-15_209.exe - Verknüpfung.lnk
2014-08-27 09:52 - 2014-08-27 09:52 - 00724992 _____ (Maximilian Stangel) C:\Users\Manopost\Downloads\BLT14-15_209.exe
2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar
2014-08-27 07:33 - 2014-07-28 19:59 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service
2014-08-26 18:50 - 2014-08-26 18:49 - 00000000 ____D () C:\Users\Public\29B3597AA0BC4491BC3F1A409CD7CF3F
2014-08-26 14:04 - 2014-08-17 11:21 - 00000000 ____D () C:\Users\Manopost\Desktop\Meine Bilder
2014-08-26 13:43 - 2009-01-09 17:08 - 00112128 _____ () C:\Users\Manopost\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-26 13:13 - 2014-08-26 13:13 - 00000000 ____D () C:\ProgramData\Telekom-Browser 7
2014-08-26 13:13 - 2014-07-28 19:59 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Deutsche Telekom AG
2014-08-26 07:51 - 2012-03-02 20:45 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-08-25 17:43 - 2009-01-07 16:52 - 00000000 ____D () C:\Users\Manopost
2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Program Files (x86)\Dropbox
2014-08-25 07:52 - 2014-08-25 07:52 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Adobe
2014-08-24 10:30 - 2012-07-19 18:26 - 00003736 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-24 10:30 - 2012-04-08 10:43 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-24 10:30 - 2011-05-14 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-23 03:05 - 2014-08-28 21:52 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:42 - 2014-08-28 21:52 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:38 - 2014-08-28 21:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 15:27 - 2014-08-22 15:27 - 00000000 ____D () C:\ProgramData\Xerox
2014-08-22 14:59 - 2014-08-17 13:26 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo 2
2014-08-22 13:21 - 2014-08-17 13:33 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo Video 1
2014-08-22 12:46 - 2014-08-22 09:10 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\VOPackage
2014-08-22 12:46 - 2014-08-22 09:10 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-22 12:45 - 2014-08-22 12:43 - 00000000 ____D () C:\Users\Public\10F34257C92C4CB28669BE8F744057EF
2014-08-22 10:24 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Public\39203AE8A0DE4F819CFD816F114013DB
2014-08-22 10:24 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\InetStat
2014-08-22 10:23 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-22 10:20 - 2009-01-28 10:44 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Ahead
2014-08-22 09:57 - 2009-02-02 23:48 - 00000000 __SHD () C:\found.000
2014-08-22 09:36 - 2012-12-16 14:45 - 00000111 _____ () C:\.dir
2014-08-22 09:32 - 2014-07-31 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-22 09:24 - 2014-01-03 19:18 - 00000008 __RSH () C:\Users\Manopost\ntuser.pol
2014-08-22 09:24 - 2009-11-23 14:04 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-08-22 09:16 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-08-22 09:12 - 2014-08-22 09:10 - 00062602 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistMSI61B3.txt
2014-08-22 09:12 - 2014-08-22 09:10 - 00012036 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistUI61B3.txt
2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\globalUpdate
2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-20 19:35 - 2014-08-16 23:56 - 00000000 ____D () C:\Users\Manopost\Desktop\Handy Tolo
2014-08-20 19:28 - 2012-09-05 19:54 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-08-20 17:31 - 2010-08-01 13:11 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Skype
2014-08-20 15:13 - 2014-08-20 14:45 - 00000732 _____ () C:\Users\Manopost\AppData\Local\d3d9caps64.dat
2014-08-20 14:49 - 2014-08-20 14:49 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-20 14:49 - 2014-08-20 14:49 - 00000000 ____D () C:\Users\Manopost\AppData\Local\SlimWare Utilities Inc
2014-08-20 14:48 - 2014-08-20 14:48 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-20 14:44 - 2014-08-20 14:44 - 00796720 _____ ( ) C:\Users\Manopost\Downloads\nero_setup.exe
2014-08-17 18:45 - 2014-08-17 18:20 - 00001653 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotostory 3 für Windows.lnk
2014-08-17 18:20 - 2014-08-17 18:20 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows
2014-08-17 18:18 - 2014-08-17 18:18 - 01101648 _____ () C:\Users\Manopost\Documents\Microsoft Photo Story - CHIP-Installer.exe
2014-08-17 11:36 - 2013-07-04 09:21 - 00000855 _____ () C:\Users\Manopost\Desktop\Bluetooth-Informationsaustausch.lnk
2014-08-17 09:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
2014-08-17 08:49 - 2014-08-17 08:49 - 01058200 _____ (Adobe) C:\Users\Manopost\Downloads\install_flashplayer14x32au_mssa_awc_aih.exe
2014-08-17 08:48 - 2013-08-15 20:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 08:44 - 2006-11-02 14:35 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-17 08:33 - 2014-02-19 16:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-17 08:32 - 2014-08-17 08:32 - 00001757 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-08-17 08:32 - 2014-08-17 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-08-17 08:32 - 2014-02-19 16:42 - 00000000 ____D () C:\ProgramData\Garmin
2014-08-17 08:32 - 2014-02-19 16:41 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-08-14 12:15 - 2014-08-17 00:05 - 36898446 _____ () C:\Users\Manopost\Desktop\20140814_131447.mp4

Files to move or delete:
====================
C:\Users\Manopost\DivXInstaller7.exe
C:\Users\Manopost\googleupdatesetup.exe
C:\Users\Manopost\Nero-8.3.13.0_all_update.exe
C:\Users\Manopost\pcfresh.exe
C:\Users\Manopost\PowerPointViewer.exe


Some content of TEMP:
====================
C:\Users\Manopost\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphpm47v.dll
C:\Users\Manopost\AppData\Local\Temp\ICReinstall_google-chrome_setup (1).exe
C:\Users\Manopost\AppData\Local\Temp\_isA52C.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-08 10:11

==================== End Of Log ============================

--- --- ---

--- --- ---

Snoosel · 08.09.2014, 11:22

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by Ute at 2014-09-08 12:15:59
Running from C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G DATA ANTIVIRUS (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G DATA ANTIVIRUS (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.317.68010 - ABBYY)
ABBYY PDF Transformer 3.0 (Version: 3.00.317.68010 - ABBYY) Hidden
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0.1 - Microsoft Corporation) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
AGEIA PhysX v7.01.12 (HKLM-x32\...\{E2BE1618-AF5F-4F7D-8484-42E080EDF609}) (Version: 7.01.12 - AGEIA Technologies, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOL Deinstallation (HKLM-x32\...\AOL Deinstallation) (Version:  - )
AOL Deutschland Toolbar (HKLM-x32\...\AOL Deutschland Toolbar) (Version:  - )
Apple Application Support (HKLM-x32\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{9EA8213A-9080-C41F-2F85-8FF98374AB9F}) (Version: 3.0.678.0 - ATI Technologies, Inc.)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Big Fish Games Client (HKLM-x32\...\BFGC) (Version: 1.4.0.11 - )
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.05 - TOSHIBA CORPORATION)
Browser 7 der Telekom 31.0.19 (x86 de) (HKLM-x32\...\Browser 7 der Telekom 31.0.19 (x86 de)) (Version: 31.0.19 - Deutsche Telekom AG)
Browser 7 Maintenance Service (HKLM-x32\...\Browser7MaintenanceService) (Version: 29.0.40 - Deutsche Telekom AG)
BufferChm (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2008.0514.2139.36863 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization Chinese Standard (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Czech (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Danish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Dutch (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Finnish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization French (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization German (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Greek (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Hungarian (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Italian (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Japanese (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Korean (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Norwegian (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Polish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Portuguese (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Russian (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Spanish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Swedish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Thai (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Catalyst Control Center Localization Turkish (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Czech (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Danish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Dutch (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help English (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Finnish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help French (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help German (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Greek (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Italian (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Japanese (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Korean (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Polish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Russian (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Spanish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Swedish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Thai (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
CCC Help Turkish (x32 Version: 2008.0514.2138.36863 - ATI) Hidden
ccc-core-static (x32 Version: 2008.0514.2139.36863 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2008.0514.2139.36863 - ATI) Hidden
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Destination Component (x32 Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.8 - DivX, LLC)
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION
Elevated Installer (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Favorit (HKLM-x32\...\koega) (Version:  - )
Fax (x32 Version: 120.0.194.000 - Hewlett-Packard) Hidden
Fotostory 3 für Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.15 - Microsoft Corporation)
G DATA ANTIVIRUS (HKLM-x32\...\{B9FC0A7D-FA1D-4347-ABED-AD8AD5305633}) (Version: 25.0.2.1 - G DATA Software AG)
Garmin Express (HKLM-x32\...\{b43ffffb-1adc-4bcb-b277-7844ebff94da}) (Version: 3.2.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.17.0 - Garmin Ltd or its subsidiaries) Hidden
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
Hewlett-Packard Active Check for Health Check (x32 Version: 1.1.15.2 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (x32 Version: 2.0.63.2 - HP) Hidden
HP Active Support Library (x32 Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (HKLM-x32\...\{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}) (Version: 5.6.0.2510 - Hewlett-Packard)
HP Customer Feedback (x32 Version: 1.0.0 - Hewlett-Packard) Hidden
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP Picasso Media Center Add-In (x32 Version: 1.0.0 - HP) Hidden
HP Recovery Manager RSS (x32 Version: 84.0.0.7 - Hewlet Packard Company) Hidden
HP Update (HKLM-x32\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HP_Network_UserGuide (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Ihr Firmenname)
Java Auto Updater (x32 Version: 2.0.7.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
Java(TM) SE Runtime Environment 6 Update 1 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
king.com (remove only) (HKLM-x32\...\king.com) (Version:  - Midasplayer Ltd (king.com))
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marco Polo Mobile Navigator 2 (HKLM-x32\...\{5F65ECEE-EB1D-4C85-8D8C-9C7CE2DBB1D6}) (Version:  - )
MarketResearch (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Nero 8 (HKLM-x32\...\{1CA7ACD6-B21B-4240-AA05-4FC55F6E1031}) (Version: 8.3.465 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NewFreeScreensaver nfsHDWaterfall03 (HKLM-x32\...\nfsHDWaterfall03 New Free Screensaver_is1) (Version:  - )
Nokia Connectivity Cable Driver (HKLM-x32\...\{25CFEF55-A945-41FC-86ED-76469F31DF37}) (Version: 7.1.41.0 - Nokia)
Nokia Music Player (HKLM-x32\...\{4FCB1267-7380-4EBA-9A6C-69809C6E8227}) (Version: 2.5.11021 - Nokia Music Player)
Nokia_Multimedia_Common_Components_2_5 (HKLM-x32\...\{25F61E72-AAA4-4607-95D2-1E5139C98FFB}) (Version: 2.7.69 - Nokia)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Optimierte Multimedia-Tastatur-Lösung (HKLM-x32\...\KBD) (Version:  - Hewlett-Packard)
PanoStandAlone (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM-x32\...\{4B28C077-9958-45F1-8BB4-CBF90A69AD4E}) (Version: 11.4.15.0 - Nokia)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2926 - CyberLink Corp.)
PowerDirector (x32 Version: 6.5.2926 - CyberLink Corp.) Hidden
Primo (x32 Version: 1.00.0000 - Your Company Name) Hidden
Python 2.5.2 (HKLM-x32\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5657 - Realtek Semiconductor Corp.)
RTC Client API v1.2 (HKLM-x32\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)
Runtime (x32 Version: 1.00.0000 - Your Company Name) Hidden
SafeFinder Smartbar (HKLM-x32\...\{1898B668-CCF5-429F-A86F-9837E5439D77}) (Version: 11.114.72.19232 - Linkury Ltd.) <==== ATTENTION
Skins (x32 Version: 2008.0514.2139.36863 - ATI) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony USB Driver (HKLM-x32\...\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}) (Version: 2.00 - Sony Corporation)
Spielefieber Patiencen für Vista    (HKLM-x32\...\Spielefieber Patiencen für Vista) (Version:   - KlickMedia)
Status (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Top Ten Solitaire (HKLM-x32\...\{51790747-4141-2516-5286-723025870322}) (Version: 1.0 - Bluefish Games)
TrayApp (x32 Version: 110.0.180.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2009 (HKLM-x32\...\{55A29068-F2CE-456C-9148-C869879E2357}) (Version: 8.0.3310.3 - TuneUp Software)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.171 - TuneUp Software) Hidden
UnloadSupport (x32 Version: 9.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version:  - )
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version:  - )
WDR RadioRecorder (HKLM-x32\...\Tobit Radio.fx Server 1) (Version:  - Tobit.Software)
Windows 7 Upgrade Advisor (HKLM-x32\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8098.930 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 14.0.8093.805 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8081.709 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 14.0.8091.0730 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Wondershare MobileTrans ( Version 4.2.0 ) (HKLM-x32\...\{18CDCEAA-A9E4-4A4C-AC0E-C15E87C30EA5}_is1) (Version: 4.2.0 - Wondershare)
Xvid 1.1.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.1 - Xvid team (Koepi))
Zoo Tycoon: Complete Collection (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {279F157C-71B0-48BD-869F-5517150C523D} - System32\Tasks\HP Health Check Scheduler => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {28D5FA8E-3458-4145-A83A-4C217971EE93} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2007-03-11] (Hewlett-Packard Co.)
Task: {36094E77-3C21-421B-8EAB-76A357083F9B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-24] (Adobe Systems Incorporated)
Task: {376BB1C6-EE4E-4BEC-B4FE-84F31A30F5B1} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {468EF5B9-5FB1-4743-B57F-2607EADD3A6C} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-02] (Hewlett-Packard)
Task: {4C1210EF-7F37-4352-A913-6973F45DEBA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4F0D940C-AD4F-4AE6-AF83-44F78476290D} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
Task: {50B63E3C-8429-4B61-9671-2F1989927645} - System32\Tasks\Automatische Wartung => C:\Program Files (x86)\TuneUp Utilities 2009\OneClickStarter.exe [2009-11-16] (TuneUp Software GmbH)
Task: {5EE7DBA1-E02B-449D-A55F-76653BBFC245} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5F5E9998-8B9C-481E-94C4-CA2EB746A438} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-18] (Sun Microsystems, Inc.)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {83D434E6-D58F-4458-8579-F63D1022BFEF} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {A4B635A8-CB6E-4CC9-A4C2-ED29C5B288AD} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-08-07] ()
Task: {ADFA917F-CC05-4250-BF79-23261ED49A92} - System32\Tasks\Desktop Messenger => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Task: {B000A09E-317B-407D-BA22-B7FEDB6F3186} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {CDBEB6A4-BC55-4040-88D6-844C74525DBE} - System32\Tasks\{4231AEF2-8460-496A-9460-D6D1F6493ADF} => Chrome.exe hxxp://ui.skype.com/ui/0/5.3.0.116/de/abandoninstall?source=lightinstaller&amp;page=tsDownload&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:notoffered;ienotdefaultbrowser2
Task: {E6C229EB-FEFD-4A53-A5C9-7AE2CDBC5A82} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\SDP\RemEngine.exe [2008-06-12] ()
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-08-27 18:43 - 2014-08-27 18:43 - 00032768 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-08-27 18:43 - 2014-08-27 18:52 - 00034816 _____ () C:\Program Files (x86)\LPT\srptsl.exe
2011-01-22 19:58 - 2011-11-18 15:51 - 03673944 _____ () J:\Tobit Radio.fx\Server\rfx-server.exe
2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2014-08-20 19:29 - 2014-08-20 19:28 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2008-09-12 21:49 - 2008-05-15 00:04 - 00116736 _____ () C:\Windows\system32\atitmm64.dll
2014-08-27 18:43 - 2014-08-27 18:52 - 00023040 _____ () C:\Program Files (x86)\LPT\srptm.exe
2014-08-27 18:43 - 2014-08-27 18:52 - 00042496 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-08-27 18:42 - 2014-08-27 18:50 - 00018944 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-08-27 18:43 - 2014-08-27 18:52 - 00070144 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-08-20 19:29 - 2014-08-20 19:28 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2004-01-09 22:02 - 2004-01-09 22:02 - 00045056 _____ () C:\Program Files (x86)\AOL 9.0 VR\zlib.dll
2002-04-22 23:08 - 2002-04-22 23:08 - 00053248 _____ () C:\Program Files (x86)\AOL 9.0 VR\xmlparse.dll
2002-04-22 23:08 - 2002-04-22 23:08 - 00081920 _____ () C:\Program Files (x86)\AOL 9.0 VR\xmltok.dll
2007-05-24 10:01 - 2007-05-24 10:01 - 00090112 _____ () C:\Program Files (x86)\AOL 9.0 VR\Components\Tier2Svc.dll
2007-05-24 10:01 - 2007-05-24 10:01 - 00061440 _____ () C:\Program Files (x86)\AOL 9.0 VR\Components\DataSvcs.dll
2009-01-07 17:42 - 2007-05-24 04:49 - 00131072 _____ () c:\program files (x86)\common files\aol\1231342872\ee\services\proxyprovider\ver1_0_0_1\proxyprovider.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Manopost:zylomtest
AlternateDataStreams: C:\Users\Manopost:zylomtr{000HQ7FF-AD7A-3FG7-DNQC-2227NIQAQVVE}
AlternateDataStreams: C:\Users\Manopost:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-28A45N46SVT9}
AlternateDataStreams: C:\ProgramData\TEMP:2B1EA607
AlternateDataStreams: C:\ProgramData\TEMP:8AD1F2E0
AlternateDataStreams: C:\ProgramData\TEMP:957E9765
AlternateDataStreams: C:\ProgramData\TEMP:BD36345D
AlternateDataStreams: C:\ProgramData\TEMP:F0D7EE30

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: KBD => C:\HP\KBD\KbdStub.EXE                                                                                                                                                                                                                                                    
MSCONFIG\startupreg: Wondershare Helper Compact.exe => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"                                                                                                                                                                                
MSCONFIG\startupreg: WSHelperSetup.exe => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"                                                                                                                                                                                

==================== Faulty Device Manager Devices =============

Name: isatap.{A615081A-DB1C-42C8-8B6A-0E4FEC46738B}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: isatap.{1AFC8298-E6C4-448F-A08D-F0585C2E35D5}
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2014 00:16:02 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (09/08/2014 00:16:02 PM) (Source: VSS) (EventID: 40) (User: )
Description: Volumeschattenkopie-Dienst-Fehler: Der Dienst "Microsoft-Softwareschattenkopie-Anbieter" 
(SWPRV) ist deaktiviert. Aktivieren Sie den Dienst, und wiederholen Sie den Vorgang.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 13
   Snapshotkontext: 13
   Ausführungskontext: Coordinator

Error: (09/08/2014 00:12:38 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Installed Microsoft Fix it 50212; Hr = 0x8004230f).

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien löschen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 0
   Snapshotkontext: 0
   Ausführungskontext: Coordinator

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 40) (User: )
Description: Volumeschattenkopie-Dienst-Fehler: Der Dienst "Microsoft-Softwareschattenkopie-Anbieter" 
(SWPRV) ist deaktiviert. Aktivieren Sie den Dienst, und wiederholen Sie den Vorgang.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien löschen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 0
   Snapshotkontext: 0
   Ausführungskontext: Coordinator

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen
   Schattenkopien löschen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 0
   Snapshotkontext: 0
   Ausführungskontext: Coordinator
   Ausführungskontext: Coordinator

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 40) (User: )
Description: Volumeschattenkopie-Dienst-Fehler: Der Dienst "Microsoft-Softwareschattenkopie-Anbieter" 
(SWPRV) ist deaktiviert. Aktivieren Sie den Dienst, und wiederholen Sie den Vorgang.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Schnittstellen für alle Anbieter auflisten, die diesen Kontext unterstützen
   Schattenkopien abfragen
   Schattenkopien löschen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
   Snapshotkontext: 0
   Snapshotkontext: 0
   Ausführungskontext: Coordinator
   Ausführungskontext: Coordinator

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 12292) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Erstellen der Schattenkopieanbieter-COM-Klasse mit CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422] ist ein Fehler aufgetreten.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Überprüfen, ob das Volume vom Anbieter unterstützt wird
   Volume einem Schattenkopiesatz hinzufügen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: 4194317
   Ausführungskontext: Coordinator
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Volumename: \\?\Volume{cc3cf33a-b60c-11dd-934c-806e6f6e6963}\
   Ausführungskontext: Coordinator

Error: (09/08/2014 00:12:38 PM) (Source: VSS) (EventID: 40) (User: )
Description: Volumeschattenkopie-Dienst-Fehler: Der Dienst "Microsoft-Softwareschattenkopie-Anbieter" 
(SWPRV) ist deaktiviert. Aktivieren Sie den Dienst, und wiederholen Sie den Vorgang.


Vorgang:
   Für diesen Anbieter eine aufrufbare Schnittstelle abrufen
   Überprüfen, ob das Volume vom Anbieter unterstützt wird
   Volume einem Schattenkopiesatz hinzufügen

Kontext:
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Klassen-ID: {00000000-0000-0000-0000-000000000000}
   Snapshotkontext: 4194317
   Ausführungskontext: Coordinator
   Anbieter-ID: {b5946137-7b9f-4925-af80-51abd60b20d5}
   Volumename: \\?\Volume{cc3cf33a-b60c-11dd-934c-806e6f6e6963}\
   Ausführungskontext: Coordinator

Error: (09/08/2014 00:12:30 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = Installed Microsoft Fix it 50212; Hr = 0x8004230f).


System errors:
=============
Error: (09/08/2014 09:58:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: HP CUE DeviceDiscovery Service%%2147500037

Error: (09/08/2014 09:57:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (09/08/2014 09:57:15 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (09/08/2014 09:57:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows-BilderfassungShellhardwareerkennung%%1058

Error: (09/08/2014 09:57:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: scores%%2

Error: (09/08/2014 09:43:10 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: HP CUE DeviceDiscovery Service%%2147500037

Error: (09/08/2014 09:43:10 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt

Error: (09/08/2014 09:42:29 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (09/08/2014 09:42:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Windows-BilderfassungShellhardwareerkennung%%1058

Error: (09/08/2014 09:42:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: scores%%2


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-08 12:15:49.418
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-08 12:15:48.685
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-08 12:15:47.920
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-08 12:15:47.125
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-08 12:15:46.220
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-08 12:15:45.440
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-08 12:15:44.660
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-08 12:15:43.864
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-08 12:15:11.098
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-09-08 12:15:10.318
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) 9650 Quad-Core Processor
Percentage of memory in use: 58%
Total physical RAM: 4093.58 MB
Available physical RAM: 1704.81 MB
Total Pagefile: 8387.68 MB
Available Pagefile: 5739.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:582.63 GB) (Free:326.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.54 GB) (Free:1.86 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive j: (HP Pocket Media Drive) (Fixed) (Total:149.04 GB) (Free:126.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=582.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=13.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 2BD35C77)
Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)

==================== End Of Log ============================

Snoosel · 08.09.2014, 11:23

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by Ute (administrator) on MANOPOST-PC on 08-09-2014 12:14:52
Running from C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AOL LLC) C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\LPT\srpts.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\LPT\srptsl.exe
() J:\Tobit Radio.fx\Server\rfx-server.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKBap64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(AOL, LLC.) C:\Program Files (x86)\AOL 9.0 VR\waol.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
(America Online, Inc.) C:\Program Files (x86)\Common Files\aol\1231342872\ee\aolsoftware.exe
(AOL, LLC.) C:\Program Files (x86)\AOL 9.0 VR\shellmon.exe
(TuneUp Software) C:\Windows\System32\TuneUpDefragService.exe
() C:\Program Files (x86)\LPT\srptm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
(America Online Inc) C:\Program Files (x86)\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Farbar) C:\Users\Ute\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1IGUS3K\FRST64[1].exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-08-07] (Garmin Ltd or its subsidiaries)
HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [3079168 2009-04-11] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-243317379-2889874547-3061927781-1001\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL 9.0 VR\AOL.EXE [50480 2007-06-21] (AOL, LLC.)
AppInit_DLLs: C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found
AppInit_DLLs-x32: C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\Manopost\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bip_camera1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\browser7.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\btassist1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\coverdes.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\discspeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\drivespeed.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\eccenter1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\frontpg.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\infotool.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\lifecam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mobiletrans.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mypc backup.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nero.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neroburnrights.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerohome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neromediahome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerorescueagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\neroscoutoptions.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nerovision.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\osa.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\photosnap.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\photosnapviewer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\pptview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\recode.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\setupx.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\showtime.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\soundtrax.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\tosbtmng.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\tosbtproc1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\uninst.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\usrguide.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\waveedit.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\wirelessftp1.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\wlangui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\zune.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/cpm-redir/ie-9.html
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-9.html
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.t-online.de/cpm-redir/ie-9.html
hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.t-online.de/cpm-redir/ie-9.html
hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=84&bd=Pavilion&pf=cndt
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1408538863&from=cor&uid=395049983_1052451_7047A004
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1408538863&from=cor&uid=395049983_1052451_7047A004
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} -  No File
URLSearchHook: HKLM-x32 - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
URLSearchHook: HKLM-x32 - (No Name) - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1408538863&from=cor&uid=395049983_1052451_7047A004&q={searchTerms}
SearchScopes: HKLM - {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {F137222E-6DE9-44E9-8EF2-CC5A8D3833BB} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpXhO1w6Yb0c1W9-FhgkQWK4Ehfdcz3I3UPArKQFSZNlsdq5hyma9cy00L27XTCH8NP7vFjk0yFgGduK9dBuoGkYUY0-22LRv-4czOZ-p-bZAf0CeOHjuDAscDUZ6_hKRoRcEYt0oaxLZu2rTwuPYGxxcvT1FlCb8enA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx880NHL4NpXhO1w6Yb0c1W9-FhgkQWK4Ehfdcz3I3UPArKQFSZNlsdq5hyma9cy00L27XTCH8NP7vFjk0yFgGduK9dBuoGkYUY0-22LRv-4czOZ-p-bZAf0CeOHjuDAscDUZ6_hKRoRcEYt0oaxLZu2rTwuPYGxxcvT1FlCb8enA,,&q={searchTerms}
SearchScopes: HKLM-x32 - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=tb50-ie-aolde-chromesbox-de-de
SearchScopes: HKLM-x32 - {D6E4D59A-E5FE-4C8D-8347-B99B76E656E5} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKCU - DefaultScope {83CB6700-9424-4FE4-B1F4-F9BC555167F3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKCU - {6C7BD9C4-A466-46C4-82C4-CC66701D1395} URL = hxxp://rover.ebay.com/rover/1/707-1403-276402/4?mpre=hxxp://search.ebay.de/search/search.dll?shortcut=4&query={sear chTerms}
SearchScopes: HKCU - {83CB6700-9424-4FE4-B1F4-F9BC555167F3} URL = hxxp://suche.t-online.de/fast-cgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&dia=suche&context=internet-tab&tpc=internet&ptl=std&classification=internet-tab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKCU - {E6396811-2413-44EC-A69B-A788B0E124FC} URL = hxxp://suche.t-online.de/fastcgi/tsc?mandant=toi&device=html&portallanguage=de&userlanguage=de&d ia=suche&context=wiki-tab&tpc=internet&ptl=std&classification=wikitab_internet_std&q={searchTerms}&br=ie7-toi
SearchScopes: HKCU - {F048D832-4CD6-4A55-AAC4-45E3EE19F9B4} URL = hxxp://www.amazon.de/gp/search?ie=UTF8&keywords={searchTerms}&tag= interactivemesuche21&index=blended&linkCode=ur2&camp=1638&creative=6742
BHO: SafeFinder SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: AOL Deutschland Toolbar Loader -> {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} -> C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - SafeFinder Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {44990301-3C9D-426D-81DF-AAB636FA4345} https://www-secure.symantec.com/techsupp/asa/ss/sa/sa_cabs/tgctlsr.cab
DPF: HKLM-x32 {477E2667-7E7A-4737-BFF5-121D68EF7816} hxxp://musikdownloads.aol.de/imcdms-static/code/AOL%20Download%20Assistent.ocx
DPF: HKLM-x32 {74E4A24D-5224-4F05-8A41-99445E0FC22B} hxxp://www.gamehouse.com/games/gamehouse/ghplayer.cab
DPF: HKLM-x32 {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files (x86)\Virtual Earth 3D\ No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @funwebproducts.com/Plugin -> C:\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFunWeb.dll No File
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-21]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-26]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-03-07]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Manopost\AppData\Roaming\Mozilla\Firefox\Profiles\rjmb4qdq.default\extensions\faststartff@gmail.com
FF Extension: Fast Start - C:\Users\Manopost\AppData\Roaming\Mozilla\Firefox\Profiles\rjmb4qdq.default\extensions\faststartff@gmail.com [2014-08-20]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-05-01]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.PDFTransformer.Classic.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2010-02-01] (ABBYY)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-07-30] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [356352 2006-12-28] (AVM Berlin) [File not signed]
S4 Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [69120 2009-01-28] (BOONTY) [File not signed]
S4 Browser7Maintenance; C:\Program Files (x86)\Browser 7 Maintenance Service\maintenanceservice.exe [112128 2014-08-26] (Deutsche Telekom AG) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [438616 2014-08-07] (Garmin Ltd or its subsidiaries)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
S3 HP Health Check Service; c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-02] (Hewlett-Packard) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-10-16] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [32768 2014-08-27] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)
S4 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Radio.fx; J:\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
S4 ServiceLayer; C:\Program Files (x86)\Nokia\PC Connectivity Solution\ServiceLayer.exe [632832 2011-03-21] (Nokia) [File not signed]
R3 TuneUp.Defrag; C:\Windows\System32\TuneUpDefragService.exe [506696 2010-02-27] (TuneUp Software)
S3 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\TUProgSt.exe [842056 2010-02-27] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-20] (AVG Secure Search)
S2 scores; C:\Windows\score.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [103936 2013-04-23] (LG Electronics Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2010-07-22] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-20] (AVG Technologies)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2006-12-28] (AVM Berlin)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [34704 2010-02-05] (CSR, plc)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2006-12-28] (AVM GmbH)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-09-01] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-06] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-09-01] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-06] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-09-01] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-08-31] (G Data Software)
R3 HCW3x64; C:\Windows\System32\DRIVERS\HCW3x64.sys [1087872 2007-03-26] (Hauppauge Computer Works inc.)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-06] (G Data Software AG)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2010-07-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S4 nvrd64; C:\Windows\system32\drivers\nvrd64.sys [166944 2008-06-06] (NVIDIA Corporation)
S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1368960 2006-09-30] (Philips Semiconductors GmbH)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-08-20] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp Software)
R1 {5eeb83d0-96ea-4249-942c-beead6847053}Gt64; C:\Windows\System32\drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys [60056 2014-09-06] (StdLib)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 09:47 - 2014-09-08 09:47 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Adobe
2014-09-08 09:46 - 2014-09-08 11:00 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\TuneUp Software
2014-09-08 09:46 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\TuneUp Software
2014-09-08 09:45 - 2014-09-08 09:45 - 00000951 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\AOL
2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Local\AOL
2014-09-08 09:44 - 2014-09-08 09:45 - 00000941 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-08 09:44 - 2014-09-08 09:44 - 00000936 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-08 09:42 - 2014-09-08 09:44 - 00000917 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-09-08 09:41 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\VirtualStore
2014-09-08 09:41 - 2014-09-08 09:44 - 00000000 ____D () C:\Users\Ute
2014-09-08 09:41 - 2014-09-08 09:41 - 00000020 ___SH () C:\Users\Ute\ntuser.ini
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Vorlagen
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Startmenü
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Netzwerkumgebung
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Lokale Einstellungen
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Eigene Dateien
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Druckumgebung
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Musik
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Bilder
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Verlauf
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Anwendungsdaten
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Anwendungsdaten
2014-09-08 09:41 - 2014-04-09 17:34 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Garmin
2014-09-08 09:41 - 2011-11-18 04:55 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Macromedia
2014-09-08 09:41 - 2010-11-16 00:09 - 00000000 ____D () C:\Users\Ute\AppData\Local\Microsoft Help
2014-09-08 09:41 - 2008-01-21 05:20 - 00000000 ___RD () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-08 09:41 - 2008-01-21 05:20 - 00000000 ___RD () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-08 08:03 - 2014-09-08 08:03 - 00003631 _____ () C:\Users\Manopost\Downloads\FRST.txt
2014-09-08 08:02 - 2014-09-08 08:03 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64(1).exe
2014-09-08 07:44 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2014-09-08 07:44 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll
2014-09-08 07:43 - 2014-09-08 07:43 - 01101648 _____ () C:\Users\Manopost\Downloads\HijackThis - CHIP-Installer.exe
2014-09-07 19:19 - 2014-09-07 19:19 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64.exe
2014-09-07 16:20 - 2014-09-08 10:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-07 16:19 - 2014-09-07 16:19 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-07 16:19 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-07 16:19 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-07 16:19 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-07 16:18 - 2014-09-07 16:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manopost\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-07 15:00 - 2014-09-08 12:14 - 00000000 ____D () C:\FRST
2014-09-07 10:24 - 2014-09-07 10:24 - 00388152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-07 10:23 - 2014-09-07 10:23 - 00185186 _____ () C:\Windows\PFRO.log
2014-09-06 23:41 - 2014-09-06 23:42 - 00895120 _____ (Google Inc.) C:\Users\Manopost\Downloads\ChromeSetup.exe
2014-09-06 23:27 - 2014-09-06 23:27 - 00000000 ____D () C:\Users\Manopost\Documents\PC Speed Maximizer
2014-09-06 23:27 - 2014-09-06 04:13 - 00060056 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys
2014-09-06 23:24 - 2014-09-07 16:25 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-09-06 23:24 - 2014-09-06 23:24 - 00106712 _____ () C:\Users\Manopost\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-06 23:24 - 2014-09-06 23:24 - 00002379 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-06 23:22 - 2014-09-07 00:24 - 00000000 ____D () C:\Users\Manopost\AppData\Local\LPT
2014-09-06 23:22 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Smartbar
2014-09-06 23:16 - 2014-09-06 23:57 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Gameo
2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\Desktop\Play Games Online.url
2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-06 23:16 - 2014-09-06 23:16 - 00000000 ___HD () C:\Users\Manopost\AppData\Roaming\GoldenGate
2014-09-06 21:50 - 2014-09-06 21:50 - 00602112 _____ (OldTimer Tools) C:\Users\Manopost\Desktop\OTL.exe
2014-09-06 16:11 - 2014-09-06 16:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Deployment
2014-09-01 23:00 - 2014-09-01 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS
2014-08-28 21:52 - 2014-08-23 03:05 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 21:52 - 2014-08-23 02:42 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 21:52 - 2014-08-23 01:38 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 10:03 - 2014-08-27 10:03 - 00000630 _____ () C:\Users\Manopost\Desktop\BLT14-15_209.exe - Verknüpfung.lnk
2014-08-27 09:52 - 2014-08-27 09:52 - 00724992 _____ (Maximilian Stangel) C:\Users\Manopost\Downloads\BLT14-15_209.exe
2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar
2014-08-26 18:52 - 2014-08-31 22:03 - 00000000 ___HD () C:\Users\Public\Temp
2014-08-26 18:49 - 2014-08-26 18:50 - 00000000 ____D () C:\Users\Public\29B3597AA0BC4491BC3F1A409CD7CF3F
2014-08-26 14:15 - 2013-12-27 16:17 - 37650432 _____ () C:\Users\Manopost\Desktop\M2U00050.MPG
2014-08-26 13:28 - 2014-09-06 23:26 - 00000000 ____D () C:\Users\Manopost\Desktop\Tablet
2014-08-26 13:13 - 2014-08-26 13:13 - 00000000 ____D () C:\ProgramData\Telekom-Browser 7
2014-08-25 17:43 - 2014-09-07 01:20 - 00000000 ___RD () C:\Users\Manopost\Dropbox
2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Program Files (x86)\Dropbox
2014-08-25 17:39 - 2014-09-06 22:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Dropbox
2014-08-25 07:52 - 2014-08-25 07:52 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Adobe
2014-08-22 15:27 - 2014-08-22 15:27 - 00000000 ____D () C:\ProgramData\Xerox
2014-08-22 14:28 - 2014-09-06 23:32 - 00000000 ____D () C:\Users\Manopost\Desktop\Neuer Ordner
2014-08-22 12:43 - 2014-08-22 12:45 - 00000000 ____D () C:\Users\Public\10F34257C92C4CB28669BE8F744057EF
2014-08-22 10:23 - 2014-08-22 10:24 - 00000000 ____D () C:\Users\Public\39203AE8A0DE4F819CFD816F114013DB
2014-08-22 10:23 - 2014-08-22 10:24 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\InetStat
2014-08-22 10:23 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-22 10:00 - 2014-04-19 17:34 - 00000426 _____ () C:\AVScanner.ini
2014-08-22 09:12 - 2014-08-29 15:01 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-22 09:11 - 2014-08-31 15:59 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air
2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\globalUpdate
2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-22 09:10 - 2014-09-07 18:16 - 00000000 ____D () C:\Program Files (x86)\ver1Re-markit
2014-08-22 09:10 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\VOPackage
2014-08-22 09:10 - 2014-08-22 12:46 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-22 09:10 - 2014-08-22 09:12 - 00062602 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistMSI61B3.txt
2014-08-22 09:10 - 2014-08-22 09:12 - 00012036 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistUI61B3.txt
2014-08-20 14:49 - 2014-08-20 14:49 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-20 14:49 - 2014-08-20 14:49 - 00000000 ____D () C:\Users\Manopost\AppData\Local\SlimWare Utilities Inc
2014-08-20 14:48 - 2014-08-20 14:48 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-20 14:45 - 2014-08-20 15:13 - 00000732 _____ () C:\Users\Manopost\AppData\Local\d3d9caps64.dat
2014-08-20 14:44 - 2014-08-20 14:44 - 00796720 _____ ( ) C:\Users\Manopost\Downloads\nero_setup.exe
2014-08-17 18:20 - 2014-08-17 18:45 - 00001653 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotostory 3 für Windows.lnk
2014-08-17 18:20 - 2014-08-17 18:20 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows
2014-08-17 18:18 - 2014-08-17 18:18 - 01101648 _____ () C:\Users\Manopost\Documents\Microsoft Photo Story - CHIP-Installer.exe
2014-08-17 13:33 - 2014-08-22 13:21 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo Video 1
2014-08-17 13:26 - 2014-08-22 14:59 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo 2
2014-08-17 11:21 - 2014-08-26 14:04 - 00000000 ____D () C:\Users\Manopost\Desktop\Meine Bilder
2014-08-17 08:49 - 2014-08-17 08:49 - 01058200 _____ (Adobe) C:\Users\Manopost\Downloads\install_flashplayer14x32au_mssa_awc_aih.exe
2014-08-17 08:36 - 2014-06-27 00:17 - 01389200 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-17 08:36 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-17 08:36 - 2014-06-27 00:17 - 00171152 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-17 08:36 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-17 08:36 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-17 08:36 - 2014-06-27 00:17 - 00008848 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-17 08:36 - 2014-06-06 06:29 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-17 08:36 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-17 08:32 - 2014-08-17 08:32 - 00001757 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-08-17 08:32 - 2014-08-17 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-08-17 00:05 - 2014-08-14 12:15 - 36898446 _____ () C:\Users\Manopost\Desktop\20140814_131447.mp4
2014-08-16 23:56 - 2014-08-20 19:35 - 00000000 ____D () C:\Users\Manopost\Desktop\Handy Tolo
2014-08-16 23:37 - 2014-06-14 02:56 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-16 23:37 - 2014-06-14 02:51 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-16 23:37 - 2014-06-02 23:30 - 03137536 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-16 23:37 - 2014-06-02 23:30 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-16 23:37 - 2014-06-02 23:29 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-16 23:37 - 2014-06-02 23:29 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-08-16 23:37 - 2014-06-02 22:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-16 23:37 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-16 23:37 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-16 23:37 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-16 23:36 - 2014-07-24 21:28 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-16 23:36 - 2014-07-24 21:12 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-16 23:36 - 2014-07-24 21:10 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-16 23:36 - 2014-07-24 21:07 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-16 23:36 - 2014-07-24 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-16 23:36 - 2014-07-24 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-16 23:36 - 2014-07-24 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-16 23:36 - 2014-07-24 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-16 23:36 - 2014-07-24 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-16 23:36 - 2014-07-24 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-16 23:36 - 2014-07-24 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-16 23:36 - 2014-07-24 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-16 23:36 - 2014-07-24 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-16 23:36 - 2014-07-24 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-16 23:36 - 2014-07-24 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-16 23:36 - 2014-07-24 21:02 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-16 23:36 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-16 23:36 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-16 23:36 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-16 23:36 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-16 23:36 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-16 23:36 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-16 23:36 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-16 23:36 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-16 23:36 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-16 23:36 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-16 23:36 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-16 23:36 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-16 23:36 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-16 23:36 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-16 23:36 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-16 23:36 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-16 23:36 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-16 23:36 - 2014-07-08 03:12 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-16 23:36 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-16 23:06 - 2014-09-06 23:25 - 00000000 ____D () C:\Users\Manopost\Desktop\Kamera Tolo

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 12:14 - 2014-09-07 15:00 - 00000000 ____D () C:\FRST
2014-09-08 12:12 - 2010-11-02 18:19 - 01084488 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 11:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 11:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 11:35 - 2012-07-19 18:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-08 11:00 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\TuneUp Software
2014-09-08 10:59 - 2014-09-07 16:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-08 09:55 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 09:54 - 2006-11-02 17:42 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-08 09:47 - 2014-09-08 09:47 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\Adobe
2014-09-08 09:46 - 2014-09-08 09:46 - 00000000 ____D () C:\Users\Ute\AppData\Local\TuneUp Software
2014-09-08 09:46 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Ute\AppData\Local\VirtualStore
2014-09-08 09:45 - 2014-09-08 09:45 - 00000951 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Roaming\AOL
2014-09-08 09:45 - 2014-09-08 09:45 - 00000000 ____D () C:\Users\Ute\AppData\Local\AOL
2014-09-08 09:45 - 2014-09-08 09:44 - 00000941 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-08 09:44 - 2014-09-08 09:44 - 00000936 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-08 09:44 - 2014-09-08 09:42 - 00000917 _____ () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-09-08 09:44 - 2014-09-08 09:41 - 00000000 ____D () C:\Users\Ute
2014-09-08 09:41 - 2014-09-08 09:41 - 00000020 ___SH () C:\Users\Ute\ntuser.ini
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Vorlagen
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Startmenü
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Netzwerkumgebung
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Lokale Einstellungen
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Eigene Dateien
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Druckumgebung
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Musik
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Documents\Eigene Bilder
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Verlauf
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\AppData\Local\Anwendungsdaten
2014-09-08 09:41 - 2014-09-08 09:41 - 00000000 _SHDL () C:\Users\Ute\Anwendungsdaten
2014-09-08 08:03 - 2014-09-08 08:03 - 00003631 _____ () C:\Users\Manopost\Downloads\FRST.txt
2014-09-08 08:03 - 2014-09-08 08:02 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64(1).exe
2014-09-08 07:52 - 2009-02-04 12:45 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-09-08 07:43 - 2014-09-08 07:43 - 01101648 _____ () C:\Users\Manopost\Downloads\HijackThis - CHIP-Installer.exe
2014-09-08 06:31 - 2013-09-17 15:45 - 00000425 _____ () C:\Windows\BRWMARK.INI
2014-09-07 21:28 - 2011-06-11 10:44 - 00003714 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7D2327BF-DAC5-43D7-8EB3-6EA0AF4A749D}
2014-09-07 19:19 - 2014-09-07 19:19 - 02105344 _____ (Farbar) C:\Users\Manopost\Downloads\FRST64.exe
2014-09-07 18:29 - 2009-01-28 11:48 - 00000108 _____ () C:\Users\Manopost\AppData\Roaming\default.pls
2014-09-07 18:16 - 2014-08-22 09:10 - 00000000 ____D () C:\Program Files (x86)\ver1Re-markit
2014-09-07 16:25 - 2014-09-06 23:24 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-09-07 16:19 - 2014-09-07 16:19 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-07 16:19 - 2014-09-07 16:19 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-07 16:19 - 2014-09-07 16:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Manopost\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-07 11:08 - 2010-11-15 00:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-09-07 11:08 - 2010-11-15 00:52 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-07 10:24 - 2014-09-07 10:24 - 00388152 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-07 10:23 - 2014-09-07 10:23 - 00185186 _____ () C:\Windows\PFRO.log
2014-09-07 01:20 - 2014-08-25 17:43 - 00000000 ___RD () C:\Users\Manopost\Dropbox
2014-09-07 00:24 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\LPT
2014-09-07 00:16 - 2009-01-10 16:50 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-06 23:57 - 2014-09-06 23:16 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Gameo
2014-09-06 23:42 - 2014-09-06 23:41 - 00895120 _____ (Google Inc.) C:\Users\Manopost\Downloads\ChromeSetup.exe
2014-09-06 23:35 - 2013-12-03 13:32 - 00000000 ___RD () C:\Users\Manopost\Documents\Fugen-T-Poster
2014-09-06 23:34 - 2014-01-02 12:23 - 00000000 ____D () C:\Users\Manopost\Desktop\2014
2014-09-06 23:33 - 2014-01-02 15:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Bayrischer Wald
2014-09-06 23:32 - 2014-08-22 14:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Neuer Ordner
2014-09-06 23:27 - 2014-09-06 23:27 - 00000000 ____D () C:\Users\Manopost\Documents\PC Speed Maximizer
2014-09-06 23:27 - 2013-01-21 16:39 - 00000000 ____D () C:\Users\Manopost\Desktop\Bilder1
2014-09-06 23:26 - 2014-08-26 13:28 - 00000000 ____D () C:\Users\Manopost\Desktop\Tablet
2014-09-06 23:25 - 2014-08-16 23:06 - 00000000 ____D () C:\Users\Manopost\Desktop\Kamera Tolo
2014-09-06 23:24 - 2014-09-06 23:24 - 00106712 _____ () C:\Users\Manopost\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-06 23:24 - 2014-09-06 23:24 - 00002379 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-09-06 23:22 - 2014-09-06 23:22 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Smartbar
2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\Desktop\Play Games Online.url
2014-09-06 23:16 - 2014-09-06 23:16 - 00000174 _____ () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-09-06 23:16 - 2014-09-06 23:16 - 00000000 ___HD () C:\Users\Manopost\AppData\Roaming\GoldenGate
2014-09-06 22:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-06 22:50 - 2009-01-07 16:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-06 22:50 - 2006-11-02 17:15 - 00000000 ____D () C:\Windows\WindowsMobile
2014-09-06 22:46 - 2014-08-25 17:39 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Dropbox
2014-09-06 22:41 - 2013-04-11 17:22 - 00000000 ____D () C:\Program Files\Google
2014-09-06 22:40 - 2013-09-17 15:40 - 00000000 ____D () C:\ProgramData\InstallShield
2014-09-06 22:39 - 2013-09-17 15:42 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-09-06 21:50 - 2014-09-06 21:50 - 00602112 _____ (OldTimer Tools) C:\Users\Manopost\Desktop\OTL.exe
2014-09-06 16:12 - 2009-01-10 16:51 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Google
2014-09-06 16:11 - 2014-09-06 16:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Deployment
2014-09-06 16:11 - 2010-06-03 12:57 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Apps\2.0
2014-09-06 15:57 - 2009-01-10 16:51 - 00000000 ____D () C:\ProgramData\Google
2014-09-06 15:36 - 2011-06-13 13:08 - 00003292 _____ () C:\Windows\System32\Tasks\{4231AEF2-8460-496A-9460-D6D1F6493ADF}
2014-09-06 04:13 - 2014-09-06 23:27 - 00060056 _____ (StdLib) C:\Windows\system32\Drivers\{5eeb83d0-96ea-4249-942c-beead6847053}Gt64.sys
2014-09-02 16:07 - 2008-09-13 07:16 - 00699062 _____ () C:\Windows\system32\perfh007.dat
2014-09-02 16:07 - 2008-09-13 07:16 - 00156416 _____ () C:\Windows\system32\perfc007.dat
2014-09-02 16:07 - 2006-11-02 14:46 - 01638136 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-01 23:00 - 2014-09-01 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA ANTIVIRUS
2014-09-01 23:00 - 2014-04-12 12:28 - 00001794 _____ () C:\Users\Public\Desktop\G DATA ANTIVIRUS.lnk
2014-09-01 23:00 - 2009-10-03 14:49 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-09-01 23:00 - 2009-06-20 14:57 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-09-01 23:00 - 2009-06-20 14:56 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-08-31 23:00 - 2014-02-28 00:00 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-08-31 23:00 - 2009-07-28 16:34 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2014-08-31 22:03 - 2014-08-26 18:52 - 00000000 ___HD () C:\Users\Public\Temp
2014-08-31 15:59 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air
2014-08-29 15:01 - 2014-08-22 09:12 - 00004040 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-08-29 15:01 - 2009-01-08 19:24 - 00003784 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-08-29 15:00 - 2014-04-06 16:26 - 00003558 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-08-27 10:03 - 2014-08-27 10:03 - 00000630 _____ () C:\Users\Manopost\Desktop\BLT14-15_209.exe - Verknüpfung.lnk
2014-08-27 09:52 - 2014-08-27 09:52 - 00724992 _____ (Maximilian Stangel) C:\Users\Manopost\Downloads\BLT14-15_209.exe
2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb
2014-08-27 09:33 - 2014-08-27 09:33 - 00000000 ____D () C:\Program Files (x86)\AVG Security Toolbar
2014-08-27 07:33 - 2014-07-28 19:59 - 00000000 ____D () C:\Program Files (x86)\Browser 7 Maintenance Service
2014-08-26 18:50 - 2014-08-26 18:49 - 00000000 ____D () C:\Users\Public\29B3597AA0BC4491BC3F1A409CD7CF3F
2014-08-26 14:04 - 2014-08-17 11:21 - 00000000 ____D () C:\Users\Manopost\Desktop\Meine Bilder
2014-08-26 13:43 - 2009-01-09 17:08 - 00112128 _____ () C:\Users\Manopost\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-26 13:13 - 2014-08-26 13:13 - 00000000 ____D () C:\ProgramData\Telekom-Browser 7
2014-08-26 13:13 - 2014-07-28 19:59 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Deutsche Telekom AG
2014-08-26 07:51 - 2012-03-02 20:45 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2014-08-25 17:43 - 2009-01-07 16:52 - 00000000 ____D () C:\Users\Manopost
2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-25 17:41 - 2014-08-25 17:41 - 00000000 ____D () C:\Program Files (x86)\Dropbox
2014-08-25 07:52 - 2014-08-25 07:52 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Adobe
2014-08-24 10:30 - 2012-07-19 18:26 - 00003736 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-24 10:30 - 2012-04-08 10:43 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-24 10:30 - 2011-05-14 09:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-23 03:05 - 2014-08-28 21:52 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:42 - 2014-08-28 21:52 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 01:38 - 2014-08-28 21:52 - 02782208 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 15:27 - 2014-08-22 15:27 - 00000000 ____D () C:\ProgramData\Xerox
2014-08-22 14:59 - 2014-08-17 13:26 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo 2
2014-08-22 13:21 - 2014-08-17 13:33 - 00000000 ____D () C:\Users\Manopost\Desktop\Tolo Video 1
2014-08-22 12:46 - 2014-08-22 09:10 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\VOPackage
2014-08-22 12:46 - 2014-08-22 09:10 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-08-22 12:45 - 2014-08-22 12:43 - 00000000 ____D () C:\Users\Public\10F34257C92C4CB28669BE8F744057EF
2014-08-22 10:24 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Public\39203AE8A0DE4F819CFD816F114013DB
2014-08-22 10:24 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\InetStat
2014-08-22 10:23 - 2014-08-22 10:23 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-08-22 10:20 - 2009-01-28 10:44 - 00000000 ____D () C:\Users\Manopost\AppData\Local\Ahead
2014-08-22 09:57 - 2009-02-02 23:48 - 00000000 __SHD () C:\found.000
2014-08-22 09:36 - 2012-12-16 14:45 - 00000111 _____ () C:\.dir
2014-08-22 09:32 - 2014-07-31 19:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-22 09:24 - 2014-01-03 19:18 - 00000008 __RSH () C:\Users\Manopost\ntuser.pol
2014-08-22 09:24 - 2009-11-23 14:04 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-08-22 09:16 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-08-22 09:12 - 2014-08-22 09:10 - 00062602 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistMSI61B3.txt
2014-08-22 09:12 - 2014-08-22 09:10 - 00012036 _____ () C:\Users\Manopost\AppData\Local\dd_vcredistUI61B3.txt
2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Users\Manopost\AppData\Local\globalUpdate
2014-08-22 09:11 - 2014-08-22 09:11 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-20 19:35 - 2014-08-16 23:56 - 00000000 ____D () C:\Users\Manopost\Desktop\Handy Tolo
2014-08-20 19:28 - 2012-09-05 19:54 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-08-20 17:31 - 2010-08-01 13:11 - 00000000 ____D () C:\Users\Manopost\AppData\Roaming\Skype
2014-08-20 15:13 - 2014-08-20 14:45 - 00000732 _____ () C:\Users\Manopost\AppData\Local\d3d9caps64.dat
2014-08-20 14:49 - 2014-08-20 14:49 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-08-20 14:49 - 2014-08-20 14:49 - 00000000 ____D () C:\Users\Manopost\AppData\Local\SlimWare Utilities Inc
2014-08-20 14:48 - 2014-08-20 14:48 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-08-20 14:44 - 2014-08-20 14:44 - 00796720 _____ ( ) C:\Users\Manopost\Downloads\nero_setup.exe
2014-08-17 18:45 - 2014-08-17 18:20 - 00001653 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fotostory 3 für Windows.lnk
2014-08-17 18:20 - 2014-08-17 18:20 - 00000000 ____D () C:\Program Files (x86)\Photo Story 3 for Windows
2014-08-17 18:18 - 2014-08-17 18:18 - 01101648 _____ () C:\Users\Manopost\Documents\Microsoft Photo Story - CHIP-Installer.exe
2014-08-17 11:36 - 2013-07-04 09:21 - 00000855 _____ () C:\Users\Manopost\Desktop\Bluetooth-Informationsaustausch.lnk
2014-08-17 09:51 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
2014-08-17 08:49 - 2014-08-17 08:49 - 01058200 _____ (Adobe) C:\Users\Manopost\Downloads\install_flashplayer14x32au_mssa_awc_aih.exe
2014-08-17 08:48 - 2013-08-15 20:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-17 08:44 - 2006-11-02 14:35 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-08-17 08:33 - 2014-02-19 16:41 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-17 08:32 - 2014-08-17 08:32 - 00001757 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-08-17 08:32 - 2014-08-17 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-08-17 08:32 - 2014-02-19 16:42 - 00000000 ____D () C:\ProgramData\Garmin
2014-08-17 08:32 - 2014-02-19 16:41 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-08-14 12:15 - 2014-08-17 00:05 - 36898446 _____ () C:\Users\Manopost\Desktop\20140814_131447.mp4

Files to move or delete:
====================
C:\Users\Manopost\DivXInstaller7.exe
C:\Users\Manopost\googleupdatesetup.exe
C:\Users\Manopost\Nero-8.3.13.0_all_update.exe
C:\Users\Manopost\pcfresh.exe
C:\Users\Manopost\PowerPointViewer.exe


Some content of TEMP:
====================
C:\Users\Manopost\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphpm47v.dll
C:\Users\Manopost\AppData\Local\Temp\ICReinstall_google-chrome_setup (1).exe
C:\Users\Manopost\AppData\Local\Temp\_isA52C.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-08 10:11

==================== End Of Log ============================

--- --- ---

07.09.2014, 17:50	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	lrcnta + srptm, graue Felder GDATA komplett deaktivieren, dann mit FRST nochmal probieren __________________ Logfiles bitte immer in CODE-Tags posten

07.09.2014, 21:48	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	lrcnta + srptm, graue Felder Wir sind immer noch bei FRST, nicht bei malwarebytes __________________ --> lrcnta + srptm, graue Felder

07.09.2014, 22:21	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	lrcnta + srptm, graue Felder In Windows mit einem anderen Benutzerkonto anmelden und von da aus erneut FRST runterladen und starten. Falls kein anderes Benutzerkonto da ist, musst du eins mit Adminrechten erstellen über die Systemsteuerung/Benutzerkonten __________________ Logfiles bitte immer in CODE-Tags posten

08.09.2014, 08:56	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	lrcnta + srptm, graue Felder Und weiter? Was ist jetzt mit FRST? __________________ Logfiles bitte immer in CODE-Tags posten

08.09.2014, 10:59	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	lrcnta + srptm, graue Felder Welches Windows hast du da eigentlich? Vista? 7? 8? 8.1? __________________ Logfiles bitte immer in CODE-Tags posten

lrcnta + srptm, graue Felder

Plagegeister aller Art und deren Bekämpfung: lrcnta + srptm, graue Felder