Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.09.2014, 19:08   #1
ReginaC
 
AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden? - Standard

AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?



Hallo Profis,

darf ich die Funde des AdwCleaners in der Registrierungsdatenbank löschen?

Die Logs des Adw Cleaners, FRST, Addition und GMER folgen hier im Text und als Anhang.

Herzlichen Dank vorab!

Regina

ADWCLEANER

# AdwCleaner v3.310 - Bericht erstellt am 19/09/2014 um 19:27:17
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Administrator1 - REGINA-PC
# Gestartet von : C:\Users\Regina\Downloads\AdwCleaner_3.310.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.2 (x86 de)

[ Datei : C:\Users\Administrator1\AppData\Roaming\Mozilla\Firefox\Profiles\9gijjf1v.default\prefs.js ]


[ Datei : C:\Users\Regina\AppData\Roaming\Mozilla\Firefox\Profiles\18qwqcos.default-1409254287783\prefs.js ]


[ Datei : C:\Users\Regina\AppData\Roaming\Mozilla\Firefox\Profiles\31kea1lx.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ Datei : C:\Users\Regina\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2489 octets] - [25/06/2014 13:39:03]
AdwCleaner[R1].txt - [1350 octets] - [25/06/2014 13:54:12]
AdwCleaner[R2].txt - [4548 octets] - [01/09/2014 20:30:08]
AdwCleaner[R3].txt - [4608 octets] - [01/09/2014 20:31:45]
AdwCleaner[R4].txt - [4406 octets] - [01/09/2014 20:49:56]
AdwCleaner[R5].txt - [4466 octets] - [01/09/2014 21:11:59]
AdwCleaner[R6].txt - [4254 octets] - [18/09/2014 17:43:41]
AdwCleaner[R7].txt - [4314 octets] - [18/09/2014 17:45:45]
AdwCleaner[R8].txt - [4068 octets] - [19/09/2014 19:27:17]
AdwCleaner[S0].txt - [2501 octets] - [25/06/2014 13:43:40]
AdwCleaner[S1].txt - [4674 octets] - [01/09/2014 20:42:52]

########## EOF - \AdwCleaner\AdwCleaner[R8].txt - [4248 octets] ##########


FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Regina (ATTENTION: The logged in user is not administrator) on REGINA-PC on 19-09-2014 17:44:56
Running from C:\Users\Regina\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Honest Technology) C:\Program Files (x86)\honestech Audio Recorder 2.0 Deluxe\HTARLauncher.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11490408 2010-10-22] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-03] (CyberLink)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-10-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-02-12] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [keepvid] => C:\Program Files (x86)\keepvid\keepvid.com.exe
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-04] (Geek Software GmbH)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-07-22] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (ScanSoft, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1088607421-4034575351-1128607311-1001\...\Run: [Device Detection] => C:\Program Files (x86)\Lidl_Fotos\dd.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\honestech Audio Recorder 2.0 Deluxe Launcher.lnk
ShortcutTarget: honestech Audio Recorder 2.0 Deluxe Launcher.lnk -> C:\Program Files (x86)\honestech Audio Recorder 2.0 Deluxe\HTARLauncher.exe (Honest Technology)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LUMIX Simple Viewer.lnk
ShortcutTarget: LUMIX Simple Viewer.lnk -> C:\Program Files (x86)\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe (Matsushita Electric Industrial Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=hxxp://mail.google.com/mail/?hl%3Dde&scc=1&ltmpl=googlemail&hl=de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: HKLM-x32 {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Regina\AppData\Roaming\Mozilla\Firefox\Profiles\18qwqcos.default-1409254287783
FF Homepage: https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?hl%3Dde%26shva%3D1&ss=1&scc=1&ltmpl=googlemail&hl=de&emr=1#inbox
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.15.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-02-12]

Chrome:
=======
CHR Profile: C:\Users\Regina\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-07-22] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-05-23] (Western Digital Technologies, Inc.)
S3 WiredTools; C:\Program Files (x86)\WiredTools\WiredTools.exe [1303128 2014-07-04] (WiredTools Ltd.) [File not signed]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 iaStor; \SystemRoot\system32\DRIVERS\iaStor.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 17:44 - 2014-09-19 17:46 - 00018165 _____ () C:\Users\Regina\Downloads\FRST.txt
2014-09-19 17:44 - 2014-09-19 17:45 - 00000000 ____D () C:\FRST
2014-09-19 17:42 - 2014-09-19 17:43 - 02105856 _____ (Farbar) C:\Users\Regina\Downloads\FRST64.exe
2014-09-19 14:45 - 2014-09-19 14:52 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-09-18 17:39 - 2014-09-18 17:39 - 01373475 _____ () C:\Users\Regina\Downloads\AdwCleaner_3.310.exe
2014-09-16 20:52 - 2014-09-16 20:52 - 00000000 ____D () C:\Users\Regina\AppData\Local\{4BD05067-3436-45F5-B97A-2E9497AF4A83}
2014-09-13 13:36 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 13:36 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 13:36 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 13:36 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 13:36 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 13:36 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 13:36 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 13:36 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 13:36 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 13:36 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 13:36 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 13:36 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 13:36 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 13:36 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 13:36 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 13:36 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 13:36 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 13:36 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 13:36 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 13:36 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 13:36 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 13:36 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 13:36 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 13:36 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 13:36 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 13:36 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 13:36 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 13:36 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 13:36 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 13:36 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 13:36 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 13:36 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 13:36 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 13:36 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 13:36 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 13:36 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 13:36 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 13:36 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 13:36 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 13:36 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 13:36 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 13:36 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 13:36 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 13:36 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 13:36 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 13:36 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 13:36 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 13:36 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 13:36 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 13:36 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 13:36 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 13:36 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 13:36 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 13:36 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 13:36 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 13:36 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 13:14 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 13:14 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-13 12:13 - 2014-09-19 15:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 11:20 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-13 11:20 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-13 11:20 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-13 11:20 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-13 11:20 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-13 11:20 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-13 11:20 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-13 11:20 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-13 11:20 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-13 11:19 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-13 11:19 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 20:13 - 2014-09-09 20:13 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-28 21:31 - 2014-08-28 21:31 - 00000000 ____D () C:\Users\Regina\Desktop\Alte Firefox-Daten
2014-08-27 19:29 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 19:29 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 19:29 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-21 22:04 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 22:04 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 22:04 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 22:04 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 22:02 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 22:02 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 22:02 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 22:02 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 22:02 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 22:02 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 22:01 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 22:01 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 22:01 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 22:01 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-20 23:13 - 2014-08-20 23:13 - 00000000 ____D () C:\Users\Administrator1\AppData\Roaming\Oracle
2014-08-20 23:09 - 2013-02-26 15:50 - 01085344 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2014-08-20 23:09 - 2013-02-26 15:50 - 00963488 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2014-08-20 22:57 - 2014-08-20 22:57 - 00000000 ____D () C:\Users\Regina\AppData\Roaming\Oracle
2014-08-20 22:56 - 2014-08-20 23:05 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-20 22:55 - 2014-08-20 23:05 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-20 22:55 - 2014-08-20 23:05 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-20 22:55 - 2014-08-20 23:05 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-20 22:54 - 2014-08-20 22:55 - 00004594 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-20 22:52 - 2014-08-20 22:52 - 00918952 _____ (Oracle Corporation) C:\Users\Regina\Downloads\jxpiinstall.exe
2014-08-20 20:42 - 2014-09-16 20:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-20 20:42 - 2014-08-20 20:42 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-20 20:42 - 2014-08-20 20:42 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-19 17:46 - 2014-09-19 17:44 - 00018165 _____ () C:\Users\Regina\Downloads\FRST.txt
2014-09-19 17:45 - 2014-09-19 17:44 - 00000000 ____D () C:\FRST
2014-09-19 17:43 - 2014-09-19 17:42 - 02105856 _____ (Farbar) C:\Users\Regina\Downloads\FRST64.exe
2014-09-19 17:16 - 2012-08-31 14:32 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 17:16 - 2012-08-31 14:32 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 17:14 - 2012-04-03 19:54 - 00000000 ____D () C:\Users\Regina\Documents\Noten
2014-09-19 16:50 - 2012-08-28 23:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 16:10 - 1993-03-10 23:12 - 01601696 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 15:11 - 2014-09-13 12:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-19 15:00 - 2014-06-01 21:28 - 00000000 ____D () C:\Users\Regina\Documents\Suzuki+KfzSt+Unfall
2014-09-19 14:52 - 2014-09-19 14:45 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2014-09-19 14:52 - 2009-07-14 06:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 14:52 - 2009-07-14 06:45 - 00018928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-19 14:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 14:43 - 2009-07-14 06:51 - 00205114 _____ () C:\Windows\setupact.log
2014-09-18 17:46 - 2014-06-25 13:39 - 00000000 ____D () C:\AdwCleaner
2014-09-18 17:43 - 2011-07-25 19:10 - 00000000 ____D () C:\Users\Administrator1
2014-09-18 17:39 - 2014-09-18 17:39 - 01373475 _____ () C:\Users\Regina\Downloads\AdwCleaner_3.310.exe
2014-09-17 12:19 - 2011-03-30 18:07 - 00000000 ____D () C:\Users\Regina\Documents\JOB
2014-09-16 20:52 - 2014-09-16 20:52 - 00000000 ____D () C:\Users\Regina\AppData\Local\{4BD05067-3436-45F5-B97A-2E9497AF4A83}
2014-09-16 20:24 - 2013-03-11 18:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-16 20:16 - 2014-08-20 20:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 13:34 - 2014-02-26 22:48 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 13:34 - 2010-05-12 10:18 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 13:34 - 2010-05-12 10:18 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 13:34 - 2009-07-14 07:13 - 01594028 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 13:33 - 2013-08-14 22:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 13:16 - 2010-07-07 17:49 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-13 13:14 - 2014-05-06 21:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 21:59 - 2011-03-30 18:07 - 00000000 ____D () C:\Users\Regina\Documents\Kohle
2014-09-10 20:50 - 2012-04-03 19:48 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 20:50 - 2011-06-30 16:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 20:13 - 2014-09-09 20:13 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-09 20:13 - 2013-12-09 20:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-09 20:13 - 2012-12-21 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-09 20:13 - 2012-12-21 12:10 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-09 20:06 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-05 04:10 - 2014-09-13 11:19 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-13 11:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-04 11:37 - 2010-07-07 18:17 - 08633570 _____ () C:\Windows\PFRO.log
2014-09-03 13:39 - 2012-04-24 18:52 - 00000000 ____D () C:\Users\Regina\Documents\Barmer+Gsundheit
2014-09-03 13:17 - 2014-01-03 20:49 - 00002113 _____ () C:\Users\Public\Desktop\Nero MediaHome.lnk
2014-09-03 13:17 - 2011-03-30 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-09-01 21:24 - 2013-01-05 17:01 - 00000000 ____D () C:\Users\Regina\Documents\DVDVideoSoft
2014-09-01 20:20 - 2011-04-27 16:15 - 524690022 _____ () C:\Windows\MEMORY.DMP
2014-09-01 20:20 - 2011-04-27 16:15 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 21:31 - 2014-08-28 21:31 - 00000000 ____D () C:\Users\Regina\Desktop\Alte Firefox-Daten
2014-08-28 20:32 - 2009-07-14 06:45 - 00424672 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 21:31 - 2014-05-29 13:00 - 00000000 ____D () C:\Users\Regina\Documents\Regina sen
2014-08-25 20:02 - 2012-11-14 21:49 - 00000000 ____D () C:\Users\Administrator1\AppData\Roaming\Real
2014-08-25 19:07 - 2013-10-23 15:33 - 00000000 ____D () C:\Users\Regina\Documents\Rechnungen Mnet
2014-08-25 19:00 - 2013-10-23 14:16 - 00000000 ____D () C:\Users\Regina\Documents\Rechnungen tablet
2014-08-25 06:53 - 2010-07-07 17:48 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 04:07 - 2014-08-27 19:29 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 19:29 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 19:29 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 23:13 - 2014-08-20 23:13 - 00000000 ____D () C:\Users\Administrator1\AppData\Roaming\Oracle
2014-08-20 23:10 - 2013-10-29 16:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-20 23:06 - 2014-07-19 19:34 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-08-20 23:06 - 2013-02-26 15:51 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-08-20 23:06 - 2013-02-26 15:51 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-08-20 23:06 - 2013-02-26 15:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-08-20 23:06 - 2010-12-02 21:13 - 00000000 ____D () C:\Program Files\Java
2014-08-20 23:05 - 2014-08-20 22:56 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-20 23:05 - 2014-08-20 22:55 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-20 23:05 - 2014-08-20 22:55 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-20 23:05 - 2014-08-20 22:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-20 23:05 - 2010-12-02 21:13 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-20 22:57 - 2014-08-20 22:57 - 00000000 ____D () C:\Users\Regina\AppData\Roaming\Oracle
2014-08-20 22:55 - 2014-08-20 22:54 - 00004594 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-20 22:52 - 2014-08-20 22:52 - 00918952 _____ (Oracle Corporation) C:\Users\Regina\Downloads\jxpiinstall.exe
2014-08-20 20:42 - 2014-08-20 20:42 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-20 20:42 - 2014-08-20 20:42 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

Some content of TEMP:
====================
C:\Users\Regina\AppData\Local\Temp\AskSLib.dll
C:\Users\Regina\AppData\Local\Temp\avgnt.exe
C:\Users\Regina\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Regina\AppData\Local\Temp\_is3774.exe
C:\Users\Regina\AppData\Local\Temp\_isFB9D.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

ADDITION.TXT

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Regina at 2014-09-19 17:47:04
Running from C:\Users\Regina\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM-x32\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 12 v.12.0.5 (HKLM-x32\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 8.1.0 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 3.12.0 - ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 3.4.0 - ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{5479F9EC-5D71-CB4F-7091-3BF696F82035}) (Version: 3.0.804.0 - ATI Technologies, Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
Canon CanoScan Toolbox 5.0 (HKLM-x32\...\CanoScan Toolbox 5.0) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon iP4800 series Benutzerregistrierung (HKLM-x32\...\Canon iP4800 series Benutzerregistrierung) (Version: - )
Canon iP4800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4800_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version: - )
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.1013.2133.36853 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1013.2133.36853 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.1013.2133.36853 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help English (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help French (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help German (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.1013.2132.36853 - ATI) Hidden
ccc-core-static (x32 Version: 2010.1013.2133.36853 - ATI) Hidden
ccc-utility64 (Version: 2010.1013.2133.36853 - ATI) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Content (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (x32 Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (x32 Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM-x32\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (x32 Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM-x32\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version: - Corel Corporation)
CorelDRAW Essentials 4 (x32 Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2515 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.2515 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube Download version 3.2.13.925 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.13.925 - DVDVideoSoft Ltd.)
Free YouTube to DVD Converter version 3.1.13.925 (HKLM-x32\...\Free YouTube to DVD Converter_is1) (Version: 3.1.13.925 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Harry Potter Creative CD (HKLM-x32\...\{182ACEA4-834A-4C60-AA55-E979EDFBBA3E}) (Version: 1.0.0 - Microgistix, Inc)
honestech Audio Recorder 2.0 Deluxe (HKLM-x32\...\{A0BC5BCD-893F-47F4-8903-FDC7CAC2AFB1}) (Version: 2.0 - honestech)
honestech Audio Recorder 2.0 Deluxe (x32 Version: 2.0 - Honest Technology) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.20.26 - Oracle Corporation) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.31 - Logitech Inc.)
LUMIX Simple Viewer (HKLM-x32\...\{2CDCCE7E-55D5-40CC-AEA0-ABA54713501F}) (Version: 0.99.0000 - Panasonic)
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{AB770FDE-8087-4C98-9A85-BD64262C104C}) (Version: 6.0.0000 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 6.0.0000 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Small Business (HKLM-x32\...\{91130407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 11 (HKLM-x32\...\{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}) (Version: 11.0.10100 - Nero AG)
Nero 11 Cliparts (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero 11 Video Samples (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero Abstract Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp 11 (x32 Version: 6.2.18400.2.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Blu-ray Player (x32 Version: 12.1.20081 - Nero AG) Hidden
Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10500.5.100 - Nero AG)
Nero Control Center 10 (x32 Version: 10.2.11100.1.1 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.24900 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.17800.8.5 - Nero AG) Hidden
Nero CoverDesigner 11 (x32 Version: 6.0.11000.13.100 - Nero AG) Hidden
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
Nero Disc Menus 1 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 2 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus 3 (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Express 11 (x32 Version: 11.2.10300.0.0 - Nero AG) Hidden
Nero Express 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
Nero Holiday and Sports Themes (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Image Samples (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.22.5700 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Prerequisite Installer 1.0 (HKLM-x32\...\{82E8286F-5F93-4548-B2C0-E9BD23B04AA7}) (Version: 11.0.12600 - Nero AG)
Nero Recode 11 (x32 Version: 5.2.11300.0.0 - Nero AG) Hidden
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.15005 - Nero AG) Hidden
Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100 - Nero AG) Hidden
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
Nero Suite (HKLM-x32\...\NeroMultiInstaller!UninstallKey) (Version: - )
Nero Update (x32 Version: 11.0.13600.45.0 - Nero AG) Hidden
Nero Video 11 (x32 Version: 8.2.16000.4.100 - Nero AG) Hidden
Nero Video 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
Nero WaveEditor 11 (x32 Version: 6.2.11300.0.100 - Nero AG) Hidden
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10000 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20013 - Nero AG) Hidden
PDF24 Creator 6.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PHOTOfunSTUDIO -viewer- (HKLM-x32\...\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}) (Version: 1.00.000 - Panasonic)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6225 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
WD Drive Utilities (HKLM-x32\...\{59E0381C-1047-45A3-B68A-57F586EAF3C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{57F80E51-A2F3-44AD-BA17-3275B0433165}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{D338102B-BA1C-4CCA-B870-8690FA0F0433}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{2A9937AF-6650-40D6-ADFA-EEB731B908DF}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{2d588de7-f4f6-4d6d-8719-32cbb9637e9e}) (Version: 2.4.2.26 - Western Digital Technologies, Inc.)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WiredTools (HKLM-x32\...\WiredTools_is1) (Version: 2.2.9.5 - WiredTools LTD)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) =============

2010-10-14 06:32 - 2010-10-14 06:32 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WiredTools => ""="service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2014 08:27:34 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (09/09/2014 08:13:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Avira.OE.Systray.exe, Version: 1.1.21.25189, Zeitstempel: 0x53fdd63b
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x820
Startzeit der fehlerhaften Anwendung: 0xAvira.OE.Systray.exe0
Pfad der fehlerhaften Anwendung: Avira.OE.Systray.exe1
Pfad des fehlerhaften Moduls: Avira.OE.Systray.exe2
Berichtskennung: Avira.OE.Systray.exe3

Error: (09/09/2014 08:13:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.FileLoadException
Stapel:
bei Avira.OE.Systray.Program.Main(System.String[])

Error: (09/08/2014 10:19:15 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (09/03/2014 01:24:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x53cee30c
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022e8f
ID des fehlerhaften Prozesses: 0x1100
Startzeit der fehlerhaften Anwendung: 0xWDBackupEngine.exe0
Pfad der fehlerhaften Anwendung: WDBackupEngine.exe1
Pfad des fehlerhaften Moduls: WDBackupEngine.exe2
Berichtskennung: WDBackupEngine.exe3

Error: (09/03/2014 01:18:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WDBackupEngine.exe, Version: 2.0.0.15, Zeitstempel: 0x53cee30c
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000361b0
ID des fehlerhaften Prozesses: 0x874
Startzeit der fehlerhaften Anwendung: 0xWDBackupEngine.exe0
Pfad der fehlerhaften Anwendung: WDBackupEngine.exe1
Pfad des fehlerhaften Moduls: WDBackupEngine.exe2
Berichtskennung: WDBackupEngine.exe3

Error: (09/01/2014 05:57:34 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "E:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (09/01/2014 05:47:09 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (08/25/2014 09:02:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WDDMStatus.exe, Version 3.2.4.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1058

Startzeit: 01cfc0941a0bbb46

Endzeit: 3

Anwendungspfad: C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe

Berichts-ID: 2b1cbc99-2c8a-11e4-b64f-6c626dc16dbc

Error: (08/25/2014 08:56:59 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Fehler beim Bestimmen des Bibliothekenspeicherorts eines der in die Scherung eingeschlossenen Benutzer durch die Windows-Sicherung. (0x81000031)"


System errors:
=============
Error: (09/19/2014 02:46:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/18/2014 02:03:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/17/2014 03:18:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/17/2014 11:23:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/16/2014 08:19:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/14/2014 04:43:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/13/2014 11:02:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/10/2014 08:23:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (09/10/2014 08:23:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Microsoft .NET Framework NGEN v4.0.30319_X86 erreicht.

Error: (09/09/2014 08:08:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (09/16/2014 08:27:34 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (09/09/2014 08:13:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.21.2518953fdd63bKERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d82001cfcc59bf86952aC:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dllff9f2fb7-384c-11e4-ae07-6c626dc16dbc

Error: (09/09/2014 08:13:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.Systray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.IO.FileLoadException
Stapel:
bei Avira.OE.Systray.Program.Main(System.String[])

Error: (09/08/2014 10:19:15 AM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (09/03/2014 01:24:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WDBackupEngine.exe2.0.0.1553cee30cKERNELBASE.dll6.1.7601.1840953159a86c000000500022e8f110001cfc768e6a208d0C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exeC:\Windows\syswow64\KERNELBASE.dlle7a8847c-335c-11e4-8024-6c626dc16dbc

Error: (09/03/2014 01:18:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WDBackupEngine.exe2.0.0.1553cee30cKERNELBASE.dll6.1.7601.1840953159a86c0000005000361b087401cfc7681bdb5bddC:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exeC:\Windows\syswow64\KERNELBASE.dll19b3a398-335c-11e4-8024-6c626dc16dbc

Error: (09/01/2014 05:57:34 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: E:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (09/01/2014 05:47:09 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:

Error: (08/25/2014 09:02:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WDDMStatus.exe3.2.4.12105801cfc0941a0bbb463C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe2b1cbc99-2c8a-11e4-b64f-6c626dc16dbc

Error: (08/25/2014 08:56:59 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Fehler beim Bestimmen des Bibliothekenspeicherorts eines der in die Scherung eingeschlossenen Benutzer durch die Windows-Sicherung. (0x81000031)


==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 48%
Total physical RAM: 4095.3 MB
Available physical RAM: 2099.28 MB
Total Pagefile: 8188.79 MB
Available Pagefile: 5385.96 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:1366.16 GB) (Free:1144.49 GB) NTFS
Drive d: (Recover) (Fixed) (Total:30 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================


GMER

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-09-19 18:27:33
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 ST31500541AS rev.CC34 1397,27GB
Running: Gmer-19357.exe; Driver: C:\Users\ADMINI~1\AppData\Local\Temp\pwriqpod.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff800035b8000 34 bytes [8D, 10, 4A, 00, 00, 48, 8D, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 563 fffff800035b8023 23 bytes [BF, 01, 00, 00, 00, 4C, 89, ...]

---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe[1928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075dd1465 2 bytes [DD, 75]
.text C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe[1928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075dd14bb 2 bytes [DD, 75]
.text ... * 2

---- Threads - GMER 2.1 ----

Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3596:3640] 00000000759f7587
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3596:3648] 0000000069e07712
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3596:3652] 0000000077be2e65
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3596:3164] 0000000077be3e85
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3596:5664] 0000000077be3e85
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3596:1048] 0000000077be3e85

---- Registry - GMER 2.1 ----

Reg HKCU\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted@C:\Users\Administrator1\AppData\Local\Logitech\xae Webcam-Software\Logishrd\LU2.0\LogitechUpdate.exe 1

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

Alt 19.09.2014, 19:42   #2
schrauber
/// the machine
/// TB-Ausbilder
 

AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden? - Standard

AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?



Hi,

ja kannste löschen.
__________________

__________________

Alt 20.09.2014, 10:26   #3
ReginaC
 
AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden? - Standard

AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?



Hallo Schrauber,

herzlichen Dank für die superschnelle Antwort!
Habe ich gemacht.

Schönes Wochenende
Beste Grüße
Regina
__________________

Alt 20.09.2014, 17:42   #4
schrauber
/// the machine
/// TB-Ausbilder
 

AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden? - Standard

AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?
adwcleaner, browser, desktop, dvdvideosoft ltd., fehlercode 0x81000006, fehlercode 0x81000031, fehlercode 0xc0000005, fehlercode 0xe0434352, flash player, homepage, internet explorer, monitor, realtek, registrierungsdatenbank, security, software, svchost.exe, vista



Ähnliche Themen: AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?


  1. Registrierungsschlüssel können nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 26.04.2015 (7)
  2. AdwCleaner - Welche Datei darf gelöscht werden? / Programm "Chip best Deal" kann nicht deintalliert werden
    Plagegeister aller Art und deren Bekämpfung - 26.02.2015 (5)
  3. AdwCleaner Was kann gelöscht werden
    Log-Analyse und Auswertung - 16.02.2015 (1)
  4. NAch Avira Scan: Virus Funde in Archiven können nicht repariert werden!
    Log-Analyse und Auswertung - 14.02.2015 (21)
  5. Windows 8: Können diese Adw-Cleaner-Funde unbedenklich für das System gelöscht werden?
    Antiviren-, Firewall- und andere Schutzprogramme - 29.06.2014 (2)
  6. Windows 7, Firefox-Browser: Spyware/Trojaner/Hijacker können trotz Anti-Malware und Adwcleaner nicht entfernt werden
    Plagegeister aller Art und deren Bekämpfung - 27.02.2014 (13)
  7. Spyware/Trojaner können nicht gelöscht werden - z.B. cgjvtwfy.exe
    Plagegeister aller Art und deren Bekämpfung - 11.12.2010 (4)
  8. Schädlinge können nicht gelöscht werden?? Was kann ich tun?
    Plagegeister aller Art und deren Bekämpfung - 06.05.2009 (0)
  9. wcs.exe/wcm.exe können nicht gelöscht werden.
    Plagegeister aller Art und deren Bekämpfung - 09.11.2008 (11)
  10. Dateien können nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 09.09.2007 (1)
  11. Infizierte Dateien können nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 15.06.2007 (4)
  12. Ordner leer - Können dennoch nicht gelöscht werden!!!
    Alles rund um Windows - 11.10.2006 (2)
  13. Können diese Dateien gelöscht werden?
    Plagegeister aller Art und deren Bekämpfung - 28.06.2006 (1)
  14. können alle Dateien gelöscht werden ?
    Plagegeister aller Art und deren Bekämpfung - 31.03.2005 (3)
  15. Diverse Trojanloader von KAV gefunden, ohne das sie gelöscht werden können.
    Plagegeister aller Art und deren Bekämpfung - 26.10.2004 (16)
  16. 2 Risikobehaftete Dateien können nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 26.05.2004 (3)
  17. BugBear: wie können infizierte RESTORE\TEMP - Dateien gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 06.06.2003 (2)

Zum Thema AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden? - Hallo Profis, darf ich die Funde des AdwCleaners in der Registrierungsdatenbank löschen? Die Logs des Adw Cleaners, FRST, Addition und GMER folgen hier im Text und als Anhang. Herzlichen Dank - AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?...
Archiv
Du betrachtest: AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.