Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Browser öffnen mit "www.delta-homes.com"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.12.2014, 10:59   #1
Dogma2006
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Hallo,
ich seit Kurzem ein kleines, aber lästiges Problem. Meine Browser, egal ob Iexplorer oder Google Chrome, öffnen immer mit " hxxp://www.delta-homes.com/". Ich habe schon einige Tipps befolgt, z.B. Add-Ons, aber bisher hat das nichts gebracht.

Mir ist auch unerklärlich, wie sich so etwas einstellen kann. Ich habe mein Notebook erst vor kurzem auf den Auslieferungszustand zurückgesetzt. Es ist ausschließlich legale Software installiert worden, z.T. Kaufsoftware.
Ich bin mir auch nicht bewußt, gefährliche Seiten im Internet aufgesucht zu haben.
Kann mir jemand einen Rat geben?

Alt 19.12.2014, 13:33   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 19.12.2014, 17:01   #3
Dogma2006
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Hallo anbei die beiden Logfiles.
Übrigrens, ich benütze Kaspersky. Nur weiß nich nicht, wie zu den Logfiles der letzten Untersuchung komme.



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by Josef at 2014-12-19 17:50:17
Running from C:\Users\Josef\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709n (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.355 - ACD Systems International Inc.)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.1.7615 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.1.7615 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.34.2 - Acer) Hidden
Acer Arcade Movie (x32 Version: 9.0.6415 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.1.60 - NewTech Infosystems)
Acer Bio Protection (HKLM-x32\...\InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}) (Version: 6.5.76 - Egis Technology Inc.)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.12.1 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0309.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Argus Cycle Tour 2010 - South Africa (HKLM-x32\...\{5B7664A8-4383-4C3E-B466-46A947381FFC}) (Version: 1.00.0000 - Tacx)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.24 - Atheros Communications Inc.)
Atheros_7.0.2.13_patch2_64 (HKLM-x32\...\{2D13FC7D-42A8-4BF1-AF0C-B3DC68C59448}_is1) (Version:  - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F5816A09-786E-C91D-3D99-8A8C92648750}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Backup Manager Advance (x32 Version: 2.0.1.60 - NewTech Infosystems) Hidden
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1449.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 5.0.1449.0 - Microsoft Corporation) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.00.002.0013 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
ccc-core-static (x32 Version: 2010.0421.657.10561 - Ihr Firmenname) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 140.0.65.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
Download &amp; Install Packages (HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Download &amp; Install Packages) (Version:  - ) <==== ATTENTION
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Elevated Installer (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Fingerprint Solution (x32 Version: 6.1.76.0 - Egis Technology Inc.) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Garmin Express (HKLM-x32\...\{045320b6-c340-4960-aefd-57bf08a9b425}) (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Ipswitch WS_FTP Pro Uninstall (HKLM-x32\...\WS_FTPPro) (Version:  - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JuiceboxBuilder-Pro (HKLM-x32\...\JuiceboxBuilder-Pro) (Version: 1.3.2 - SimpleViewer Inc)
JuiceboxBuilder-Pro (x32 Version: 1.3.2 - SimpleViewer Inc) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Mallorca Tour I - Spain (HKLM-x32\...\{8B5D5C58-A053-4832-949A-53933682588D}) (Version: 1.00.0000 - Tacx)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 (HKLM\...\Office15.SharePointDesigner) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Milan San Remo 2008 - Italy (HKLM-x32\...\{B1552C76-5085-4982-A131-72E6174F29B6}) (Version: 1.00.0000 - Tacx)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.210.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.8 - Google)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Nuvoton CIR Device Drivers (HKLM-x32\...\{FBC79D04-051E-4367-8051-1DB0C893FBE0}) (Version: 8.60.2002 - Nuvoton Technology Corporation)
O2Micro 1394 OHCI Compliant Host Controller Driver (HKLM-x32\...\InstallShield_{AFC44A23-E6A8-4625-B6B1-23D438525D59}) (Version: 1.0.00 - O2Micro International LTD.)
O2Micro 1394 OHCI Compliant Host Controller Driver (Version: 1.0.00 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249}) (Version: 2.0.37.D - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 2.0.37.D - O2Micro International LTD.) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.00.09123 - Sony Corporation)
Portrait Professional 10.8 (HKLM-x32\...\PortraitProfessional10_is1) (Version: 10.8 - Anthropics Technology Ltd.)
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6072 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0017-0000-1000-0000000FF1CE}_Office15.SharePointDesigner_{67A083C6-0A9E-48E8-BC90-C1EDA8028ED4}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.2 - Synaptics Incorporated)
Tacx Trainer software 4 (HKLM-x32\...\{1FC386C1-EA57-43DB-9860-FE327C143148}) (Version: 4.13.0 - Tacx BV)
The Grossglockner 2008 - Austria (HKLM-x32\...\{6AD671B1-4FAD-43A1-9EC2-42301DFF3D3C}) (Version: 1.00.0000 - Tacx)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
TTS Launcher (HKLM-x32\...\{2D09223F-34B4-4C74-B6F2-ABDE6BEC82E5}) (Version: 1.0.3 - Tacx BV)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
USB ANT Stick Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\USB_ANT_SIUSBXP_3_1&1004&0FCF) (Version:  - )
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

12-12-2014 15:45:46 Windows Update
13-12-2014 10:13:46 Windows Update
18-12-2014 09:18:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1830E1A6-0CD6-4683-AB0B-63139290F43A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {224EAC5D-D3C9-4260-B253-ABA8F736325E} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18] (Hewlett-Packard)
Task: {2D28C6D4-82D9-4E6F-9AEF-D1CA499D948B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-10-21] ()
Task: {3C369532-32DB-4AC1-97BC-86965BB9D6C5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {48BF3627-CF5F-4357-B6E3-B01FB0B3AC61} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {6375FE9B-0F15-4B72-84A5-B5DC9C661CE2} - System32\Tasks\{EF48D0EB-28C4-43A2-8FE7-45FF0EB4AC99} => pcalua.exe -a c:\PROGRA~2\COMMON~1\ADOBEA~1\Versions\1.0\ADOBEA~1.EXE -c "C:\Users\Josef\AppData\Local\Temp\Temp1_juicebox_pro_1.3.2.zip\juicebox_pro_1.3.2\JuiceboxBuilder-Pro.air"
Task: {6C964581-D351-4735-83B6-43568B4E7C60} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\Root\Office15\msoia.exe [2014-11-29] (Microsoft Corporation)
Task: {6D92763E-7206-4A23-B7AA-26181BB1F59B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {98EFF087-0D02-4DBF-AD73-E9849E980F08} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.)
Task: {9CDB30CB-9C55-4D0D-A233-4F9C05EAAA36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\Root\Office15\msoia.exe [2014-11-29] (Microsoft Corporation)
Task: {9F5E8837-664E-4DCC-8940-ECF9A737561D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {AC3C1682-1F45-4CC0-B58A-8A3B97062208} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF4379F9-ADC4-4785-ACC0-0A877DBB1BA7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {E9066672-66C4-4EFC-B0BC-31D454156384} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.)
Task: {ECC75410-0A30-421C-AB6A-D4E9EBC9D2FA} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-03-26] (Acer)
Task: {EF5C9790-2B98-4D5C-99FA-B1A497200C16} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-08 03:35 - 2010-03-08 03:35 - 00108912 _____ () C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64.DLL
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-11-29 12:55 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-14 21:18 - 2010-01-13 10:47 - 00206208 _____ () C:\Windows\PLFSetI.exe
2010-10-19 08:31 - 2010-10-19 08:31 - 00205312 _____ () C:\Program Files\Netzmanager\NMInfraIS2\driver64\SoftplugLib.DLL
2014-11-14 21:37 - 2010-02-03 09:37 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2014-07-16 09:24 - 2014-07-16 09:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2010-03-26 10:41 - 2010-03-26 10:41 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-11-14 20:54 - 2014-11-14 20:54 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2010-06-24 14:32 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2186974003-2043912784-1202098385-500 - Administrator - Disabled)
Gast (S-1-5-21-2186974003-2043912784-1202098385-501 - Limited - Disabled)
Josef (S-1-5-21-2186974003-2043912784-1202098385-1000 - Administrator - Enabled) => C:\Users\Josef

==================== Faulty Device Manager Devices =============

Name: ccnfd_1_10_0_2
Description: ccnfd_1_10_0_2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ccnfd_1_10_0_2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/19/2014 01:06:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/18/2014 01:52:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/17/2014 08:37:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm TrainerSoftware.exe, Version 4.13.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e94

Startzeit: 01d01a306fea20e6

Endzeit: 33

Anwendungspfad: C:\Program Files (x86)\Tacx\TacxTrainersoftware4\TrainerSoftware.exe

Berichts-ID:

Error: (12/16/2014 08:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hpqtra08.exe, Version: 140.0.213.0, Zeitstempel: 0x4bffab62
Name des fehlerhaften Moduls: hpzidr12.dll, Version: 12.1.3.51, Zeitstempel: 0x4a0bfded
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000070c5
ID des fehlerhaften Prozesses: 0xb84
Startzeit der fehlerhaften Anwendung: 0xhpqtra08.exe0
Pfad der fehlerhaften Anwendung: hpqtra08.exe1
Pfad des fehlerhaften Moduls: hpqtra08.exe2
Berichtskennung: hpqtra08.exe3

Error: (12/16/2014 02:16:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/16/2014 09:08:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: APSDaemon.exe, Version: 2.4.3.36, Zeitstempel: 0x543300c1
Name des fehlerhaften Moduls: objc.dll, Version: 1.528.0.120, Zeitstempel: 0x5400227d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00006be4
ID des fehlerhaften Prozesses: 0x2604
Startzeit der fehlerhaften Anwendung: 0xAPSDaemon.exe0
Pfad der fehlerhaften Anwendung: APSDaemon.exe1
Pfad des fehlerhaften Moduls: APSDaemon.exe2
Berichtskennung: APSDaemon.exe3

Error: (12/15/2014 01:42:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ACDSeeQVPro3.exe, Version 3.0.291.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1904

Startzeit: 01d01864770a28d6

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe

Berichts-ID: ce581d93-8457-11e4-8b6d-60eb6956e8ac

Error: (12/15/2014 01:41:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c92c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000029fa9
ID des fehlerhaften Prozesses: 0x12fc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (12/14/2014 11:13:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACDSeeQVPro3.exe, Version: 3.0.291.0, Zeitstempel: 0x4ab0176c
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003734d
ID des fehlerhaften Prozesses: 0x8d0
Startzeit der fehlerhaften Anwendung: 0xACDSeeQVPro3.exe0
Pfad der fehlerhaften Anwendung: ACDSeeQVPro3.exe1
Pfad des fehlerhaften Moduls: ACDSeeQVPro3.exe2
Berichtskennung: ACDSeeQVPro3.exe3

Error: (12/14/2014 11:02:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ACDSeePro3.exe, Version 3.0.355.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dfc

Startzeit: 01d017e98a51e63e

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeePro3.exe

Berichts-ID: e89f2dc1-83dc-11e4-8b6d-60eb6956e8ac


System errors:
=============
Error: (12/19/2014 11:50:53 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (12/18/2014 09:32:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ccnfd_1_10_0_2

Error: (12/18/2014 09:31:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/18/2014 09:31:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (12/18/2014 09:30:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (12/18/2014 09:24:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ccnfd_1_10_0_2

Error: (12/18/2014 09:23:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/18/2014 09:23:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (12/18/2014 09:22:32 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (12/18/2014 05:44:56 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


Microsoft Office Sessions:
=========================
Error: (12/19/2014 01:06:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (12/18/2014 01:52:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (12/17/2014 08:37:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: TrainerSoftware.exe4.13.0.01e9401d01a306fea20e633C:\Program Files (x86)\Tacx\TacxTrainersoftware4\TrainerSoftware.exe

Error: (12/16/2014 08:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqtra08.exe140.0.213.04bffab62hpzidr12.dll12.1.3.514a0bfdedc0000005000070c5b8401d0190ce9e9b4ecC:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeC:\Windows\system32\hpzidr12.dll660137ae-855a-11e4-8d36-60eb6956e8ac

Error: (12/16/2014 02:16:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (12/16/2014 09:08:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: APSDaemon.exe2.4.3.36543300c1objc.dll1.528.0.1205400227dc000000500006be4260401d018649d2810feC:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dllc40ea395-84fa-11e4-8b6d-60eb6956e8ac

Error: (12/15/2014 01:42:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ACDSeeQVPro3.exe3.0.291.0190401d01864770a28d60C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exece581d93-8457-11e4-8b6d-60eb6956e8ac

Error: (12/15/2014 01:41:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ole32.dll6.1.7601.175144ce7c92cc00000050000000000029fa912fc01d016b84f3b89e9C:\Windows\Explorer.EXEC:\Windows\system32\ole32.dllc06daf6b-8457-11e4-8b6d-60eb6956e8ac

Error: (12/14/2014 11:13:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ACDSeeQVPro3.exe3.0.291.04ab0176cMSVCR90.dll9.0.30729.61614dace5b9c00000050003734d8d001d017eafe72c4c0C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll5d9b0ada-83de-11e4-8b6d-60eb6956e8ac

Error: (12/14/2014 11:02:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ACDSeePro3.exe3.0.355.0dfc01d017e98a51e63e16C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeePro3.exee89f2dc1-83dc-11e4-8b6d-60eb6956e8ac


CodeIntegrity Errors:
===================================
  Date: 2014-12-14 09:53:39.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-14 09:53:39.859
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-14 09:50:58.821
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-14 09:50:58.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.349
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.347
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.207
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.144
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:29:12.358
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:29:12.296
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 35%
Total physical RAM: 8124.5 MB
Available physical RAM: 5258.46 MB
Total Pagefile: 16247.17 MB
Available Pagefile: 12676.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:681.04 GB) (Free:204.1 GB) NTFS
Drive e: (My Book) (Fixed) (Total:3725.99 GB) (Free:2513.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A5F07B42)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=681 GB) - (Type=OF Extended)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================
         





FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Josef (administrator) on JOSEF-PC on 19-12-2014 17:49:16
Running from C:\Users\Josef\Desktop
Loaded Profile: Josef (Available profiles: Josef)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\klwtblfs.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-04-17] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107688 2010-04-14] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [558168 2010-04-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [349344 2010-04-23] (Atheros Communications)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-04-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3577712 2010-03-08] (Egis Technology Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Bing Bar] => C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [243544 2010-04-27] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-10-21] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-24] (Google Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-16] (Microsoft Corporation)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.lnk
ShortcutTarget: Biet-O-Matic.lnk -> C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx_GxS66P_6EEo2VgpCoAhNId_3S5QoY7z8mwV8Ocs0upvKlHXRkk3iq8eS8akTH0KaF3Rj6oiARI-_scLTGIOPNSHAsIUP6_eZ15mvfjbzUuHdPGtPzmIFD4vQzIxY9Q_5mcOsjaJTnusovne85XZAKzmxH3ZL_CLmZPMR93VVZw,,&q={searchTerms}
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_46_ie&cd=2XzuyEtN2Y1L1QzuyCtD0E0ByCzyyDyC0Ezz0A0CtBtDyCzztN0D0Tzu0StCtDyDtCtN1L2XzutAtFyCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytCyBzy0Ezy0FtGtBzzzzzytG0A0E0D0BtGyCtAzytAtGtByDtC0ByD0AtByC0BtByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtC0D0Ezy0E0EtGtCyCtCtDtGyEyCzyyEtGzzyB0B0EtGyEtAtB0AyBtB0DtA0B0FtAyC2Q&cr=2005769434&ir=
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx_GxS66P_6EEo2VgpCoAhNId_3S5QoY7z8mwV8Ocs0upvKlHXRkk3iq8eS8akTH0KaF3Rj6oiARI-_scLTGIOPNSHAsIUP6_eZ15mvfjbzUuHdPGtPzmIFD4vQzIxY9Q_5mcOsjaJTnusovne85XZHsSLJDShtO13MX44iOUe5BQ,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\Root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\Root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: No Name - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-11-25]
FF HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-14]
CHR Extension: (Google Docs) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-14]
CHR Extension: (Google Drive) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-14]
CHR Extension: (YouTube) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-14]
CHR Extension: (Google-Suche) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-14]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-11-14]
CHR Extension: (Google Tabellen) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2014-11-14]
CHR Extension: (Google Wallet) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-14]
CHR Extension: (Security Protection) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2014-12-17]
CHR Extension: (Google Mail) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-14]
CHR Extension: (Anti-Banner) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-11-14]
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-17]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-17]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.delta-homes.com/?type=sc&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [34392 2010-04-01] (Atheros Communications) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-10-21] (Garmin Ltd or its subsidiaries)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3456880 2010-03-08] (Egis Technology Inc.)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] () [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485376 2014-12-16] (Fuyu LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 DSI_SiUSBXp_3_1; C:\Windows\System32\drivers\DSI_SiUSBXp_3_1.sys [16384 2009-03-31] (Silicon Laboratories)
R3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2009-08-31] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-11-14] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-11-14] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-11-14] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-11-14] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (hxxp://libusb-win32.sourceforge.net)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 nuvotoncir; C:\Windows\system32\DRIVERS\nuvotoncir.sys [48128 2009-08-31] (Nuvoton Technology Corporation)
R3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [26624 2009-08-31] (Nuvoton Technology Corporation)
S3 nuvotonir; C:\Windows\system32\DRIVERS\nuvotonir.sys [68096 2009-08-31] (Nuvoton Technology Corporation)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [50976 2010-01-11] (O2Micro )
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo)
R2 {6E090BD5-4EF5-4bf0-A968-74049E88E935}; C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl [146928 2010-04-15] (CyberLink Corp.)
S1 ccnfd_1_10_0_2; system32\drivers\ccnfd_1_10_0_2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 17:49 - 2014-12-19 17:50 - 00036677 _____ () C:\Users\Josef\Desktop\FRST.txt
2014-12-19 17:48 - 2014-12-19 17:49 - 00000000 ____D () C:\FRST
2014-12-19 17:48 - 2014-12-19 17:48 - 02121216 _____ (Farbar) C:\Users\Josef\Desktop\FRST64.exe
2014-12-17 20:38 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 20:38 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 20:26 - 2014-12-18 15:37 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-12-17 20:26 - 2014-12-17 20:26 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\WinZipper
2014-12-15 14:49 - 2014-12-15 13:01 - 15526138 _____ () C:\Users\Josef\Desktop\Kalender von Reiseck Josef TD-334.ics
2014-12-15 13:36 - 2014-12-15 13:36 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-12-15 13:36 - 2014-12-15 13:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-12-15 13:36 - 2014-12-15 13:36 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-12-15 13:34 - 2014-12-15 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-13 10:31 - 2014-12-13 10:31 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 15:48 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 15:48 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 15:48 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 15:48 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 15:48 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 15:48 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 15:48 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 15:48 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 15:48 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 15:48 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 18:41 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 18:41 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 18:41 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 18:41 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 18:41 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 18:41 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 18:41 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 18:41 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 18:41 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 18:41 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 18:41 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 18:41 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 18:41 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 18:41 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 18:41 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 18:41 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 18:41 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 18:41 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 18:41 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 18:41 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 18:41 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 18:41 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 18:41 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 18:41 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 18:41 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 18:41 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 18:41 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 18:41 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 18:41 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 18:41 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 18:41 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 18:41 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 18:41 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 18:41 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 18:41 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 18:41 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 18:41 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 18:41 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 18:41 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 18:41 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 18:41 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 18:41 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 18:41 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 18:41 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 18:41 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 18:41 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 18:41 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 18:41 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 18:41 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 18:41 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 18:41 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 18:41 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 18:41 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 18:41 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 18:41 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 18:41 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 18:41 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 18:41 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 18:41 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 18:40 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 18:40 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 18:40 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 18:40 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 18:40 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 18:40 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 18:40 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 18:40 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 18:40 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 18:40 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 18:40 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 18:40 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 18:40 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 18:40 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-07 12:41 - 2014-12-16 16:40 - 00000000 ___HD () C:\Users\Josef\Desktop\[Originaldateien]
2014-12-07 09:55 - 2014-11-30 22:02 - 00002059 _____ () C:\Users\Josef\Desktop\Lightroom 5.7 64-Bit.lnk
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\Users\Josef\Desktop\Konverter
2014-12-03 17:10 - 2014-12-18 09:20 - 00000000 ____D () C:\Users\Josef\AppData\Local\D95C058A-9BC8-45EA-84E8-D454B63F41E2.aplzod
2014-12-03 16:48 - 2014-12-18 21:31 - 00000000 ___RD () C:\Users\Josef\iCloudDrive
2014-12-03 16:48 - 2014-12-03 16:48 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple Inc
2014-12-02 17:58 - 2014-12-02 17:58 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\CyberLink
2014-12-02 17:57 - 2014-12-02 17:58 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\PowerCinema
2014-12-02 17:57 - 2014-12-02 17:57 - 00000000 ____D () C:\Users\Josef\AppData\Local\PowerCinema
2014-12-02 16:24 - 2014-12-02 16:24 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-11-30 22:02 - 2014-11-30 22:02 - 00002079 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-Bit.lnk
2014-11-30 14:30 - 2014-11-30 14:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-11-29 16:08 - 2014-11-29 16:08 - 00001033 _____ () C:\Users\Public\Desktop\Biet-O-Matic.lnk
2014-11-29 16:07 - 2014-11-29 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
2014-11-29 16:07 - 2003-01-07 02:22 - 00015873 _____ () C:\Windows\SysWOW64\Inetde.dll
2014-11-29 16:07 - 2000-12-05 23:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx
2014-11-29 16:07 - 2000-10-01 23:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6de.dll
2014-11-29 16:07 - 2000-05-22 15:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-11-29 16:07 - 2000-04-03 19:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll
2014-11-29 16:07 - 2000-04-03 19:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2014-11-29 16:07 - 1999-07-14 13:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll
2014-11-29 16:07 - 1998-07-05 23:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll
2014-11-29 16:07 - 1998-07-05 23:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll
2014-11-29 16:07 - 1998-06-23 23:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2014-11-29 16:06 - 2014-11-29 16:07 - 04653537 _____ () C:\Users\Josef\Downloads\BOM21412_setup.exe
2014-11-29 15:52 - 2014-12-13 22:49 - 00000000 ____D () C:\Users\Josef\Desktop\Bildschirm
2014-11-29 12:57 - 2014-11-29 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-29 12:55 - 2014-11-29 12:55 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-29 12:43 - 2014-11-29 12:44 - 00000000 ____D () C:\Users\Josef\Desktop\Outlook
2014-11-28 21:08 - 2014-11-28 21:08 - 00262144 _____ () C:\Windows\system32\config\elam
2014-11-28 21:07 - 2014-12-18 21:38 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\BOM
2014-11-28 21:07 - 2014-11-29 16:08 - 00000000 ____D () C:\Program Files (x86)\Biet-O-Matic
2014-11-28 21:00 - 2014-11-28 22:36 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-11-28 20:58 - 2014-11-28 20:58 - 00000000 ____D () C:\Users\Josef\AppData\Local\SearchProtect
2014-11-28 20:55 - 2014-11-28 22:36 - 00000000 ____D () C:\Program Files\7-Zip
2014-11-28 20:50 - 2014-11-28 22:36 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\vlc
2014-11-28 20:50 - 2014-11-28 20:50 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-11-28 20:43 - 2014-11-28 20:43 - 00000000 ____D () C:\Garmin
2014-11-26 18:30 - 2014-11-28 23:23 - 00000000 ____D () C:\Program Files (x86)\Garmin GPS Plugin
2014-11-26 18:30 - 2014-11-28 23:22 - 00000000 ____D () C:\Program Files\Garmin GPS Plugin
2014-11-24 18:47 - 2014-11-26 17:58 - 00000000 ____D () C:\Users\Josef\Documents\Daten_Sepp
2014-11-24 18:38 - 2014-11-24 18:38 - 00004608 _____ () C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-23 18:58 - 2014-11-23 18:58 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\simplitec
2014-11-23 18:52 - 2014-11-23 18:53 - 00083526 _____ () C:\Windows\hpqins13.dat
2014-11-23 18:48 - 2014-11-23 18:48 - 00000000 ____D () C:\ProgramData\WEBREG
2014-11-23 18:48 - 2010-07-28 17:19 - 00002075 ____N () C:\Windows\hpwmdl23.dat.temp
2014-11-23 18:44 - 2014-11-23 18:53 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\HP
2014-11-23 18:44 - 2014-11-23 18:51 - 00001004 _____ () C:\Users\Josef\AppData\Roaming\ConvAPIPlugin.log
2014-11-23 18:44 - 2014-11-23 18:44 - 00000000 ____D () C:\Users\Josef\AppData\Local\HP
2014-11-23 18:42 - 2014-11-28 23:23 - 00000000 ____D () C:\Program Files (x86)\MSN Toolbar
2014-11-23 18:42 - 2014-11-23 18:42 - 00001384 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
2014-11-23 18:42 - 2014-11-23 18:42 - 00001342 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2014-11-23 18:41 - 2014-11-23 18:41 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-11-23 18:40 - 2014-12-08 16:01 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\HpUpdate
2014-11-23 18:40 - 2014-11-23 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-23 18:40 - 2014-11-23 18:40 - 00001361 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-11-23 18:40 - 2014-11-23 18:40 - 00001355 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-11-23 18:40 - 2014-11-23 18:40 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-11-23 18:40 - 2014-11-23 18:40 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-11-23 18:37 - 2014-11-23 18:41 - 00000000 ____D () C:\Program Files (x86)\HP
2014-11-23 18:36 - 2014-11-23 18:51 - 00262743 _____ () C:\Windows\hpwins23.dat
2014-11-23 18:36 - 2010-07-28 17:19 - 00002075 ____N () C:\Windows\hpwmdl23.dat
2014-11-23 18:36 - 2010-05-13 11:29 - 00553472 _____ (Hewlett Packard) C:\Windows\system32\hppldcoi.dll
2014-11-23 18:36 - 2010-05-13 11:25 - 01422848 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpwtiop4.dll
2014-11-23 18:36 - 2010-05-13 11:25 - 00906240 _____ (Hewlett-Packard) C:\Windows\system32\hpwwiax5.dll
2014-11-23 18:36 - 2010-02-01 07:54 - 00488960 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst11.dll
2014-11-23 18:30 - 2014-11-23 18:30 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WS_FTP Pro
2014-11-23 18:30 - 2014-11-23 18:30 - 00000000 ____D () C:\Program Files\WS_FTP Pro
2014-11-23 16:10 - 2014-11-23 18:53 - 00002542 _____ () C:\ProgramData\hpzinstall.log
2014-11-23 15:23 - 2014-12-16 18:35 - 00000000 ____D () C:\Users\Josef\Desktop\Bilder_Foren
2014-11-23 12:52 - 2014-11-23 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-11-22 12:03 - 2014-11-22 12:04 - 00000000 ____D () C:\Users\Josef\Desktop\Labertallauf_20141003
2014-11-21 18:39 - 2014-12-06 17:01 - 00000000 ____D () C:\ProgramData\simplitec
2014-11-21 18:39 - 2014-11-21 18:40 - 00000000 ____D () C:\ProgramData\MAGIX
2014-11-21 18:39 - 2014-11-21 18:39 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\MAGIX
2014-11-21 18:39 - 2014-11-21 18:39 - 00000000 ____D () C:\Users\Josef\AppData\Local\MAGIX
2014-11-21 18:39 - 2014-11-21 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-11-21 18:39 - 2014-11-21 18:39 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-11-20 19:57 - 2014-11-20 19:58 - 00000000 ____D () C:\ProgramData\Ant
2014-11-20 16:18 - 2014-11-20 16:18 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Tacx
2014-11-19 11:58 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 11:58 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 11:58 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 11:58 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 17:13 - 2014-11-14 22:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 16:52 - 2014-11-14 23:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-19 16:50 - 2014-11-14 22:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-19 13:59 - 2014-11-14 20:49 - 01608816 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 12:36 - 2014-11-16 10:13 - 13945389 _____ () C:\Users\Josef\Desktop\Training 12_00.xlsm
2014-12-19 11:59 - 2014-11-14 22:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-18 21:40 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-18 21:40 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-18 21:30 - 2014-11-17 17:32 - 00002091 _____ () C:\Windows\error.log
2014-12-18 21:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-18 21:30 - 2009-07-14 05:51 - 00046594 _____ () C:\Windows\setupact.log
2014-12-18 21:29 - 2014-11-17 17:32 - 00001793 _____ () C:\Windows\errord.log
2014-12-18 14:47 - 2014-11-14 20:45 - 00270342 _____ () C:\Windows\PFRO.log
2014-12-18 13:22 - 2014-11-15 05:34 - 00699614 _____ () C:\Windows\system32\perfh007.dat
2014-12-18 13:22 - 2014-11-15 05:34 - 00149722 _____ () C:\Windows\system32\perfc007.dat
2014-12-18 13:22 - 2009-07-14 06:13 - 01620392 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-18 09:24 - 2014-11-17 18:11 - 00000000 ____D () C:\Users\Josef\Documents\Outlook-Dateien
2014-12-17 20:24 - 2014-11-14 23:19 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-17 20:24 - 2014-11-14 21:02 - 00001665 _____ () C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-16 20:33 - 2014-11-15 12:06 - 00000000 ____D () C:\Users\Josef\AppData\Local\CrashDumps
2014-12-15 13:22 - 2014-11-14 21:59 - 00000000 ____D () C:\Users\Josef\AppData\Local\Google
2014-12-14 13:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 09:49 - 2014-11-17 16:44 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-13 20:28 - 2014-11-14 22:54 - 00000000 ____D () C:\Users\Josef\Documents\JuiceboxBuilder-Pro
2014-12-13 10:31 - 2014-11-14 23:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 10:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 10:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 10:14 - 2014-11-15 22:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-12 22:24 - 2014-11-14 21:02 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Adobe
2014-12-12 15:55 - 2014-11-14 22:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 15:50 - 2014-11-14 22:29 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 21:44 - 2014-11-16 15:59 - 00000000 ____D () C:\Users\Josef\Desktop\Tacx_iGenius
2014-12-11 20:14 - 2014-11-17 17:06 - 00000246 _____ () C:\TTSInstaller.log
2014-12-11 20:12 - 2014-11-15 22:24 - 00001373 _____ () C:\Users\Public\Desktop\Tacx Support Tool.lnk
2014-12-11 20:12 - 2014-11-15 12:02 - 00002282 _____ () C:\Users\Public\Desktop\Tacx Trainer software 4.lnk
2014-12-10 17:41 - 2014-11-14 23:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 17:41 - 2014-11-14 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 17:41 - 2014-11-14 23:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 21:16 - 2014-11-15 17:13 - 00000000 ____D () C:\Users\Josef\Documents\ID_Passwoerter
2014-12-07 10:06 - 2014-11-16 15:57 - 00000000 ____D () C:\Users\Josef\Desktop\Foto
2014-12-07 09:44 - 2014-11-17 17:32 - 00000127 _____ () C:\Windows\Crypkey.ini
2014-12-07 09:44 - 2014-11-17 17:32 - 00000000 ____D () C:\Program Files\Stellar Phoenix Outlook PST Repair
2014-12-06 09:14 - 2010-06-24 14:14 - 00000000 ____D () C:\ProgramData\Partner
2014-12-05 23:10 - 2014-11-16 10:15 - 00000000 ____D () C:\Users\Josef\Desktop\Vorhang_Kueche
2014-12-05 20:51 - 2009-07-14 05:45 - 00446712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-03 17:41 - 2014-11-16 15:30 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Apple Computer
2014-12-03 16:49 - 2014-11-16 15:27 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple
2014-12-03 16:48 - 2014-11-14 20:59 - 00000000 ____D () C:\Users\Josef
2014-12-03 16:46 - 2014-11-16 15:30 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple Computer
2014-12-03 16:40 - 2014-11-16 15:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-03 16:20 - 2014-11-16 10:15 - 00000000 ____D () C:\Users\Josef\Desktop\Bunker
2014-12-02 17:58 - 2014-11-14 21:36 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-02 16:24 - 2014-11-15 12:23 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-12-02 16:21 - 2014-11-16 16:15 - 00000000 ____D () C:\Users\Josef\Desktop\TuneUp
2014-11-30 22:01 - 2014-11-14 22:33 - 00000000 ____D () C:\Program Files\Adobe
2014-11-30 19:54 - 2014-11-16 17:06 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\FileZilla
2014-11-29 13:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-29 12:49 - 2014-11-14 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office _Sharepoint
2014-11-28 23:23 - 2014-11-15 17:13 - 00000000 ____D () C:\Users\Josef\Documents\KV_RV_Vertraege_sonst Schriftverkehr
2014-11-28 23:23 - 2014-11-14 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-28 23:23 - 2014-11-14 23:26 - 00000000 ____D () C:\Windows\system32\Macromed
2014-11-28 23:23 - 2014-11-14 23:06 - 00000000 ____D () C:\ProgramData\Netzmanager
2014-11-28 23:22 - 2014-11-15 11:43 - 00000000 ____D () C:\Users\Josef\AppData\Local\Garmin
2014-11-28 23:22 - 2014-11-15 11:42 - 00000000 ____D () C:\ProgramData\Garmin
2014-11-28 23:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-28 23:21 - 2014-11-15 11:42 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-11-28 20:41 - 2014-11-15 11:43 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Garmin
2014-11-24 14:04 - 2014-11-14 22:15 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 18:57 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-11-23 18:53 - 2014-11-14 21:00 - 00116520 _____ () C:\Users\Josef\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-23 18:51 - 2009-07-14 03:34 - 00000560 _____ () C:\Windows\win.ini
2014-11-23 18:46 - 2014-11-14 21:59 - 00000000 ____D () C:\ProgramData\HP
2014-11-23 18:38 - 2010-06-24 13:55 - 00057612 _____ () C:\Windows\DPINST.LOG
2014-11-23 18:33 - 2014-11-16 15:58 - 00000000 ____D () C:\Users\Josef\Desktop\Homepage
2014-11-23 15:23 - 2014-11-15 22:18 - 00000000 ____D () C:\Users\Josef\AppData\Local\ACD Systems
2014-11-23 12:52 - 2010-06-24 14:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-22 09:55 - 2014-11-15 22:14 - 00000000 ____D () C:\Users\Josef\AppData\Local\Downloaded Installations
2014-11-21 18:40 - 2014-11-15 17:14 - 00000000 ____D () C:\Users\Josef\Documents\MAGIX
2014-11-20 19:25 - 2010-06-24 13:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-19 16:14 - 2014-11-14 23:19 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-11-19 05:37 - 2014-11-14 23:23 - 01594672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 15:19

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 19.12.2014, 17:05   #4
Dogma2006
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Zitat:
Zitat von Dogma2006 Beitrag anzeigen
Hallo anbei die beiden Logfiles.
Übrigrens, ich benütze Kaspersky. Nur weiß nich nicht, wie zu den Logfiles der letzten Untersuchung komme.



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by Josef at 2014-12-19 17:50:17
Running from C:\Users\Josef\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709n (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.355 - ACD Systems International Inc.)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.1.7615 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.1.7615 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.34.2 - Acer) Hidden
Acer Arcade Movie (x32 Version: 9.0.6415 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.1.60 - NewTech Infosystems)
Acer Bio Protection (HKLM-x32\...\InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}) (Version: 6.5.76 - Egis Technology Inc.)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.12.1 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0309.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Argus Cycle Tour 2010 - South Africa (HKLM-x32\...\{5B7664A8-4383-4C3E-B466-46A947381FFC}) (Version: 1.00.0000 - Tacx)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.24 - Atheros Communications Inc.)
Atheros_7.0.2.13_patch2_64 (HKLM-x32\...\{2D13FC7D-42A8-4BF1-AF0C-B3DC68C59448}_is1) (Version:  - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F5816A09-786E-C91D-3D99-8A8C92648750}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Backup Manager Advance (x32 Version: 2.0.1.60 - NewTech Infosystems) Hidden
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1449.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 5.0.1449.0 - Microsoft Corporation) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.00.002.0013 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
ccc-core-static (x32 Version: 2010.0421.657.10561 - Ihr Firmenname) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 140.0.65.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
Download &amp; Install Packages (HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Download &amp; Install Packages) (Version:  - ) <==== ATTENTION
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Elevated Installer (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Fingerprint Solution (x32 Version: 6.1.76.0 - Egis Technology Inc.) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Garmin Express (HKLM-x32\...\{045320b6-c340-4960-aefd-57bf08a9b425}) (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Ipswitch WS_FTP Pro Uninstall (HKLM-x32\...\WS_FTPPro) (Version:  - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JuiceboxBuilder-Pro (HKLM-x32\...\JuiceboxBuilder-Pro) (Version: 1.3.2 - SimpleViewer Inc)
JuiceboxBuilder-Pro (x32 Version: 1.3.2 - SimpleViewer Inc) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Mallorca Tour I - Spain (HKLM-x32\...\{8B5D5C58-A053-4832-949A-53933682588D}) (Version: 1.00.0000 - Tacx)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 (HKLM\...\Office15.SharePointDesigner) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Milan San Remo 2008 - Italy (HKLM-x32\...\{B1552C76-5085-4982-A131-72E6174F29B6}) (Version: 1.00.0000 - Tacx)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.210.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.8 - Google)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Nuvoton CIR Device Drivers (HKLM-x32\...\{FBC79D04-051E-4367-8051-1DB0C893FBE0}) (Version: 8.60.2002 - Nuvoton Technology Corporation)
O2Micro 1394 OHCI Compliant Host Controller Driver (HKLM-x32\...\InstallShield_{AFC44A23-E6A8-4625-B6B1-23D438525D59}) (Version: 1.0.00 - O2Micro International LTD.)
O2Micro 1394 OHCI Compliant Host Controller Driver (Version: 1.0.00 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249}) (Version: 2.0.37.D - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 2.0.37.D - O2Micro International LTD.) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.00.09123 - Sony Corporation)
Portrait Professional 10.8 (HKLM-x32\...\PortraitProfessional10_is1) (Version: 10.8 - Anthropics Technology Ltd.)
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6072 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0017-0000-1000-0000000FF1CE}_Office15.SharePointDesigner_{67A083C6-0A9E-48E8-BC90-C1EDA8028ED4}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.2 - Synaptics Incorporated)
Tacx Trainer software 4 (HKLM-x32\...\{1FC386C1-EA57-43DB-9860-FE327C143148}) (Version: 4.13.0 - Tacx BV)
The Grossglockner 2008 - Austria (HKLM-x32\...\{6AD671B1-4FAD-43A1-9EC2-42301DFF3D3C}) (Version: 1.00.0000 - Tacx)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
TTS Launcher (HKLM-x32\...\{2D09223F-34B4-4C74-B6F2-ABDE6BEC82E5}) (Version: 1.0.3 - Tacx BV)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
USB ANT Stick Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\USB_ANT_SIUSBXP_3_1&1004&0FCF) (Version:  - )
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

12-12-2014 15:45:46 Windows Update
13-12-2014 10:13:46 Windows Update
18-12-2014 09:18:50 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1830E1A6-0CD6-4683-AB0B-63139290F43A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {224EAC5D-D3C9-4260-B253-ABA8F736325E} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18] (Hewlett-Packard)
Task: {2D28C6D4-82D9-4E6F-9AEF-D1CA499D948B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-10-21] ()
Task: {3C369532-32DB-4AC1-97BC-86965BB9D6C5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {48BF3627-CF5F-4357-B6E3-B01FB0B3AC61} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {6375FE9B-0F15-4B72-84A5-B5DC9C661CE2} - System32\Tasks\{EF48D0EB-28C4-43A2-8FE7-45FF0EB4AC99} => pcalua.exe -a c:\PROGRA~2\COMMON~1\ADOBEA~1\Versions\1.0\ADOBEA~1.EXE -c "C:\Users\Josef\AppData\Local\Temp\Temp1_juicebox_pro_1.3.2.zip\juicebox_pro_1.3.2\JuiceboxBuilder-Pro.air"
Task: {6C964581-D351-4735-83B6-43568B4E7C60} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\Root\Office15\msoia.exe [2014-11-29] (Microsoft Corporation)
Task: {6D92763E-7206-4A23-B7AA-26181BB1F59B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {98EFF087-0D02-4DBF-AD73-E9849E980F08} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.)
Task: {9CDB30CB-9C55-4D0D-A233-4F9C05EAAA36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\Root\Office15\msoia.exe [2014-11-29] (Microsoft Corporation)
Task: {9F5E8837-664E-4DCC-8940-ECF9A737561D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {AC3C1682-1F45-4CC0-B58A-8A3B97062208} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF4379F9-ADC4-4785-ACC0-0A877DBB1BA7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {E9066672-66C4-4EFC-B0BC-31D454156384} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.)
Task: {ECC75410-0A30-421C-AB6A-D4E9EBC9D2FA} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-03-26] (Acer)
Task: {EF5C9790-2B98-4D5C-99FA-B1A497200C16} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-08 03:35 - 2010-03-08 03:35 - 00108912 _____ () C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64.DLL
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-11-29 12:55 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-14 21:18 - 2010-01-13 10:47 - 00206208 _____ () C:\Windows\PLFSetI.exe
2010-10-19 08:31 - 2010-10-19 08:31 - 00205312 _____ () C:\Program Files\Netzmanager\NMInfraIS2\driver64\SoftplugLib.DLL
2014-11-14 21:37 - 2010-02-03 09:37 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2014-07-16 09:24 - 2014-07-16 09:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2010-03-26 10:41 - 2010-03-26 10:41 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-11-14 20:54 - 2014-11-14 20:54 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2010-06-24 14:32 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2186974003-2043912784-1202098385-500 - Administrator - Disabled)
Gast (S-1-5-21-2186974003-2043912784-1202098385-501 - Limited - Disabled)
Josef (S-1-5-21-2186974003-2043912784-1202098385-1000 - Administrator - Enabled) => C:\Users\Josef

==================== Faulty Device Manager Devices =============

Name: ccnfd_1_10_0_2
Description: ccnfd_1_10_0_2
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ccnfd_1_10_0_2
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/19/2014 01:06:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/18/2014 01:52:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/17/2014 08:37:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm TrainerSoftware.exe, Version 4.13.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e94

Startzeit: 01d01a306fea20e6

Endzeit: 33

Anwendungspfad: C:\Program Files (x86)\Tacx\TacxTrainersoftware4\TrainerSoftware.exe

Berichts-ID:

Error: (12/16/2014 08:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hpqtra08.exe, Version: 140.0.213.0, Zeitstempel: 0x4bffab62
Name des fehlerhaften Moduls: hpzidr12.dll, Version: 12.1.3.51, Zeitstempel: 0x4a0bfded
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000070c5
ID des fehlerhaften Prozesses: 0xb84
Startzeit der fehlerhaften Anwendung: 0xhpqtra08.exe0
Pfad der fehlerhaften Anwendung: hpqtra08.exe1
Pfad des fehlerhaften Moduls: hpqtra08.exe2
Berichtskennung: hpqtra08.exe3

Error: (12/16/2014 02:16:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/16/2014 09:08:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: APSDaemon.exe, Version: 2.4.3.36, Zeitstempel: 0x543300c1
Name des fehlerhaften Moduls: objc.dll, Version: 1.528.0.120, Zeitstempel: 0x5400227d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00006be4
ID des fehlerhaften Prozesses: 0x2604
Startzeit der fehlerhaften Anwendung: 0xAPSDaemon.exe0
Pfad der fehlerhaften Anwendung: APSDaemon.exe1
Pfad des fehlerhaften Moduls: APSDaemon.exe2
Berichtskennung: APSDaemon.exe3

Error: (12/15/2014 01:42:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ACDSeeQVPro3.exe, Version 3.0.291.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1904

Startzeit: 01d01864770a28d6

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe

Berichts-ID: ce581d93-8457-11e4-8b6d-60eb6956e8ac

Error: (12/15/2014 01:41:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c92c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000029fa9
ID des fehlerhaften Prozesses: 0x12fc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (12/14/2014 11:13:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ACDSeeQVPro3.exe, Version: 3.0.291.0, Zeitstempel: 0x4ab0176c
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003734d
ID des fehlerhaften Prozesses: 0x8d0
Startzeit der fehlerhaften Anwendung: 0xACDSeeQVPro3.exe0
Pfad der fehlerhaften Anwendung: ACDSeeQVPro3.exe1
Pfad des fehlerhaften Moduls: ACDSeeQVPro3.exe2
Berichtskennung: ACDSeeQVPro3.exe3

Error: (12/14/2014 11:02:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ACDSeePro3.exe, Version 3.0.355.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dfc

Startzeit: 01d017e98a51e63e

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeePro3.exe

Berichts-ID: e89f2dc1-83dc-11e4-8b6d-60eb6956e8ac


System errors:
=============
Error: (12/19/2014 11:50:53 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (12/18/2014 09:32:23 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ccnfd_1_10_0_2

Error: (12/18/2014 09:31:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/18/2014 09:31:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (12/18/2014 09:30:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (12/18/2014 09:24:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ccnfd_1_10_0_2

Error: (12/18/2014 09:23:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Core Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/18/2014 09:23:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Core Update Service erreicht.

Error: (12/18/2014 09:22:32 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\Windows\system32\athExt.dll
Fehlercode: 126

Error: (12/18/2014 05:44:56 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


Microsoft Office Sessions:
=========================
Error: (12/19/2014 01:06:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (12/18/2014 01:52:12 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (12/17/2014 08:37:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: TrainerSoftware.exe4.13.0.01e9401d01a306fea20e633C:\Program Files (x86)\Tacx\TacxTrainersoftware4\TrainerSoftware.exe

Error: (12/16/2014 08:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hpqtra08.exe140.0.213.04bffab62hpzidr12.dll12.1.3.514a0bfdedc0000005000070c5b8401d0190ce9e9b4ecC:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exeC:\Windows\system32\hpzidr12.dll660137ae-855a-11e4-8d36-60eb6956e8ac

Error: (12/16/2014 02:16:52 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (12/16/2014 09:08:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: APSDaemon.exe2.4.3.36543300c1objc.dll1.528.0.1205400227dc000000500006be4260401d018649d2810feC:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exeC:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dllc40ea395-84fa-11e4-8b6d-60eb6956e8ac

Error: (12/15/2014 01:42:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ACDSeeQVPro3.exe3.0.291.0190401d01864770a28d60C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exece581d93-8457-11e4-8b6d-60eb6956e8ac

Error: (12/15/2014 01:41:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ole32.dll6.1.7601.175144ce7c92cc00000050000000000029fa912fc01d016b84f3b89e9C:\Windows\Explorer.EXEC:\Windows\system32\ole32.dllc06daf6b-8457-11e4-8b6d-60eb6956e8ac

Error: (12/14/2014 11:13:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ACDSeeQVPro3.exe3.0.291.04ab0176cMSVCR90.dll9.0.30729.61614dace5b9c00000050003734d8d001d017eafe72c4c0C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exeC:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll5d9b0ada-83de-11e4-8b6d-60eb6956e8ac

Error: (12/14/2014 11:02:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: ACDSeePro3.exe3.0.355.0dfc01d017e98a51e63e16C:\Program Files (x86)\ACD Systems\ACDSee Pro\3.0\ACDSeePro3.exee89f2dc1-83dc-11e4-8b6d-60eb6956e8ac


CodeIntegrity Errors:
===================================
  Date: 2014-12-14 09:53:39.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-14 09:53:39.859
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-14 09:50:58.821
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-14 09:50:58.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.349
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.347
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.207
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.144
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:29:12.358
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:29:12.296
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 35%
Total physical RAM: 8124.5 MB
Available physical RAM: 5258.46 MB
Total Pagefile: 16247.17 MB
Available Pagefile: 12676.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:681.04 GB) (Free:204.1 GB) NTFS
Drive e: (My Book) (Fixed) (Total:3725.99 GB) (Free:2513.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A5F07B42)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=681 GB) - (Type=OF Extended)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================
         





FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Josef (administrator) on JOSEF-PC on 19-12-2014 17:49:16
Running from C:\Users\Josef\Desktop
Loaded Profile: Josef (Available profiles: Josef)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\klwtblfs.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_246_ActiveX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-04-17] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107688 2010-04-14] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [558168 2010-04-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [349344 2010-04-23] (Atheros Communications)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-04-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3577712 2010-03-08] (Egis Technology Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Bing Bar] => C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [243544 2010-04-27] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-10-21] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-24] (Google Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-16] (Microsoft Corporation)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Biet-O-Matic.lnk
ShortcutTarget: Biet-O-Matic.lnk -> C:\Program Files (x86)\Biet-O-Matic\Biet-O-Matic.exe (www.bid-o-matic.org)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx_GxS66P_6EEo2VgpCoAhNId_3S5QoY7z8mwV8Ocs0upvKlHXRkk3iq8eS8akTH0KaF3Rj6oiARI-_scLTGIOPNSHAsIUP6_eZ15mvfjbzUuHdPGtPzmIFD4vQzIxY9Q_5mcOsjaJTnusovne85XZAKzmxH3ZL_CLmZPMR93VVZw,,&q={searchTerms}
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_46_ie&cd=2XzuyEtN2Y1L1QzuyCtD0E0ByCzyyDyC0Ezz0A0CtBtDyCzztN0D0Tzu0StCtDyDtCtN1L2XzutAtFyCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytCyBzy0Ezy0FtGtBzzzzzytG0A0E0D0BtGyCtAzytAtGtByDtC0ByD0AtByC0BtByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtC0D0Ezy0E0EtGtCyCtCtDtGyEyCzyyEtGzzyB0B0EtGyEtAtB0AyBtB0DtA0B0FtAyC2Q&cr=2005769434&ir=
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWx_GxS66P_6EEo2VgpCoAhNId_3S5QoY7z8mwV8Ocs0upvKlHXRkk3iq8eS8akTH0KaF3Rj6oiARI-_scLTGIOPNSHAsIUP6_eZ15mvfjbzUuHdPGtPzmIFD4vQzIxY9Q_5mcOsjaJTnusovne85XZHsSLJDShtO13MX44iOUe5BQ,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\Root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\Root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: No Name - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-11-25]
FF HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-14]
CHR Extension: (Google Docs) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-14]
CHR Extension: (Google Drive) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-14]
CHR Extension: (YouTube) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-14]
CHR Extension: (Google-Suche) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-14]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-11-14]
CHR Extension: (Google Tabellen) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2014-11-14]
CHR Extension: (Google Wallet) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-14]
CHR Extension: (Security Protection) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh [2014-12-17]
CHR Extension: (Google Mail) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-14]
CHR Extension: (Anti-Banner) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-11-14]
CHR HKLM\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-17]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [noajmlkipclmeolfcnflkjhijkigpfjh] - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx [2014-12-17]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]
CHR StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.delta-homes.com/?type=sc&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [34392 2010-04-01] (Atheros Communications) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-10-21] (Garmin Ltd or its subsidiaries)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3456880 2010-03-08] (Egis Technology Inc.)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] () [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [485376 2014-12-16] (Fuyu LIMITED) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 DSI_SiUSBXp_3_1; C:\Windows\System32\drivers\DSI_SiUSBXp_3_1.sys [16384 2009-03-31] (Silicon Laboratories)
R3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2009-08-31] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-11-14] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-11-14] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-11-14] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-11-14] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (hxxp://libusb-win32.sourceforge.net)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 nuvotoncir; C:\Windows\system32\DRIVERS\nuvotoncir.sys [48128 2009-08-31] (Nuvoton Technology Corporation)
R3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [26624 2009-08-31] (Nuvoton Technology Corporation)
S3 nuvotonir; C:\Windows\system32\DRIVERS\nuvotonir.sys [68096 2009-08-31] (Nuvoton Technology Corporation)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [50976 2010-01-11] (O2Micro )
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo)
R2 {6E090BD5-4EF5-4bf0-A968-74049E88E935}; C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl [146928 2010-04-15] (CyberLink Corp.)
S1 ccnfd_1_10_0_2; system32\drivers\ccnfd_1_10_0_2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 17:49 - 2014-12-19 17:50 - 00036677 _____ () C:\Users\Josef\Desktop\FRST.txt
2014-12-19 17:48 - 2014-12-19 17:49 - 00000000 ____D () C:\FRST
2014-12-19 17:48 - 2014-12-19 17:48 - 02121216 _____ (Farbar) C:\Users\Josef\Desktop\FRST64.exe
2014-12-17 20:38 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 20:38 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 20:26 - 2014-12-18 15:37 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-12-17 20:26 - 2014-12-17 20:26 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\WinZipper
2014-12-15 14:49 - 2014-12-15 13:01 - 15526138 _____ () C:\Users\Josef\Desktop\Kalender von Reiseck Josef TD-334.ics
2014-12-15 13:36 - 2014-12-15 13:36 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-12-15 13:36 - 2014-12-15 13:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-12-15 13:36 - 2014-12-15 13:36 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-12-15 13:34 - 2014-12-15 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-13 10:31 - 2014-12-13 10:31 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 15:48 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 15:48 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 15:48 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 15:48 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 15:48 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 15:48 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 15:48 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 15:48 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 15:48 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 15:48 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 18:41 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 18:41 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 18:41 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 18:41 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 18:41 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 18:41 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 18:41 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 18:41 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 18:41 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 18:41 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 18:41 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 18:41 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 18:41 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 18:41 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 18:41 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 18:41 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 18:41 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 18:41 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 18:41 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 18:41 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 18:41 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 18:41 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 18:41 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 18:41 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 18:41 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 18:41 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 18:41 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 18:41 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 18:41 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 18:41 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 18:41 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 18:41 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 18:41 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 18:41 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 18:41 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 18:41 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 18:41 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 18:41 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 18:41 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 18:41 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 18:41 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 18:41 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 18:41 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 18:41 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 18:41 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 18:41 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 18:41 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 18:41 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 18:41 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 18:41 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 18:41 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 18:41 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 18:41 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 18:41 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 18:41 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 18:41 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 18:41 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 18:41 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 18:41 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 18:40 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 18:40 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 18:40 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 18:40 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 18:40 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 18:40 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 18:40 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 18:40 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 18:40 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 18:40 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 18:40 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 18:40 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 18:40 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 18:40 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-07 12:41 - 2014-12-16 16:40 - 00000000 ___HD () C:\Users\Josef\Desktop\[Originaldateien]
2014-12-07 09:55 - 2014-11-30 22:02 - 00002059 _____ () C:\Users\Josef\Desktop\Lightroom 5.7 64-Bit.lnk
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\Users\Josef\Desktop\Konverter
2014-12-03 17:10 - 2014-12-18 09:20 - 00000000 ____D () C:\Users\Josef\AppData\Local\D95C058A-9BC8-45EA-84E8-D454B63F41E2.aplzod
2014-12-03 16:48 - 2014-12-18 21:31 - 00000000 ___RD () C:\Users\Josef\iCloudDrive
2014-12-03 16:48 - 2014-12-03 16:48 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple Inc
2014-12-02 17:58 - 2014-12-02 17:58 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\CyberLink
2014-12-02 17:57 - 2014-12-02 17:58 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\PowerCinema
2014-12-02 17:57 - 2014-12-02 17:57 - 00000000 ____D () C:\Users\Josef\AppData\Local\PowerCinema
2014-12-02 16:24 - 2014-12-02 16:24 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-11-30 22:02 - 2014-11-30 22:02 - 00002079 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-Bit.lnk
2014-11-30 14:30 - 2014-11-30 14:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-11-29 16:08 - 2014-11-29 16:08 - 00001033 _____ () C:\Users\Public\Desktop\Biet-O-Matic.lnk
2014-11-29 16:07 - 2014-11-29 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
2014-11-29 16:07 - 2003-01-07 02:22 - 00015873 _____ () C:\Windows\SysWOW64\Inetde.dll
2014-11-29 16:07 - 2000-12-05 23:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx
2014-11-29 16:07 - 2000-10-01 23:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6de.dll
2014-11-29 16:07 - 2000-05-22 15:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-11-29 16:07 - 2000-04-03 19:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll
2014-11-29 16:07 - 2000-04-03 19:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2014-11-29 16:07 - 1999-07-14 13:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll
2014-11-29 16:07 - 1998-07-05 23:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll
2014-11-29 16:07 - 1998-07-05 23:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll
2014-11-29 16:07 - 1998-06-23 23:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2014-11-29 16:06 - 2014-11-29 16:07 - 04653537 _____ () C:\Users\Josef\Downloads\BOM21412_setup.exe
2014-11-29 15:52 - 2014-12-13 22:49 - 00000000 ____D () C:\Users\Josef\Desktop\Bildschirm
2014-11-29 12:57 - 2014-11-29 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-29 12:55 - 2014-11-29 12:55 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-29 12:43 - 2014-11-29 12:44 - 00000000 ____D () C:\Users\Josef\Desktop\Outlook
2014-11-28 21:08 - 2014-11-28 21:08 - 00262144 _____ () C:\Windows\system32\config\elam
2014-11-28 21:07 - 2014-12-18 21:38 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\BOM
2014-11-28 21:07 - 2014-11-29 16:08 - 00000000 ____D () C:\Program Files (x86)\Biet-O-Matic
2014-11-28 21:00 - 2014-11-28 22:36 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-11-28 20:58 - 2014-11-28 20:58 - 00000000 ____D () C:\Users\Josef\AppData\Local\SearchProtect
2014-11-28 20:55 - 2014-11-28 22:36 - 00000000 ____D () C:\Program Files\7-Zip
2014-11-28 20:50 - 2014-11-28 22:36 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\vlc
2014-11-28 20:50 - 2014-11-28 20:50 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-11-28 20:43 - 2014-11-28 20:43 - 00000000 ____D () C:\Garmin
2014-11-26 18:30 - 2014-11-28 23:23 - 00000000 ____D () C:\Program Files (x86)\Garmin GPS Plugin
2014-11-26 18:30 - 2014-11-28 23:22 - 00000000 ____D () C:\Program Files\Garmin GPS Plugin
2014-11-24 18:47 - 2014-11-26 17:58 - 00000000 ____D () C:\Users\Josef\Documents\Daten_Sepp
2014-11-24 18:38 - 2014-11-24 18:38 - 00004608 _____ () C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-23 18:58 - 2014-11-23 18:58 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\simplitec
2014-11-23 18:52 - 2014-11-23 18:53 - 00083526 _____ () C:\Windows\hpqins13.dat
2014-11-23 18:48 - 2014-11-23 18:48 - 00000000 ____D () C:\ProgramData\WEBREG
2014-11-23 18:48 - 2010-07-28 17:19 - 00002075 ____N () C:\Windows\hpwmdl23.dat.temp
2014-11-23 18:44 - 2014-11-23 18:53 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\HP
2014-11-23 18:44 - 2014-11-23 18:51 - 00001004 _____ () C:\Users\Josef\AppData\Roaming\ConvAPIPlugin.log
2014-11-23 18:44 - 2014-11-23 18:44 - 00000000 ____D () C:\Users\Josef\AppData\Local\HP
2014-11-23 18:42 - 2014-11-28 23:23 - 00000000 ____D () C:\Program Files (x86)\MSN Toolbar
2014-11-23 18:42 - 2014-11-23 18:42 - 00001384 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
2014-11-23 18:42 - 2014-11-23 18:42 - 00001342 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2014-11-23 18:41 - 2014-11-23 18:41 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-11-23 18:40 - 2014-12-08 16:01 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\HpUpdate
2014-11-23 18:40 - 2014-11-23 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-23 18:40 - 2014-11-23 18:40 - 00001361 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-11-23 18:40 - 2014-11-23 18:40 - 00001355 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-11-23 18:40 - 2014-11-23 18:40 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-11-23 18:40 - 2014-11-23 18:40 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-11-23 18:37 - 2014-11-23 18:41 - 00000000 ____D () C:\Program Files (x86)\HP
2014-11-23 18:36 - 2014-11-23 18:51 - 00262743 _____ () C:\Windows\hpwins23.dat
2014-11-23 18:36 - 2010-07-28 17:19 - 00002075 ____N () C:\Windows\hpwmdl23.dat
2014-11-23 18:36 - 2010-05-13 11:29 - 00553472 _____ (Hewlett Packard) C:\Windows\system32\hppldcoi.dll
2014-11-23 18:36 - 2010-05-13 11:25 - 01422848 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpwtiop4.dll
2014-11-23 18:36 - 2010-05-13 11:25 - 00906240 _____ (Hewlett-Packard) C:\Windows\system32\hpwwiax5.dll
2014-11-23 18:36 - 2010-02-01 07:54 - 00488960 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst11.dll
2014-11-23 18:30 - 2014-11-23 18:30 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WS_FTP Pro
2014-11-23 18:30 - 2014-11-23 18:30 - 00000000 ____D () C:\Program Files\WS_FTP Pro
2014-11-23 16:10 - 2014-11-23 18:53 - 00002542 _____ () C:\ProgramData\hpzinstall.log
2014-11-23 15:23 - 2014-12-16 18:35 - 00000000 ____D () C:\Users\Josef\Desktop\Bilder_Foren
2014-11-23 12:52 - 2014-11-23 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-11-22 12:03 - 2014-11-22 12:04 - 00000000 ____D () C:\Users\Josef\Desktop\Labertallauf_20141003
2014-11-21 18:39 - 2014-12-06 17:01 - 00000000 ____D () C:\ProgramData\simplitec
2014-11-21 18:39 - 2014-11-21 18:40 - 00000000 ____D () C:\ProgramData\MAGIX
2014-11-21 18:39 - 2014-11-21 18:39 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\MAGIX
2014-11-21 18:39 - 2014-11-21 18:39 - 00000000 ____D () C:\Users\Josef\AppData\Local\MAGIX
2014-11-21 18:39 - 2014-11-21 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2014-11-21 18:39 - 2014-11-21 18:39 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-11-20 19:57 - 2014-11-20 19:58 - 00000000 ____D () C:\ProgramData\Ant
2014-11-20 16:18 - 2014-11-20 16:18 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Tacx
2014-11-19 11:58 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 11:58 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 11:58 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 11:58 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-19 17:13 - 2014-11-14 22:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-19 16:52 - 2014-11-14 23:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-19 16:50 - 2014-11-14 22:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-19 13:59 - 2014-11-14 20:49 - 01608816 _____ () C:\Windows\WindowsUpdate.log
2014-12-19 12:36 - 2014-11-16 10:13 - 13945389 _____ () C:\Users\Josef\Desktop\Training 12_00.xlsm
2014-12-19 11:59 - 2014-11-14 22:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-18 21:40 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-18 21:40 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-18 21:30 - 2014-11-17 17:32 - 00002091 _____ () C:\Windows\error.log
2014-12-18 21:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-18 21:30 - 2009-07-14 05:51 - 00046594 _____ () C:\Windows\setupact.log
2014-12-18 21:29 - 2014-11-17 17:32 - 00001793 _____ () C:\Windows\errord.log
2014-12-18 14:47 - 2014-11-14 20:45 - 00270342 _____ () C:\Windows\PFRO.log
2014-12-18 13:22 - 2014-11-15 05:34 - 00699614 _____ () C:\Windows\system32\perfh007.dat
2014-12-18 13:22 - 2014-11-15 05:34 - 00149722 _____ () C:\Windows\system32\perfc007.dat
2014-12-18 13:22 - 2009-07-14 06:13 - 01620392 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-18 09:24 - 2014-11-17 18:11 - 00000000 ____D () C:\Users\Josef\Documents\Outlook-Dateien
2014-12-17 20:24 - 2014-11-14 23:19 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-12-17 20:24 - 2014-11-14 21:02 - 00001665 _____ () C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-16 20:33 - 2014-11-15 12:06 - 00000000 ____D () C:\Users\Josef\AppData\Local\CrashDumps
2014-12-15 13:22 - 2014-11-14 21:59 - 00000000 ____D () C:\Users\Josef\AppData\Local\Google
2014-12-14 13:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 09:49 - 2014-11-17 16:44 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-13 20:28 - 2014-11-14 22:54 - 00000000 ____D () C:\Users\Josef\Documents\JuiceboxBuilder-Pro
2014-12-13 10:31 - 2014-11-14 23:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 10:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 10:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 10:14 - 2014-11-15 22:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-12 22:24 - 2014-11-14 21:02 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Adobe
2014-12-12 15:55 - 2014-11-14 22:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 15:50 - 2014-11-14 22:29 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 21:44 - 2014-11-16 15:59 - 00000000 ____D () C:\Users\Josef\Desktop\Tacx_iGenius
2014-12-11 20:14 - 2014-11-17 17:06 - 00000246 _____ () C:\TTSInstaller.log
2014-12-11 20:12 - 2014-11-15 22:24 - 00001373 _____ () C:\Users\Public\Desktop\Tacx Support Tool.lnk
2014-12-11 20:12 - 2014-11-15 12:02 - 00002282 _____ () C:\Users\Public\Desktop\Tacx Trainer software 4.lnk
2014-12-10 17:41 - 2014-11-14 23:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 17:41 - 2014-11-14 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 17:41 - 2014-11-14 23:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 21:16 - 2014-11-15 17:13 - 00000000 ____D () C:\Users\Josef\Documents\ID_Passwoerter
2014-12-07 10:06 - 2014-11-16 15:57 - 00000000 ____D () C:\Users\Josef\Desktop\Foto
2014-12-07 09:44 - 2014-11-17 17:32 - 00000127 _____ () C:\Windows\Crypkey.ini
2014-12-07 09:44 - 2014-11-17 17:32 - 00000000 ____D () C:\Program Files\Stellar Phoenix Outlook PST Repair
2014-12-06 09:14 - 2010-06-24 14:14 - 00000000 ____D () C:\ProgramData\Partner
2014-12-05 23:10 - 2014-11-16 10:15 - 00000000 ____D () C:\Users\Josef\Desktop\Vorhang_Kueche
2014-12-05 20:51 - 2009-07-14 05:45 - 00446712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-03 17:41 - 2014-11-16 15:30 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Apple Computer
2014-12-03 16:49 - 2014-11-16 15:27 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple
2014-12-03 16:48 - 2014-11-14 20:59 - 00000000 ____D () C:\Users\Josef
2014-12-03 16:46 - 2014-11-16 15:30 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple Computer
2014-12-03 16:40 - 2014-11-16 15:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-03 16:20 - 2014-11-16 10:15 - 00000000 ____D () C:\Users\Josef\Desktop\Bunker
2014-12-02 17:58 - 2014-11-14 21:36 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-02 16:24 - 2014-11-15 12:23 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-12-02 16:21 - 2014-11-16 16:15 - 00000000 ____D () C:\Users\Josef\Desktop\TuneUp
2014-11-30 22:01 - 2014-11-14 22:33 - 00000000 ____D () C:\Program Files\Adobe
2014-11-30 19:54 - 2014-11-16 17:06 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\FileZilla
2014-11-29 13:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-29 12:49 - 2014-11-14 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office _Sharepoint
2014-11-28 23:23 - 2014-11-15 17:13 - 00000000 ____D () C:\Users\Josef\Documents\KV_RV_Vertraege_sonst Schriftverkehr
2014-11-28 23:23 - 2014-11-14 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-28 23:23 - 2014-11-14 23:26 - 00000000 ____D () C:\Windows\system32\Macromed
2014-11-28 23:23 - 2014-11-14 23:06 - 00000000 ____D () C:\ProgramData\Netzmanager
2014-11-28 23:22 - 2014-11-15 11:43 - 00000000 ____D () C:\Users\Josef\AppData\Local\Garmin
2014-11-28 23:22 - 2014-11-15 11:42 - 00000000 ____D () C:\ProgramData\Garmin
2014-11-28 23:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-28 23:21 - 2014-11-15 11:42 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-11-28 20:41 - 2014-11-15 11:43 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Garmin
2014-11-24 14:04 - 2014-11-14 22:15 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 18:57 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-11-23 18:53 - 2014-11-14 21:00 - 00116520 _____ () C:\Users\Josef\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-23 18:51 - 2009-07-14 03:34 - 00000560 _____ () C:\Windows\win.ini
2014-11-23 18:46 - 2014-11-14 21:59 - 00000000 ____D () C:\ProgramData\HP
2014-11-23 18:38 - 2010-06-24 13:55 - 00057612 _____ () C:\Windows\DPINST.LOG
2014-11-23 18:33 - 2014-11-16 15:58 - 00000000 ____D () C:\Users\Josef\Desktop\Homepage
2014-11-23 15:23 - 2014-11-15 22:18 - 00000000 ____D () C:\Users\Josef\AppData\Local\ACD Systems
2014-11-23 12:52 - 2010-06-24 14:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-22 09:55 - 2014-11-15 22:14 - 00000000 ____D () C:\Users\Josef\AppData\Local\Downloaded Installations
2014-11-21 18:40 - 2014-11-15 17:14 - 00000000 ____D () C:\Users\Josef\Documents\MAGIX
2014-11-20 19:25 - 2010-06-24 13:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-19 16:14 - 2014-11-14 23:19 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-11-19 05:37 - 2014-11-14 23:23 - 01594672 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 15:19

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Nachtrag - Kaspersky:
Code:
ATTFilter
Nicht gefunden	spidentifierimpl.exe	c:\users\josef\appdata\local\temp\dlg_xe3wufdc\requirements\? 	28.11.2014 21:07:48	not-a-virus:WebToolbar.Win32.Agent.azm	
Inaktiv	OptimizerPro.exe	hxxp://dl.softservers.net/111001706/? 	28.11.2014 21:01:09	Schädlicher Link	
Inaktiv	sp-downloader.exe	hxxp://dlg-cdn.buzzrin.de/public-source/downloadguide/pro-de/1.0/de-de/campaigns/product+website+weboptout/exe/offer/conduit+ltd/great+search+protect/1.0/de-de/? 	28.11.2014 20:59:53	not-a-virus:WebToolbar.Win32.Agent.azm	
Nicht gefunden	spidentifierimpl.exe	C:\Users\Josef\AppData\Local\Temp\DLG\requirements\? 	28.11.2014 20:59:02	not-a-virus:WebToolbar.Win32.Agent.azm	
Gelöscht	PluginService.exe	C:\ProgramData\IePluginServices\? 	19.11.2014 16:10:02	not-a-virus:AdWare.Win32.Agent.eqwa	
Gelöscht	91_monetizationloader.js.js	e:\datensicherung_sepp\josef reiseck\appdata\local\google\chrome\user data\default\extensions\pgegkicdnjooekkaoflagfdlcflgeohn\1.26.32_0\extensiondata\plugins\? 	18.12.2014 20:52:33	not-a-virus:HEUR:WebToolbar.JS.CroRi.heur	
Nicht gefunden	update.exe	C:\ProgramData\WindowsMangerProtect\update\? 	18.12.2014 14:42:19	not-a-virus:Downloader.Win32.AdLoad.orpc	
Inaktiv	vmw.exe	hxxp://cdn.vowsr.com/wte/? 	16.11.2014 15:20:16	Schädlicher Link	
Inaktiv	WMD.dll	hxxp://cdn.vowsr.com/mpw/? 	16.11.2014 15:20:08	Schädlicher Link
         

Alt 21.12.2014, 23:09   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 22.12.2014, 11:43   #6
Dogma2006
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Hallo,
vielen Dank für die Unterstützung. Ich hab alles nach Anweisuung ausgeführt und es hat auch zum Erfolg geführt. Also noch einmal VIELEN DANK!!!
Was mich aber noch interessieren würde. Was habe ich mir da eingefangen und wie kann es dazu kommen?

Logs:
Code:
ATTFilter
# AdwCleaner v4.106 - Bericht erstellt am 22/12/2014 um 09:10:44
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-21.4 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Josef - JOSEF-PC
# Gestartet von : C:\Users\Josef\Desktop\Trojanerboard\AdwCleaner_4.106.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : WindowsMangerProtect
[#] Dienst Gelöscht : ccnfd_1_10_0_2
Dienst Gelöscht : nkdytjtjsw32

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\ClickCaption_1.10.0.2
Ordner Gelöscht : C:\Program Files\ClickCaption_1.10.0.2
Ordner Gelöscht : C:\Program Files\007
Ordner Gelöscht : C:\Users\Josef\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Josef\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Josef\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\Josef\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Josef\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Josef\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Josef\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Josef\Documents\Updater
Ordner Gelöscht : C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Datei Gelöscht : C:\Windows\System32\roboot64.exe

***** [ Tasks ] *****

Task Gelöscht : ASP

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Josef\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (64-bit).lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\SecuredDownload
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\delta-homesSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\SupTab
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\sweet-pageSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : HKLM\SOFTWARE\ClickCaption_1.10.0.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta-homes.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.delta-homes.com

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v39.0.2171.95

[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100478&babsrc=SP_ss&mntrId=f81ce0410000000000004c0f6e3e1967
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100478&babsrc=SP_ss&mntrId=f81ce0410000000000004c0f6e3e1967
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=f81ce04100000000000002f46a1ace6a
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=C2A69170-8BD1-424E-B383-F67091E1C370&apn_sauid=7B6F3687-8C0A-4E82-BC21-232DB3AD38D8&
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=C2A69170-8BD1-424E-B383-F67091E1C370&apn_sauid=7B6F3687-8C0A-4E82-BC21-232DB3AD38D8&
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=f81ce04100000000000002f46a1ace6a
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=34EC6C8D-5596-40DE-863A-2B57459DCF34&apn_ptnrs=U3&apn_sauid=EC3E6DEE-F38B-428B-8E17-459BF24FE28C&apn_dtid=OSJ000YYDE&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=34EC6C8D-5596-40DE-863A-2B57459DCF34&apn_ptnrs=U3&apn_sauid=EC3E6DEE-F38B-428B-8E17-459BF24FE28C&apn_dtid=OSJ000YYDE&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=0&systemid=410&sr=0&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&search={searchTerms}&a=6PQHEsc4je&i=26
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&search={searchTerms}&a=6PQHEsc4je&i=26
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_46_ie&cd=2XzuyEtN2Y1L1QzuyCtD0E0ByCzyyDyC0Ezz0A0CtBtDyCzztN0D0Tzu0StCtDyDtCtN1L2XzutAtFyCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytCyBzy0Ezy0FtGtBzzzzzytG0A0E0D0BtGyCtAzytAtGtByDtC0ByD0AtByC0BtByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtC0D0Ezy0E0EtGtCyCtCtDtGyEyCzyyEtGzzyB0B0EtGyEtAtB0AyBtB0DtA0B0FtAyC2Q&cr=2005769434&ir=
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_46_ie&cd=2XzuyEtN2Y1L1QzuyCtD0E0ByCzyyDyC0Ezz0A0CtBtDyCzztN0D0Tzu0StCtDyDtCtN1L2XzutAtFyCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytCyBzy0Ezy0FtGtBzzzzzytG0A0E0D0BtGyCtAzytAtGtByDtC0ByD0AtByC0BtByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtC0D0Ezy0E0EtGtCyCtCtDtGyEyCzyyEtGzzyB0B0EtGyEtAtB0AyBtB0DtA0B0FtAyC2Q&cr=2005769434&ir=
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}

-\\ Opera v0.0.0.0

[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100478&babsrc=SP_ss&mntrId=f81ce0410000000000004c0f6e3e1967
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100478&babsrc=SP_ss&mntrId=f81ce0410000000000004c0f6e3e1967
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=f81ce04100000000000002f46a1ace6a
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=C2A69170-8BD1-424E-B383-F67091E1C370&apn_sauid=7B6F3687-8C0A-4E82-BC21-232DB3AD38D8&
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=C2A69170-8BD1-424E-B383-F67091E1C370&apn_sauid=7B6F3687-8C0A-4E82-BC21-232DB3AD38D8&
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=f81ce04100000000000002f46a1ace6a
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=34EC6C8D-5596-40DE-863A-2B57459DCF34&apn_ptnrs=U3&apn_sauid=EC3E6DEE-F38B-428B-8E17-459BF24FE28C&apn_dtid=OSJ000YYDE&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=&locale=&apn_uid=34EC6C8D-5596-40DE-863A-2B57459DCF34&apn_ptnrs=U3&apn_sauid=EC3E6DEE-F38B-428B-8E17-459BF24FE28C&apn_dtid=OSJ000YYDE&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&appid=0&systemid=410&sr=0&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&search={searchTerms}&a=6PQHEsc4je&i=26
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&search={searchTerms}&a=6PQHEsc4je&i=26
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_46_ie&cd=2XzuyEtN2Y1L1QzuyCtD0E0ByCzyyDyC0Ezz0A0CtBtDyCzztN0D0Tzu0StCtDyDtCtN1L2XzutAtFyCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytCyBzy0Ezy0FtGtBzzzzzytG0A0E0D0BtGyCtAzytAtGtByDtC0ByD0AtByC0BtByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtC0D0Ezy0E0EtGtCyCtCtDtGyEyCzyyEtGzzyB0B0EtGyEtAtB0AyBtB0DtA0B0FtAyC2Q&cr=2005769434&ir=
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_46_ie&cd=2XzuyEtN2Y1L1QzuyCtD0E0ByCzyyDyC0Ezz0A0CtBtDyCzztN0D0Tzu0StCtDyDtCtN1L2XzutAtFyCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEzytCyBzy0Ezy0FtGtBzzzzzytG0A0E0D0BtGyCtAzytAtGtByDtC0ByD0AtByC0BtByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DtBtC0D0Ezy0E0EtGtCyCtCtDtGyEyCzyyEtGzzyB0B0EtGyEtAtB0AyBtB0DtA0B0FtAyC2Q&cr=2005769434&ir=
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1416003524&from=cor&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}
[C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1418844289&from=wpm12173&uid=WDCXWD7500BPVT-22HXZT1_WD-WX81C706850068500&q={searchTerms}

*************************

AdwCleaner[R0].txt - [15246 octets] - [22/12/2014 09:06:51]
AdwCleaner[S0].txt - [18038 octets] - [22/12/2014 09:10:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18099 octets] ##########
         

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Josef on 22.12.2014 at  9:18:38,31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARMANAGER_8CA8B414-D855646C.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-B25C45A8.pf
Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARUSER_32.EXE-992C17DF.pf



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.12.2014 at  9:24:46,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014
Ran by Josef (administrator) on JOSEF-PC on 22-12-2014 12:36:49
Running from C:\Users\Josef\Desktop\Trojanerboard
Loaded Profile: Josef (Available profiles: Josef)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\netzmanager.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-04-17] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107688 2010-04-14] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [558168 2010-04-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [349344 2010-04-23] (Atheros Communications)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-04-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3577712 2010-03-08] (Egis Technology Inc.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe [124136 2010-04-15] (CyberLink Corp.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [651832 2011-08-24] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Bing Bar] => C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [243544 2010-04-27] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-10-21] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-06-24] (Google Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-10-20] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-16] (Microsoft Corporation)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Netzmanager.lnk
ShortcutTarget: Netzmanager.lnk -> C:\Program Files\Netzmanager\netzmanager.exe (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll (Kaspersky Lab ZAO)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2186974003-2043912784-1202098385-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\Root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\Root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\Root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: Gevaarlijke websiteblokkering - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: No Name - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2014-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: No Name - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-11-25]
FF HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-14]
CHR Extension: (Google Docs) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-14]
CHR Extension: (Google Drive) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-14]
CHR Extension: (YouTube) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-14]
CHR Extension: (Google-Suche) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-14]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-11-14]
CHR Extension: (Google Tabellen) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2014-11-14]
CHR Extension: (Google Wallet) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-14]
CHR Extension: (Google Mail) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-14]
CHR Extension: (Anti-Banner) - C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-11-14]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2013-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-12-21] (Adobe Systems) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [34392 2010-04-01] (Atheros Communications) [File not signed]
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-11-11] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 Crypkey License; C:\Windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed]
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [818888 2013-09-25] (Infowatch)
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-10-21] (Garmin Ltd or its subsidiaries)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3456880 2010-03-08] (Egis Technology Inc.)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2010-02-03] () [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 DSI_SiUSBXp_3_1; C:\Windows\System32\drivers\DSI_SiUSBXp_3_1.sys [16384 2009-03-31] (Silicon Laboratories)
R3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2009-08-31] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-11-14] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-11-14] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-11-14] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-11-14] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-11-11] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-11-11] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-11-11] (Kaspersky Lab ZAO)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (hxxp://libusb-win32.sourceforge.net)
R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] ()
S3 nuvotoncir; C:\Windows\system32\DRIVERS\nuvotoncir.sys [48128 2009-08-31] (Nuvoton Technology Corporation)
R3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [26624 2009-08-31] (Nuvoton Technology Corporation)
S3 nuvotonir; C:\Windows\system32\DRIVERS\nuvotonir.sys [68096 2009-08-31] (Nuvoton Technology Corporation)
R3 O2SDGRDR; C:\Windows\System32\DRIVERS\o2sdgx64.sys [50976 2010-01-11] (O2Micro )
R3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo)
R2 {6E090BD5-4EF5-4bf0-A968-74049E88E935}; C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\000.fcl [146928 2010-04-15] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 09:18 - 2014-12-22 09:18 - 00000000 ____D () C:\Windows\ERUNT
2014-12-22 09:06 - 2014-12-22 09:10 - 00000000 ____D () C:\AdwCleaner
2014-12-21 12:33 - 2014-12-21 13:05 - 00000000 ___RD () C:\Users\Josef\Desktop\Creative Suite CS2
2014-12-21 12:18 - 2014-12-21 12:18 - 00003316 _____ () C:\Windows\System32\Tasks\{8A28FE80-2F47-446F-A394-0E99E7C8F30F}
2014-12-21 12:16 - 2014-12-21 12:16 - 00003316 _____ () C:\Windows\System32\Tasks\{528B1225-345B-4C8F-BB20-834760168251}
2014-12-21 11:27 - 2014-12-21 11:27 - 00002093 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help Center.lnk
2014-12-21 11:26 - 2014-12-21 11:26 - 00002075 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge.lnk
2014-12-21 11:26 - 2014-12-21 11:26 - 00002049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS2.lnk
2014-12-21 11:26 - 2014-12-21 11:26 - 00002046 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS2.lnk
2014-12-21 11:26 - 2014-12-21 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-12-21 11:23 - 2014-12-21 11:23 - 00000000 ____D () C:\PS_CS2_Gr_NonRet
2014-12-21 10:55 - 2014-12-21 10:55 - 00000000 ____D () C:\Users\Public\Documents\Adobe PDF
2014-12-21 10:51 - 2014-12-21 11:07 - 00000000 ____D () C:\Creative Suite CS2
2014-12-21 10:39 - 2014-12-21 11:45 - 00000000 ____D () C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26
2014-12-20 09:45 - 2014-12-20 09:45 - 00000000 _____ () C:\Users\Josef\Documents\.txt
2014-12-19 19:13 - 2014-12-19 19:15 - 00000000 ____D () C:\Users\Josef\Desktop\Bad
2014-12-19 18:04 - 2014-12-19 18:04 - 00001348 _____ () C:\Users\Josef\Desktop\Kaspersky.txt
2014-12-19 18:02 - 2014-12-22 12:36 - 00000000 ____D () C:\Users\Josef\Desktop\Trojanerboard
2014-12-19 17:48 - 2014-12-22 12:36 - 00000000 ____D () C:\FRST
2014-12-17 20:38 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 20:38 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-15 14:49 - 2014-12-15 13:01 - 15526138 _____ () C:\Users\Josef\Desktop\Kalender von Reiseck Josef TD-334.ics
2014-12-15 13:36 - 2014-12-15 13:36 - 00001849 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-12-15 13:36 - 2014-12-15 13:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-12-15 13:36 - 2014-12-15 13:36 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-12-15 13:34 - 2014-12-15 13:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-13 10:31 - 2014-12-13 10:31 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 15:48 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 15:48 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 15:48 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 15:48 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 15:48 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 15:48 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 15:48 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 15:48 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 15:48 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 15:48 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-11 18:41 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-11 18:41 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-11 18:41 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-11 18:41 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 18:41 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 18:41 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 18:41 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 18:41 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 18:41 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 18:41 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 18:41 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 18:41 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 18:41 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 18:41 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 18:41 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 18:41 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 18:41 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 18:41 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 18:41 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 18:41 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 18:41 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 18:41 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 18:41 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 18:41 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 18:41 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 18:41 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 18:41 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 18:41 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 18:41 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-11 18:41 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 18:41 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-11 18:41 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 18:41 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 18:41 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 18:41 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 18:41 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-11 18:41 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 18:41 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 18:41 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 18:41 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 18:41 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 18:41 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 18:41 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-11 18:41 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 18:41 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 18:41 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 18:41 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 18:41 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 18:41 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 18:41 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 18:41 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-11 18:41 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 18:41 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 18:41 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 18:41 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 18:41 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 18:41 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-11 18:41 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 18:41 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 18:41 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-11 18:40 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 18:40 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 18:40 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-11 18:40 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-11 18:40 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-11 18:40 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-11 18:40 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-11 18:40 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-11 18:40 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-11 18:40 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-11 18:40 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-11 18:40 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-11 18:40 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-11 18:40 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-07 12:41 - 2014-12-16 16:40 - 00000000 ___HD () C:\Users\Josef\Desktop\[Originaldateien]
2014-12-07 09:55 - 2014-11-30 22:02 - 00002059 _____ () C:\Users\Josef\Desktop\Lightroom 5.7 64-Bit.lnk
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\Users\Josef\Desktop\Konverter
2014-12-03 17:10 - 2014-12-22 09:02 - 00000000 ____D () C:\Users\Josef\AppData\Local\D95C058A-9BC8-45EA-84E8-D454B63F41E2.aplzod
2014-12-03 16:48 - 2014-12-22 09:13 - 00000000 ___RD () C:\Users\Josef\iCloudDrive
2014-12-03 16:48 - 2014-12-03 16:48 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple Inc
2014-12-02 17:58 - 2014-12-02 17:58 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\CyberLink
2014-12-02 17:57 - 2014-12-02 17:58 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\PowerCinema
2014-12-02 17:57 - 2014-12-02 17:57 - 00000000 ____D () C:\Users\Josef\AppData\Local\PowerCinema
2014-12-02 16:24 - 2014-12-02 16:24 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-11-30 22:02 - 2014-11-30 22:02 - 00002079 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-Bit.lnk
2014-11-30 14:30 - 2014-11-30 14:30 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-11-29 16:08 - 2014-11-29 16:08 - 00001033 _____ () C:\Users\Public\Desktop\Biet-O-Matic.lnk
2014-11-29 16:07 - 2014-11-29 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
2014-11-29 16:07 - 2003-01-07 02:22 - 00015873 _____ () C:\Windows\SysWOW64\Inetde.dll
2014-11-29 16:07 - 2000-12-05 23:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx
2014-11-29 16:07 - 2000-10-01 23:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6de.dll
2014-11-29 16:07 - 2000-05-22 15:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx
2014-11-29 16:07 - 2000-04-03 19:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll
2014-11-29 16:07 - 2000-04-03 19:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2014-11-29 16:07 - 1999-07-14 13:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll
2014-11-29 16:07 - 1998-07-05 23:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll
2014-11-29 16:07 - 1998-07-05 23:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll
2014-11-29 16:07 - 1998-06-23 23:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2014-11-29 16:06 - 2014-11-29 16:07 - 04653537 _____ () C:\Users\Josef\Downloads\BOM21412_setup.exe
2014-11-29 15:52 - 2014-12-13 22:49 - 00000000 ____D () C:\Users\Josef\Desktop\Bildschirm
2014-11-29 12:57 - 2014-11-29 13:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-11-29 12:55 - 2014-11-29 12:55 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-29 12:43 - 2014-11-29 12:44 - 00000000 ____D () C:\Users\Josef\Desktop\Outlook
2014-11-28 21:08 - 2014-11-28 21:08 - 00262144 _____ () C:\Windows\system32\config\elam
2014-11-28 21:07 - 2014-12-20 19:41 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\BOM
2014-11-28 21:07 - 2014-11-29 16:08 - 00000000 ____D () C:\Program Files (x86)\Biet-O-Matic
2014-11-28 20:55 - 2014-11-28 22:36 - 00000000 ____D () C:\Program Files\7-Zip
2014-11-28 20:50 - 2014-11-28 22:36 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\vlc
2014-11-28 20:50 - 2014-11-28 20:50 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-11-28 20:43 - 2014-11-28 20:43 - 00000000 ____D () C:\Garmin
2014-11-26 18:30 - 2014-11-28 23:23 - 00000000 ____D () C:\Program Files (x86)\Garmin GPS Plugin
2014-11-26 18:30 - 2014-11-28 23:22 - 00000000 ____D () C:\Program Files\Garmin GPS Plugin
2014-11-24 18:47 - 2014-11-26 17:58 - 00000000 ____D () C:\Users\Josef\Documents\Daten_Sepp
2014-11-24 18:38 - 2014-11-24 18:38 - 00004608 _____ () C:\Users\Josef\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-23 18:52 - 2014-11-23 18:53 - 00083526 _____ () C:\Windows\hpqins13.dat
2014-11-23 18:48 - 2014-11-23 18:48 - 00000000 ____D () C:\ProgramData\WEBREG
2014-11-23 18:48 - 2010-07-28 17:19 - 00002075 ____N () C:\Windows\hpwmdl23.dat.temp
2014-11-23 18:44 - 2014-11-23 18:53 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\HP
2014-11-23 18:44 - 2014-11-23 18:51 - 00001004 _____ () C:\Users\Josef\AppData\Roaming\ConvAPIPlugin.log
2014-11-23 18:44 - 2014-11-23 18:44 - 00000000 ____D () C:\Users\Josef\AppData\Local\HP
2014-11-23 18:42 - 2014-11-28 23:23 - 00000000 ____D () C:\Program Files (x86)\MSN Toolbar
2014-11-23 18:42 - 2014-11-23 18:42 - 00001384 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Default Manager.lnk
2014-11-23 18:42 - 2014-11-23 18:42 - 00001342 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2014-11-23 18:41 - 2014-11-23 18:41 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-11-23 18:40 - 2014-12-22 10:14 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\HpUpdate
2014-11-23 18:40 - 2014-11-23 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-11-23 18:40 - 2014-11-23 18:40 - 00001361 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-11-23 18:40 - 2014-11-23 18:40 - 00001355 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-11-23 18:40 - 2014-11-23 18:40 - 00001064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
2014-11-23 18:40 - 2014-11-23 18:40 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-11-23 18:37 - 2014-11-23 18:41 - 00000000 ____D () C:\Program Files (x86)\HP
2014-11-23 18:36 - 2014-11-23 18:51 - 00262743 _____ () C:\Windows\hpwins23.dat
2014-11-23 18:36 - 2010-07-28 17:19 - 00002075 ____N () C:\Windows\hpwmdl23.dat
2014-11-23 18:36 - 2010-05-13 11:29 - 00553472 _____ (Hewlett Packard) C:\Windows\system32\hppldcoi.dll
2014-11-23 18:36 - 2010-05-13 11:25 - 01422848 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpwtiop4.dll
2014-11-23 18:36 - 2010-05-13 11:25 - 00906240 _____ (Hewlett-Packard) C:\Windows\system32\hpwwiax5.dll
2014-11-23 18:36 - 2010-02-01 07:54 - 00488960 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst11.dll
2014-11-23 18:30 - 2014-11-23 18:30 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WS_FTP Pro
2014-11-23 18:30 - 2014-11-23 18:30 - 00000000 ____D () C:\Program Files\WS_FTP Pro
2014-11-23 16:10 - 2014-11-23 18:53 - 00002542 _____ () C:\ProgramData\hpzinstall.log
2014-11-23 15:23 - 2014-12-16 18:35 - 00000000 ____D () C:\Users\Josef\Desktop\Bilder_Foren
2014-11-23 12:52 - 2014-11-23 12:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-11-22 12:03 - 2014-11-22 12:04 - 00000000 ____D () C:\Users\Josef\Desktop\Labertallauf_20141003

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-22 12:13 - 2014-11-14 22:02 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-22 11:52 - 2014-11-14 23:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-22 11:07 - 2014-11-14 22:03 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-12-22 10:28 - 2014-11-14 20:49 - 01702638 _____ () C:\Windows\WindowsUpdate.log
2014-12-22 09:22 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-22 09:22 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-22 09:13 - 2014-11-14 22:02 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-22 09:12 - 2014-11-17 17:32 - 00002587 _____ () C:\Windows\error.log
2014-12-22 09:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-22 09:12 - 2009-07-14 05:51 - 00046818 _____ () C:\Windows\setupact.log
2014-12-22 09:11 - 2014-11-17 17:32 - 00001905 _____ () C:\Windows\errord.log
2014-12-22 09:11 - 2014-11-14 20:45 - 00272960 _____ () C:\Windows\PFRO.log
2014-12-22 09:10 - 2014-11-17 18:11 - 00000000 ____D () C:\Users\Josef\Documents\Outlook-Dateien
2014-12-22 09:10 - 2014-11-14 23:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-22 09:10 - 2014-11-14 21:02 - 00000999 _____ () C:\Users\Josef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-21 13:12 - 2014-11-16 10:13 - 13945453 _____ () C:\Users\Josef\Desktop\Training 12_00.xlsm
2014-12-21 12:32 - 2014-11-14 21:02 - 00000000 ____D () C:\Users\Josef\AppData\Local\VirtualStore
2014-12-21 12:29 - 2014-11-14 21:02 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Adobe
2014-12-21 12:23 - 2009-07-14 05:45 - 00447448 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-21 11:33 - 2014-11-14 22:42 - 00000000 ____D () C:\Users\Josef\AppData\Local\Adobe
2014-12-21 11:28 - 2014-11-14 21:00 - 00116520 _____ () C:\Users\Josef\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-21 11:28 - 2010-06-24 14:21 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-21 11:25 - 2010-06-24 14:21 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-21 11:18 - 2014-11-15 17:13 - 00000000 ____D () C:\Users\Josef\Documents\ID_Passwoerter
2014-12-21 10:51 - 2010-06-24 13:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-19 19:23 - 2014-11-16 10:15 - 00000000 ____D () C:\Users\Josef\Desktop\Bunker
2014-12-18 13:22 - 2014-11-15 05:34 - 00699614 _____ () C:\Windows\system32\perfh007.dat
2014-12-18 13:22 - 2014-11-15 05:34 - 00149722 _____ () C:\Windows\system32\perfc007.dat
2014-12-18 13:22 - 2009-07-14 06:13 - 01620392 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-16 20:33 - 2014-11-15 12:06 - 00000000 ____D () C:\Users\Josef\AppData\Local\CrashDumps
2014-12-15 13:22 - 2014-11-14 21:59 - 00000000 ____D () C:\Users\Josef\AppData\Local\Google
2014-12-14 13:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 09:49 - 2014-11-17 16:44 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-12-13 20:28 - 2014-11-14 22:54 - 00000000 ____D () C:\Users\Josef\Documents\JuiceboxBuilder-Pro
2014-12-13 10:31 - 2014-11-14 23:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-13 10:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-13 10:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-13 10:14 - 2014-11-15 22:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-12 15:55 - 2014-11-14 22:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 15:50 - 2014-11-14 22:29 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-11 21:44 - 2014-11-16 15:59 - 00000000 ____D () C:\Users\Josef\Desktop\Tacx_iGenius
2014-12-11 20:14 - 2014-11-17 17:06 - 00000246 _____ () C:\TTSInstaller.log
2014-12-11 20:12 - 2014-11-15 22:24 - 00001373 _____ () C:\Users\Public\Desktop\Tacx Support Tool.lnk
2014-12-11 20:12 - 2014-11-15 12:02 - 00002282 _____ () C:\Users\Public\Desktop\Tacx Trainer software 4.lnk
2014-12-10 17:41 - 2014-11-14 23:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 17:41 - 2014-11-14 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 17:41 - 2014-11-14 23:26 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-07 10:06 - 2014-11-16 15:57 - 00000000 ____D () C:\Users\Josef\Desktop\Foto
2014-12-07 09:44 - 2014-11-17 17:32 - 00000127 _____ () C:\Windows\Crypkey.ini
2014-12-07 09:44 - 2014-11-17 17:32 - 00000000 ____D () C:\Program Files\Stellar Phoenix Outlook PST Repair
2014-12-05 23:10 - 2014-11-16 10:15 - 00000000 ____D () C:\Users\Josef\Desktop\Vorhang_Kueche
2014-12-03 17:41 - 2014-11-16 15:30 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Apple Computer
2014-12-03 16:49 - 2014-11-16 15:27 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple
2014-12-03 16:48 - 2014-11-14 20:59 - 00000000 ____D () C:\Users\Josef
2014-12-03 16:46 - 2014-11-16 15:30 - 00000000 ____D () C:\Users\Josef\AppData\Local\Apple Computer
2014-12-03 16:40 - 2014-11-16 15:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-12-02 17:58 - 2014-11-14 21:36 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-02 16:24 - 2014-11-15 12:23 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2014-12-02 16:21 - 2014-11-16 16:15 - 00000000 ____D () C:\Users\Josef\Desktop\TuneUp
2014-11-30 22:01 - 2014-11-14 22:33 - 00000000 ____D () C:\Program Files\Adobe
2014-11-30 19:54 - 2014-11-16 17:06 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\FileZilla
2014-11-29 13:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-11-29 12:49 - 2014-11-14 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office _Sharepoint
2014-11-28 23:23 - 2014-11-15 17:13 - 00000000 ____D () C:\Users\Josef\Documents\KV_RV_Vertraege_sonst Schriftverkehr
2014-11-28 23:23 - 2014-11-14 23:26 - 00000000 ____D () C:\Windows\system32\Macromed
2014-11-28 23:23 - 2014-11-14 23:06 - 00000000 ____D () C:\ProgramData\Netzmanager
2014-11-28 23:22 - 2014-11-15 11:43 - 00000000 ____D () C:\Users\Josef\AppData\Local\Garmin
2014-11-28 23:22 - 2014-11-15 11:42 - 00000000 ____D () C:\ProgramData\Garmin
2014-11-28 23:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-11-28 23:21 - 2014-11-15 11:42 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-11-28 20:41 - 2014-11-15 11:43 - 00000000 ____D () C:\Users\Josef\AppData\Roaming\Garmin
2014-11-24 14:04 - 2014-11-14 22:15 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-23 18:57 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-11-23 18:51 - 2009-07-14 03:34 - 00000560 _____ () C:\Windows\win.ini
2014-11-23 18:46 - 2014-11-14 21:59 - 00000000 ____D () C:\ProgramData\HP
2014-11-23 18:38 - 2010-06-24 13:55 - 00057612 _____ () C:\Windows\DPINST.LOG
2014-11-23 18:33 - 2014-11-16 15:58 - 00000000 ____D () C:\Users\Josef\Desktop\Homepage
2014-11-23 15:23 - 2014-11-15 22:18 - 00000000 ____D () C:\Users\Josef\AppData\Local\ACD Systems
2014-11-23 12:52 - 2010-06-24 14:14 - 00000000 ____D () C:\Program Files (x86)\Google
2014-11-22 09:55 - 2014-11-15 22:14 - 00000000 ____D () C:\Users\Josef\AppData\Local\Downloaded Installations

Some content of TEMP:
====================
C:\Users\Josef\AppData\Local\Temp\Quarantine.exe
C:\Users\Josef\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 15:19

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 22.12.2014, 14:48   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 22.12.2014, 15:00   #8
Dogma2006
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2014
Ran by Josef at 2014-12-22 15:58:23
Running from C:\Users\Josef\Desktop\Trojanerboard
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky PURE 3.0 (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
6500_E709n (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.355 - ACD Systems International Inc.)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 4.1.7615 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 4.1.7615 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.34.2 - Acer) Hidden
Acer Arcade Movie (x32 Version: 9.0.6415 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.1.60 - NewTech Infosystems)
Acer Bio Protection (HKLM-x32\...\InstallShield_{E09664BB-BB08-45FA-87D1-33EAB0E017F5}) (Version: 6.5.76 - Egis Technology Inc.)
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.12.1 - Suyin Optronics Corp)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0309.2010 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3002 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Argus Cycle Tour 2010 - South Africa (HKLM-x32\...\{5B7664A8-4383-4C3E-B466-46A947381FFC}) (Version: 1.00.0000 - Tacx)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.24 - Atheros Communications Inc.)
Atheros_7.0.2.13_patch2_64 (HKLM-x32\...\{2D13FC7D-42A8-4BF1-AF0C-B3DC68C59448}_is1) (Version:  - Atheros)
ATI Catalyst Install Manager (HKLM\...\{F5816A09-786E-C91D-3D99-8A8C92648750}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Backup Manager Advance (x32 Version: 2.0.1.60 - NewTech Infosystems) Hidden
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 5.0.1449.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 5.0.1449.0 - Microsoft Corporation) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.00.002.0013 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
ccc-core-static (x32 Version: 2010.0421.657.10561 - Ihr Firmenname) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 140.0.65.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden
Download &amp; Install Packages (HKU\S-1-5-21-2186974003-2043912784-1202098385-1000\...\Download &amp; Install Packages) (Version:  - ) <==== ATTENTION
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
Elevated Installer (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Fingerprint Solution (x32 Version: 6.1.76.0 - Egis Technology Inc.) Hidden
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Garmin Express (HKLM-x32\...\{045320b6-c340-4960-aefd-57bf08a9b425}) (Version: 3.2.21.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.21.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Ipswitch WS_FTP Pro Uninstall (HKLM-x32\...\WS_FTPPro) (Version:  - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JuiceboxBuilder-Pro (HKLM-x32\...\JuiceboxBuilder-Pro) (Version: 1.3.2 - SimpleViewer Inc)
JuiceboxBuilder-Pro (x32 Version: 1.3.2 - SimpleViewer Inc) Hidden
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.7 - Acer Inc.)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
Mallorca Tour I - Spain (HKLM-x32\...\{8B5D5C58-A053-4832-949A-53933682588D}) (Version: 1.00.0000 - Tacx)
MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
MediaShow Espresso (x32 Version: 5.5.1403_23691 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft SharePoint Designer 2013 (HKLM\...\Office15.SharePointDesigner) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Milan San Remo 2008 - Italy (HKLM-x32\...\{B1552C76-5085-4982-A131-72E6174F29B6}) (Version: 1.00.0000 - Tacx)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyWinLocker (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.210.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.210.0 - Egis Technology Inc.) Hidden
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.8 - Google)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden
Nuvoton CIR Device Drivers (HKLM-x32\...\{FBC79D04-051E-4367-8051-1DB0C893FBE0}) (Version: 8.60.2002 - Nuvoton Technology Corporation)
O2Micro 1394 OHCI Compliant Host Controller Driver (HKLM-x32\...\InstallShield_{AFC44A23-E6A8-4625-B6B1-23D438525D59}) (Version: 1.0.00 - O2Micro International LTD.)
O2Micro 1394 OHCI Compliant Host Controller Driver (Version: 1.0.00 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{5FAD2AAE-C6DD-4CC8-B325-BFCBB3D32249}) (Version: 2.0.37.D - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 2.0.37.D - O2Micro International LTD.) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.8.00.09123 - Sony Corporation)
Portrait Professional 10.8 (HKLM-x32\...\PortraitProfessional10_is1) (Version: 10.8 - Anthropics Technology Ltd.)
ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6072 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0017-0000-1000-0000000FF1CE}_Office15.SharePointDesigner_{67A083C6-0A9E-48E8-BC90-C1EDA8028ED4}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.2 - Synaptics Incorporated)
Tacx Trainer software 4 (HKLM-x32\...\{1FC386C1-EA57-43DB-9860-FE327C143148}) (Version: 4.13.0 - Tacx BV)
The Grossglockner 2008 - Austria (HKLM-x32\...\{6AD671B1-4FAD-43A1-9EC2-42301DFF3D3C}) (Version: 1.00.0000 - Tacx)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
TTS Launcher (HKLM-x32\...\{2D09223F-34B4-4C74-B6F2-ABDE6BEC82E5}) (Version: 1.0.3 - Tacx BV)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
USB ANT Stick Silicon Laboratories USBXpress Device (Driver Removal) (HKLM-x32\...\USB_ANT_SIUSBXP_3_1&1004&0FCF) (Version:  - )
WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

18-12-2014 09:18:50 Windows Update
21-12-2014 11:25:02 Adobe Photoshop CS2 wird installiert
22-12-2014 12:47:45 Installed 7-Zip 9.20 (x64 edition)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1830E1A6-0CD6-4683-AB0B-63139290F43A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {224EAC5D-D3C9-4260-B253-ABA8F736325E} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18] (Hewlett-Packard)
Task: {2D28C6D4-82D9-4E6F-9AEF-D1CA499D948B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-10-21] ()
Task: {3C369532-32DB-4AC1-97BC-86965BB9D6C5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {48BF3627-CF5F-4357-B6E3-B01FB0B3AC61} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5D644936-02A2-4A76-BCD2-4ACF464A0AD8} - System32\Tasks\{8A28FE80-2F47-446F-A394-0E99E7C8F30F} => pcalua.exe -a "C:\Users\Josef\Desktop\Foto\Foto_Software\Adobe\Creative Suite CS2\CS2_RetNon_Ger_3.exe" -d "C:\Users\Josef\Desktop\Foto\Foto_Software\Adobe\Creative Suite CS2"
Task: {6375FE9B-0F15-4B72-84A5-B5DC9C661CE2} - System32\Tasks\{EF48D0EB-28C4-43A2-8FE7-45FF0EB4AC99} => pcalua.exe -a c:\PROGRA~2\COMMON~1\ADOBEA~1\Versions\1.0\ADOBEA~1.EXE -c "C:\Users\Josef\AppData\Local\Temp\Temp1_juicebox_pro_1.3.2.zip\juicebox_pro_1.3.2\JuiceboxBuilder-Pro.air"
Task: {6C964581-D351-4735-83B6-43568B4E7C60} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\Root\Office15\msoia.exe [2014-11-29] (Microsoft Corporation)
Task: {6D92763E-7206-4A23-B7AA-26181BB1F59B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {98EFF087-0D02-4DBF-AD73-E9849E980F08} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.)
Task: {9CDB30CB-9C55-4D0D-A233-4F9C05EAAA36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\Root\Office15\msoia.exe [2014-11-29] (Microsoft Corporation)
Task: {9F5E8837-664E-4DCC-8940-ECF9A737561D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {AC3C1682-1F45-4CC0-B58A-8A3B97062208} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D489FCAE-3B05-4EFB-9047-6A76C9C66FD6} - System32\Tasks\{528B1225-345B-4C8F-BB20-834760168251} => pcalua.exe -a "C:\Users\Josef\Desktop\Foto\Foto_Software\Adobe\Creative Suite CS2\CS2_RetNon_Ger_2.exe" -d "C:\Users\Josef\Desktop\Foto\Foto_Software\Adobe\Creative Suite CS2"
Task: {DF4379F9-ADC4-4785-ACC0-0A877DBB1BA7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {E9066672-66C4-4EFC-B0BC-31D454156384} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-14] (Google Inc.)
Task: {ECC75410-0A30-421C-AB6A-D4E9EBC9D2FA} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-03-26] (Acer)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-03-08 03:35 - 2010-03-08 03:35 - 00108912 _____ () C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64.DLL
2014-11-29 12:55 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-14 21:18 - 2010-01-13 10:47 - 00206208 _____ () C:\Windows\PLFSetI.exe
2010-10-19 08:31 - 2010-10-19 08:31 - 00205312 _____ () C:\Program Files\Netzmanager\NMInfraIS2\driver64\SoftplugLib.DLL
2014-11-14 21:37 - 2010-02-03 09:37 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2014-07-16 09:24 - 2014-07-16 09:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-03-26 10:41 - 2010-03-26 10:41 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-11-14 20:54 - 2014-11-14 20:54 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-11-29 12:55 - 2014-11-29 12:55 - 00393376 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream64.dll
2014-11-29 12:55 - 2014-11-29 13:00 - 02210480 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\tmpod.dll
2014-11-29 12:58 - 2014-11-29 13:00 - 01428128 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2010-06-24 14:32 - 2009-05-20 07:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2010-03-09 01:18 - 2010-03-09 01:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-03-09 01:13 - 2010-03-09 01:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2186974003-2043912784-1202098385-500 - Administrator - Disabled)
Gast (S-1-5-21-2186974003-2043912784-1202098385-501 - Limited - Disabled)
Josef (S-1-5-21-2186974003-2043912784-1202098385-1000 - Administrator - Enabled) => C:\Users\Josef

==================== Faulty Device Manager Devices =============

Name: Officejet 6500 E709n
Description: Officejet 6500 E709n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (12/22/2014 02:26:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E6E74C7-0E85-4D14-8851-7635E2C1C528}

Error: (12/22/2014 01:37:33 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (12/22/2014 10:09:44 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (12/22/2014 10:09:28 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-14 09:53:39.888
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-14 09:53:39.859
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-14 09:50:58.821
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-14 09:50:58.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.349
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.347
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.207
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:34:40.144
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:29:12.358
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-11-18 17:29:12.296
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 740 @ 1.73GHz
Percentage of memory in use: 33%
Total physical RAM: 8124.5 MB
Available physical RAM: 5374.08 MB
Total Pagefile: 16247.17 MB
Available Pagefile: 12697.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:681.04 GB) (Free:197.09 GB) NTFS
Drive e: (My Book) (Fixed) (Total:3725.99 GB) (Free:2513.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A5F07B42)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=681 GB) - (Type=OF Extended)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================
         

Alt 22.12.2014, 15:08   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Okay, dann Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 23.12.2014, 11:48   #10
Dogma2006
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Hat leider eine Weile gedauert.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.12.2014
Suchlauf-Zeit: 18:40:32
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.22.06
Rootkit Datenbank: v2014.12.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Josef

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 345909
Verstrichene Zeit: 13 Min, 24 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 5
PUP.Optional.InstallCore, C:\Users\Josef\AppData\Roaming\0D1F2W1G1I1F1T1QyE2W1L1G1Q1F2W1B\Download &amp; Install Packages\uninstaller.exe, , [bc2215508fed35019fb6e01c8f7218e8], 
PUP.Optional.InstallCore, C:\Users\Josef\AppData\Local\Temp\58401205.Uninstall\uninstaller.exe, , [cc12a1c4c4b86cca4f062fcdd52cb749], 
PUP.Optional.InstallCore, C:\Users\Josef\AppData\Local\Temp\58550700.Uninstall\uninstaller.exe, , [4e905411e993a4921144f507847d4bb5], 
PUP.Optional.InstallCore, C:\Users\Josef\AppData\Local\Temp\58605831.Uninstall\uninstaller.exe, , [805e77ee7c004de96de874884cb5ca36], 
PUP.Optional.SecurityProtection.A, C:\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh.crx, , [15c95f061f5dd561c23987d19370f30d], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=2e832004d451f9499c363d3c26a00061
# engine=21668
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-23 01:05:24
# local_time=2014-12-23 02:05:24 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky PURE 3.0'
# compatibility_mode=1289 16777214 100 99 25718 110707592 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 129692 170926574 0 0
# scanned=864548
# found=45
# cleaned=0
# scan_time=25151
sh=CAD805B3B450427B1F6FA77814F6CE6E40691FBE ft=1 fh=28418eb44ee327e6 vn="Variante von Win32/InstallCore.TL evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2186974003-2043912784-1202098385-1000\$RM0O2N8.exe"
sh=A7E55C336AB5504ED0AE3BBD292CF508769FE131 ft=1 fh=3ba8fc19ca14dfb1 vn="Variante von Win32/Adware.Adpeak.Q Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\007\nkdytjtjsw32.exe.vir"
sh=C1D7E269C9CEC47C21C557E33DD215E2A18C92E7 ft=1 fh=c71c00117580c45f vn="Variante von Win32/ELEX.BC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=C93FB945956D3241233F257ECD5BC0A0CD586235 ft=0 fh=0000000000000000 vn="JS/Trackware.Agent.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Josef\AppData\Local\Google\Chrome\User Data\Default\Extensions\noajmlkipclmeolfcnflkjhijkigpfjh\1.2.4_0\js\inject.js.vir"
sh=FA55D765ACECF0E142995558447BA1C0C64A95B9 ft=1 fh=8a5fed32a6adae19 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=5F94B5147433490152EAC795CB75A929A77F7AB1 ft=1 fh=06d2e423d167a2a2 vn="Variante von Win32/InstallCore.PY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Josef\Downloads\IDM2-Win-EN.exe"
sh=9D02A0107DA5A558ED3B9131060933DDDE2DD653 ft=1 fh=164f737b091da2c9 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows\Temp\BEAF8266-AE64-40A2-BF8D-99F4FB145C26n.exe"
sh=D5548ED6BC1308AE61F2FFD215F8EE70E73A271E ft=1 fh=c71c0011010f2845 vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\BExternal.dll"
sh=55953896937FFDB69A3179997B01D6231717B055 ft=1 fh=377d655ef08f77a0 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\IECookieLow.dll"
sh=40969E053E001937C71D74EA719F78BF9A5FEF2A ft=1 fh=9a76860661eadcce vn="Win32/Toolbar.Babylon evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\MyBabylonTB.exe"
sh=1476185F98F21971B4C64716990B13EE0CEFD707 ft=1 fh=6886307c4e8d6b1c vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\Setup.exe"
sh=57279257E733B05B254033CFED9DF0A9239A0680 ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.B Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\back.js"
sh=6D2F4089C3FB9A3AD6F255F9BD9D7DB6BC5B4B5E ft=0 fh=0000000000000000 vn="JS/Adware.Yontoo.A Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\yl.js"
sh=95ADC7925C2BB20FACE637E7031972F8E208FA33 ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx"
sh=9F9CF6762E257F68F6623E8B86E62819BB182C87 ft=0 fh=0000000000000000 vn="Variante von Win32/SweetIM.L evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx"
sh=4AFC28D0218FACFEEA4A88E1DC311CA0ABC6FCE5 ft=1 fh=897dc87dbc6ba9f1 vn="Mehrere Bedrohungen" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Temp\9003.exe"
sh=6B3D8EE31019F17D284C82F5A8E148EC2AD98C4A ft=1 fh=7c069882bbc38c72 vn="Variante von Win32/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\Complitly.dll"
sh=A3DC07B87C3A77711F062B93B6E22BCF7C49F8C1 ft=1 fh=7408fda3ce07568f vn="Variante von Win32/PredictAd.A evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\KeepMeUpdated.exe"
sh=3B0F9DF1FEF6F297E7A3AC319A21174166B63A2A ft=1 fh=b5e9e28e3551652e vn="Variante von Win64/Complitly.A evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\Complitly64.dll"
sh=A3DC07B87C3A77711F062B93B6E22BCF7C49F8C1 ft=1 fh=7408fda3ce07568f vn="Variante von Win32/PredictAd.A evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\KeepMeUpdated.exe"
sh=FB9B4B0EE9279CFE23CBACD4B2765483321A08DE ft=1 fh=643fe0264237b7d6 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\OpenCandy\514EC4010C364E19A0B492813AAFBEF7\Softonic_chr_p1v6.exe"
sh=EE4A580BD51B86C4B4079B9E4F267A454AE0D320 ft=1 fh=72e6de8e7f315ca3 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\BOM_Bietsoftware.exe"
sh=6E46A0A077930B1B9D25C3105F629D399CB8EBD1 ft=1 fh=88cd3388df6e5029 vn="Win32/Adware.Toolbar.Shopper Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe"
sh=2CA1645D010A152C0EF078EE1BF030EDAD769E87 ft=1 fh=e1911fa5d7bfc39e vn="Win32/Adware.WildTangent Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\speedway.exe"
sh=5D6CD79906F9D07265D40AFB9E47B64016F5BD17 ft=1 fh=b11019cacfc333e5 vn="Win32/Adware.WildTangent Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\tlboxing.exe"
sh=B69FF71CC2986E88C54E30CC611EAE26CA9B583F ft=1 fh=1b539b36dba40fb3 vn="Win32/Adware.WildTangent Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\trackmeet.exe"
sh=450BC07BDF16426A927CFDCF6952C70D8CE5E9F5 ft=1 fh=c6a73bdcdf60520b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_3639.exe"
sh=1D4DD4523492EDC59753D2F328BF3564A9390EA4 ft=1 fh=ec458d8c372fafe5 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_4312.exe"
sh=698A03A88D3C1D0613EFCE82138248A3EA21E3E0 ft=1 fh=8b635154fd9f4e78 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7.60_7659[1]"
sh=698A03A88D3C1D0613EFCE82138248A3EA21E3E0 ft=1 fh=8b635154fd9f4e78 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7\ashampoo_photo_commander_7_7.60_7659[1]"
sh=13DDFB00567A8F5FB6EA6509A272B24018D22B1C ft=1 fh=b8d1396863c48d65 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Downloads\LG KS20\Elf_1.exe"
sh=72EAFCCC9560913E74953DBD6DA6D8BBC3D5A77B ft=0 fh=0000000000000000 vn="Win32/Packed.Autoit.E.Gen evtl. unerwünschte Anwendung" ac=I fn="E:\Datensicherung_Sepp\Josef Reiseck\Dropbox (Alt)\Public\FritzRePass1.20-U3.zip"
sh=450BC07BDF16426A927CFDCF6952C70D8CE5E9F5 ft=1 fh=c6a73bdcdf60520b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe"
sh=1D4DD4523492EDC59753D2F328BF3564A9390EA4 ft=1 fh=ec458d8c372fafe5 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe"
sh=6E46A0A077930B1B9D25C3105F629D399CB8EBD1 ft=1 fh=88cd3388df6e5029 vn="Win32/Adware.Toolbar.Shopper Anwendung" ac=I fn="E:\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe"
sh=2CA1645D010A152C0EF078EE1BF030EDAD769E87 ft=1 fh=e1911fa5d7bfc39e vn="Win32/Adware.WildTangent Anwendung" ac=I fn="E:\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe"
sh=5D6CD79906F9D07265D40AFB9E47B64016F5BD17 ft=1 fh=b11019cacfc333e5 vn="Win32/Adware.WildTangent Anwendung" ac=I fn="E:\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe"
sh=B69FF71CC2986E88C54E30CC611EAE26CA9B583F ft=1 fh=1b539b36dba40fb3 vn="Win32/Adware.WildTangent Anwendung" ac=I fn="E:\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe"
sh=6E46A0A077930B1B9D25C3105F629D399CB8EBD1 ft=1 fh=88cd3388df6e5029 vn="Win32/Adware.Toolbar.Shopper Anwendung" ac=I fn="G:\BMW_Notebook_20121212\Datensicherung_Laptop BMW\Festplatte alt\Desktop\Zwischenablage\Office 2007\daemon4123-lite.exe"
sh=450BC07BDF16426A927CFDCF6952C70D8CE5E9F5 ft=1 fh=c6a73bdcdf60520b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe"
sh=1D4DD4523492EDC59753D2F328BF3564A9390EA4 ft=1 fh=ec458d8c372fafe5 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe"
sh=6E46A0A077930B1B9D25C3105F629D399CB8EBD1 ft=1 fh=88cd3388df6e5029 vn="Win32/Adware.Toolbar.Shopper Anwendung" ac=I fn="G:\Software\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe"
sh=2CA1645D010A152C0EF078EE1BF030EDAD769E87 ft=1 fh=e1911fa5d7bfc39e vn="Win32/Adware.WildTangent Anwendung" ac=I fn="G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe"
sh=5D6CD79906F9D07265D40AFB9E47B64016F5BD17 ft=1 fh=b11019cacfc333e5 vn="Win32/Adware.WildTangent Anwendung" ac=I fn="G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe"
sh=B69FF71CC2986E88C54E30CC611EAE26CA9B583F ft=1 fh=1b539b36dba40fb3 vn="Win32/Adware.WildTangent Anwendung" ac=I fn="G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe"
         

Alt 23.12.2014, 22:17   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Josef\Downloads\IDM2-Win-EN.exe
C:\Windows\Temp\BEAF8266-AE64-40A2-BF8D-99F4FB145C26n.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\BExternal.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\IECookieLow.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\MyBabylonTB.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\Setup.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\back.js
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\yl.js
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Temp\9003.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\Complitly.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\KeepMeUpdated.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\Complitly64.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\OpenCandy\514EC4010C364E19A0B492813AAFBEF7\Softonic_chr_p1v6.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\BOM_Bietsoftware.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\speedway.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\tlboxing.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\trackmeet.exe
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_3639.exe
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_4312.exe
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7.60_7659[1]
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7\ashampoo_photo_commander_7_7.60_7659[1]
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\LG KS20\Elf_1.exe
E:\Datensicherung_Sepp\Josef Reiseck\Dropbox (Alt)\Public\FritzRePass1.20-U3.zip
E:\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe
E:\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe
E:\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe
G:\BMW_Notebook_20121212\Datensicherung_Laptop BMW\Festplatte alt\Desktop\Zwischenablage\Office 2007\daemon4123-lite.exe
G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe
G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe
EmptyTemp:
Hosts:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 24.12.2014, 09:39   #12
Dogma2006
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-12-2014
Ran by Josef at 2014-12-24 10:21:18 Run:1
Running from C:\Users\Josef\Desktop\Trojanerboard
Loaded Profile: Josef (Available profiles: Josef)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Josef\Downloads\IDM2-Win-EN.exe
C:\Windows\Temp\BEAF8266-AE64-40A2-BF8D-99F4FB145C26n.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\BExternal.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\IECookieLow.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\MyBabylonTB.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\Setup.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\back.js
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\yl.js
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Temp\9003.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\Complitly.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\KeepMeUpdated.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\Complitly64.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\OpenCandy\514EC4010C364E19A0B492813AAFBEF7\Softonic_chr_p1v6.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\BOM_Bietsoftware.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\speedway.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\tlboxing.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\trackmeet.exe
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_3639.exe
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_4312.exe
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7.60_7659[1]
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7\ashampoo_photo_commander_7_7.60_7659[1]
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\LG KS20\Elf_1.exe
E:\Datensicherung_Sepp\Josef Reiseck\Dropbox (Alt)\Public\FritzRePass1.20-U3.zip
E:\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe
E:\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe
E:\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe
G:\BMW_Notebook_20121212\Datensicherung_Laptop BMW\Festplatte alt\Desktop\Zwischenablage\Office 2007\daemon4123-lite.exe
G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe
G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe
EmptyTemp:
Hosts:
         
*****************

C:\Users\Josef\Downloads\IDM2-Win-EN.exe => Moved successfully.
C:\Windows\Temp\BEAF8266-AE64-40A2-BF8D-99F4FB145C26n.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\BExternal.dll => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\IECookieLow.dll => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\MyBabylonTB.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\Setup.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\back.js => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\yl.js => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Temp\9003.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\Complitly.dll => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\KeepMeUpdated.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\Complitly64.dll => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\KeepMeUpdated.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\OpenCandy\514EC4010C364E19A0B492813AAFBEF7\Softonic_chr_p1v6.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\BOM_Bietsoftware.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\speedway.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\tlboxing.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\trackmeet.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_3639.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_4312.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7.60_7659[1] => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7\ashampoo_photo_commander_7_7.60_7659[1] => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\LG KS20\Elf_1.exe => Moved successfully.
E:\Datensicherung_Sepp\Josef Reiseck\Dropbox (Alt)\Public\FritzRePass1.20-U3.zip => Moved successfully.
E:\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe => Moved successfully.
E:\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe => Moved successfully.
E:\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe => Moved successfully.
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe => Moved successfully.
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe => Moved successfully.
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe => Moved successfully.
"G:\BMW_Notebook_20121212\Datensicherung_Laptop BMW\Festplatte alt\Desktop\Zwischenablage\Office 2007\daemon4123-lite.exe" => File/Directory not found.
"G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe" => File/Directory not found.
"G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe" => File/Directory not found.
"G:\Software\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe" => File/Directory not found.
"G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe" => File/Directory not found.
"G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe" => File/Directory not found.
"G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe" => File/Directory not found.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 889.7 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 10:24:03 ====
         
Noch einmal vielen, vielen Dank für die Hilfe und allen ein wunderschönes Weihnachtsfest.

Alt 24.12.2014, 15:42   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Virenscanner deaktivieren und den Fix bitte wiederholen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Alt 24.12.2014, 16:25   #14
Dogma2006
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-12-2014
Ran by Josef at 2014-12-24 17:15:38 Run:3
Running from C:\Users\Josef\Desktop\Trojanerboard
Loaded Profile: Josef (Available profiles: Josef)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\Josef\Downloads\IDM2-Win-EN.exe
C:\Windows\Temp\BEAF8266-AE64-40A2-BF8D-99F4FB145C26n.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\BExternal.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\IECookieLow.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\MyBabylonTB.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\Setup.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\back.js
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\yl.js
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Temp\9003.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\Complitly.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\KeepMeUpdated.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\Complitly64.dll
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\KeepMeUpdated.exe
E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\OpenCandy\514EC4010C364E19A0B492813AAFBEF7\Softonic_chr_p1v6.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\BOM_Bietsoftware.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\speedway.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\tlboxing.exe
E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\trackmeet.exe
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_3639.exe
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_4312.exe
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7.60_7659[1]
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7\ashampoo_photo_commander_7_7.60_7659[1]
E:\Datensicherung_Sepp\Josef Reiseck\Downloads\LG KS20\Elf_1.exe
E:\Datensicherung_Sepp\Josef Reiseck\Dropbox (Alt)\Public\FritzRePass1.20-U3.zip
E:\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe
E:\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe
E:\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe
E:\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe
G:\BMW_Notebook_20121212\Datensicherung_Laptop BMW\Festplatte alt\Desktop\Zwischenablage\Office 2007\daemon4123-lite.exe
G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe
G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe
EmptyTemp:
Hosts:
         
*****************

"C:\Users\Josef\Downloads\IDM2-Win-EN.exe" => File/Directory not found.
"C:\Windows\Temp\BEAF8266-AE64-40A2-BF8D-99F4FB145C26n.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\BExternal.dll" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\IECookieLow.dll" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\MyBabylonTB.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Babylon\Setup\Setup.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\back.js" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.4_0\yl.js" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Local\Temp\9003.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\Complitly.dll" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\KeepMeUpdated.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\Complitly64.dll" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\Complitly\64\KeepMeUpdated.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\AppData\Roaming\OpenCandy\514EC4010C364E19A0B492813AAFBEF7\Softonic_chr_p1v6.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\BOM_Bietsoftware.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\speedway.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\tlboxing.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Desktop\Software\Software_alt\Software_PC\Spiele\trackmeet.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_3639.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_burning_studio_6_free_6.80_4312.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7.60_7659[1]" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Downloads\ashampoo_photo_commander_7_7\ashampoo_photo_commander_7_7.60_7659[1]" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Downloads\LG KS20\Elf_1.exe" => File/Directory not found.
"E:\Datensicherung_Sepp\Josef Reiseck\Dropbox (Alt)\Public\FritzRePass1.20-U3.zip" => File/Directory not found.
"E:\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe" => File/Directory not found.
"E:\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe" => File/Directory not found.
"E:\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe" => File/Directory not found.
"E:\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe" => File/Directory not found.
"E:\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe" => File/Directory not found.
"E:\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe" => File/Directory not found.
G:\BMW_Notebook_20121212\Datensicherung_Laptop BMW\Festplatte alt\Desktop\Zwischenablage\Office 2007\daemon4123-lite.exe => Moved successfully.
G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_3639.exe => Moved successfully.
G:\Software\Software_Download\ashampoo_burning_studio_6_free_6.80_4312.exe => Moved successfully.
G:\Software\Software_Download\Software\Software_alt\Software_PC\Office 2007\daemon4123-lite.exe => Moved successfully.
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\speedway.exe => Moved successfully.
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\tlboxing.exe => Moved successfully.
G:\Software\Software_Download\Software\Software_alt\Software_PC\Spiele\trackmeet.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 2.4 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 17:15:43 ====
         

Alt 24.12.2014, 16:50   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Browser öffnen mit "www.delta-homes.com" - Standard

Browser öffnen mit "www.delta-homes.com"



Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) empfehle ich die Erweiterung Ghostery, diese verhindert weitgehend Usertracking bzw. das Anzeigen von Werbebannern.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Wie man Programme richtig installiert

Backup mit DriveSnapshot

Das TB unterstützen

Antwort

Themen zu Browser öffnen mit "www.delta-homes.com"
auslieferungszustand, gefährliche, js/adware.yontoo.a, js/adware.yontoo.b, js/trackware.agent.a, pup.optional.installcore, pup.optional.securityprotection.a, unerklärlich, win32/adware.adpeak.q, win32/adware.toolbar.shopper, win32/adware.wildtangent, win32/complitly.a, win32/elex.bc, win32/installcore.py, win32/installcore.tl, win32/predictad.a, win32/softonicdownloader.a, win32/sweetim.l, win32/toolbar.babylon, win32/toolbar.babylon.e, win32/toolbar.babylon.f, win32/toolbar.conduit.b, win32/toolbar.montiera.i, win64/complitly.a, win64/systweak.a



Ähnliche Themen: Browser öffnen mit "www.delta-homes.com"


  1. delta-homes browser hijacker geht nicht weg
    Log-Analyse und Auswertung - 19.06.2015 (3)
  2. Plötzlich Software "picexa.exe" installiert, "delta-homes.com" als Startseite in sämtlichen Browsern
    Log-Analyse und Auswertung - 10.04.2015 (11)
  3. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  4. Tab mit "http://rvzr-a.akamaihd.net" öffnen sich im Browser
    Plagegeister aller Art und deren Bekämpfung - 15.02.2014 (49)
  5. Browser: Suchmaschine und "Start" / "Neuer Tab" - Seite und kurze Hintergrundprogramme
    Log-Analyse und Auswertung - 05.01.2014 (11)
  6. Programme und Dokumente lassen sich nicht öffnen, ständige "Anderungsanfragen" der Browser
    Plagegeister aller Art und deren Bekämpfung - 28.12.2013 (13)
  7. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  8. Windows XP Nach Installation von HP Player immer zwei Startseiten beim Öffnen von Google chrome "start.iminent.com" und "Search gol"
    Log-Analyse und Auswertung - 08.10.2013 (5)
  9. Browser/Werbe popup, "AppsHat", MBAM Funde, nach "Schrift-Download"
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (31)
  10. Mit dem Titel "Click to Continue by Browse to Save" öffnen sich im Internet-Browser ein fremdes Werbefenster
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (5)
  11. Avira meldet "TR/Downloader.Gen8" und "TR/Matsnu.EB.130" nach öffnen von Malware
    Plagegeister aller Art und deren Bekämpfung - 20.03.2013 (32)
  12. "Recovery"- und"Bundeskriminalamt"-Malware; Rkill und Malwarebytes öffnen sich nicht
    Plagegeister aller Art und deren Bekämpfung - 29.05.2011 (9)
  13. "Recovery"- und"Bundeskriminalamt"-Malware; Rkill und Malwarebytes öffnen sich nicht
    Antiviren-, Firewall- und andere Schutzprogramme - 29.05.2011 (2)
  14. Fehlalarme bei Escan - betreffend "gain.gator" und "SmitFraud Browser Hijacker"
    Log-Analyse und Auswertung - 16.12.2008 (2)
  15. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  16. Im IE geht "Im neuen Fenster öffnen" und "suchen" nicht, Outlook spinnt...
    Alles rund um Windows - 24.02.2005 (2)

Zum Thema Browser öffnen mit "www.delta-homes.com" - Hallo, ich seit Kurzem ein kleines, aber lästiges Problem. Meine Browser, egal ob Iexplorer oder Google Chrome, öffnen immer mit " hxxp://www.delta-homes.com/". Ich habe schon einige Tipps befolgt, z.B. Add-Ons, - Browser öffnen mit "www.delta-homes.com"...
Archiv
Du betrachtest: Browser öffnen mit "www.delta-homes.com" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.