Zurück   Trojaner-Board > Web/PC > Alles rund um Windows

Alles rund um Windows: Windows XP SP3 Firewall inaktiv

Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows.

Antwort
Alt 05.01.2015, 07:56   #16
Magic11
 
Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



ok
hab mal probeweise updates gesucht funktioniert nicht und um platz auf der platte zu schaffen kompriemieren wird nicht fertig bleibt bei einem grunen balken hangen.
na dann weiter nach Rezept.
grusse

Alt 05.01.2015, 13:26   #17
schrauber
/// the machine
/// TB-Ausbilder
 

Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



Mach einfach obiges, wir müssen erstmal PLatz schaffen im Sine von Tonnen an Malware und Adware runter. Das passiert wenn man mit einem Betriebssystem online ist welches nicht mehr online darf. Und das ganze zur Krönung noch ohne AV Programm so wie es aussieht.
__________________

__________________

Alt 06.01.2015, 00:48   #18
Magic11
 
Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 05.01.2015 22:19:39, SYSTEM, NAME-4E62F3A7F1, Manual, Malware Database, 2015.1.2.4, 2015.1.5.12, 
Scan, 05.01.2015 23:02:09, SYSTEM, NAME-4E62F3A7F1, Manual, Start: % 1 "% 2", Dauer: % 1 min 39 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "% 1" nicht-Malware-Erkennung, 

(end)
         
Code:
ATTFilter
# AdwCleaner v4.106 - Bericht erstellt am 05/01/2015 um 23:51:39
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-21.4 [Local]
# Betriebssystem : Microsoft Windows XP Service Pack 3 (32 bits)
# Benutzername : Magic - NAME-4E62F3A7F1
# Gestartet von : D:\downloads\Firewall Poblem del\AdwCleaner_4.106.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : APNMCP
[#] Dienst Gelöscht : ICQ Service

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\apn
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AskPartnerNetwork
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ\ICQToolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ytd video downloader
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Yahoo! Companion
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Crawler Toolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\eSupport.com
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ytd video downloader
Ordner Gelöscht : C:\Programme\AVG Secure Search
Ordner Gelöscht : C:\Programme\Crawler
Ordner Gelöscht : C:\Programme\ICQ6Toolbar
Ordner Gelöscht : C:\Programme\icqtoolbar
Ordner Gelöscht : C:\Programme\Viewpoint
Ordner Gelöscht : C:\Programme\ciuvo
Ordner Gelöscht : C:\Programme\Gemeinsame Dateien\AVG Secure Search
Ordner Gelöscht : C:\Programme\Gemeinsame Dateien\Tobit
Ordner Gelöscht : C:\windows\assembly\GAC_MSIL\QuickStoresToolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\AskPartnerNetwork
Ordner Gelöscht : C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\AVG Secure Search
Ordner Gelöscht : C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Babylon
Ordner Gelöscht : C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\AVG Secure Search
Ordner Gelöscht : C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\QuickStoresToolbar
Ordner Gelöscht : C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Tobit
Ordner Gelöscht : C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Uniblue
[!] Ordner Gelöscht : C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Datei Gelöscht : C:\windows\system32\conduitEngine.tmp
Datei Gelöscht : C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gelöscht : C:\Dokumente und Einstellungen\Magic\Startmenü\eBay.lnk
Datei Gelöscht : C:\Dokumente und Einstellungen\Magic\Startmenü\QuickStores.url
Datei Gelöscht : C:\Programme\Mozilla Firefox\plugins\NPAskSBr.dll
Datei Gelöscht : C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Mozilla\Firefox\Profiles\i437m79p.default-1383082487453\searchplugins\ask-search.xml

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\.bdc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\.bgl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\.bof
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BabylonTC.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AskSBar.ToolbarPlugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AskSBar.ToolbarPlugin.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyDict
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyGloss
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabylonTC.GingerApplication.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BabyOptFile
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ctbr.R404Pro
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\tbr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Babylon Client
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\SOFTWARE\microsoft\shared tools\msconfig\startupreg\ApnTBMon
Schlüssel Gelöscht : HKCU\Software\XTTB00001
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4BD2D6C3-31DC-B947-23D0-DC52EC4F0C4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4D25FB7A-8902-4291-960E-9ADA051CFBBF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0194532A-A99C-4337-937E-2A452C8957BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C2E529C-A82C-4AC6-8807-0B51F7AD7BB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{5C9A2304-70A5-11D5-AFB0-0050DAC67890}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F0D4B230-DA4B-4DAF-81E4-DFEE4931A4AA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EEDB912-C5FA-486F-8334-57288578C627}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DCB7100-DF86-4384-8842-8FA844297B3F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\Ciuvo
Schlüssel Gelöscht : HKCU\Software\CToolbar
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\WinToFlash Suggestor
Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\CToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\MetaStream
Schlüssel Gelöscht : HKLM\SOFTWARE\pdfforge.org
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Viewpoint
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AskSBar Uninstall
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CToolbar_UNINSTALL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facemoods
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\I Want This
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WinToFlash Suggestor
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Yahoo! Companion

***** [ Browser ] *****

-\\ Internet Explorer v8.0.6001.18702

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [SearchAssistant]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [CustomizeSearch]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]

-\\ Mozilla Firefox v34.0.5 (x86 de)

[37wxkcx8.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[37wxkcx8.default\prefs.js] - Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={4EF7370E-9A2A-4E0A-A3F9-2DFAB15664C8}&mid=4f1dad8ecbeb47d09032d1453095ebfa-6e92abae20d251dadf5180427a3a127810daeea6&lang=en&ds=qw011[...]

-\\ Google Chrome v27.0.1453.94

[C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
[C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [29404 octets] - [05/01/2015 23:15:28]
AdwCleaner[S0].txt - [27729 octets] - [05/01/2015 23:51:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27790 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Microsoft Windows XP x86
Ran by Magic on 06.01.2015 at  0:23:18,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Programme\adobe\reader 10.0\reader\plug_ins\babylon\babylonrpi.api"



~~~ Folders

Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\getrighttogo"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\software informer"
Successfully deleted: [Folder] "C:\Programme\software informer"



~~~ FireFox

Successfully deleted: [Folder] "C:\Programme\Mozilla Firefox\extensions\adapter@babylontc.com"
Successfully deleted: [Folder] "C:\Programme\Mozilla Firefox\extensions\ocr@babylon.com"
Successfully deleted: [Folder] "C:\Programme\Mozilla Firefox\extensions\quickstores@quickstores.de"
Emptied folder: C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\mozilla\firefox\profiles\i437m79p.default-1383082487453\minidumps [1 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\cbmmkkbjmcidpennbibfkncodjenfpjh





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.01.2015 at  0:28:17,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
__________________

Geändert von Magic11 (06.01.2015 um 00:02 Uhr)

Alt 06.01.2015, 12:11   #19
schrauber
/// the machine
/// TB-Ausbilder
 

Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



das frische FRST log fehlt noch.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.01.2015, 20:40   #20
Magic11
 
Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



et voila

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2015
Ran by Magic (administrator) on NAME-4E62F3A7F1 on 06-01-2015 20:33:21
Running from D:\downloads\Firewall Poblem del
Loaded Profile: Magic (Available profiles: Magic & Administrator & Gast)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lavasoft) C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
(Microsoft Corporation) C:\WINDOWS\system32\netdde.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Programme\BlueStacks\HD-LogRotatorService.exe
() C:\Programme\CPUCooL\CooLSRV.exe
(AVM Berlin) C:\Programme\FRITZ!DSL\IGDCTRL.EXE
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Computer Associates) C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
(Google Inc.) C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
() C:\Programme\CDBurnerXP\NMSAccessU.exe
(NVIDIA) C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
(Prolific Technology Inc.) C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe
() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Programme\UPHClean\uphclean.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA) C:\Programme\NVIDIA Corporation\nTune\nTuneCmd.exe
(DT Soft Ltd) C:\Programme\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

Winlogon\Notify\wineyes: C:\windows\system32\welogon.dll ()
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\...\Run: [swg] => C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-08-09] (Google Inc.)
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\...\Run: [DAEMON Tools Pro Agent] => C:\Programme\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINDOWS\system32\CTFMON.EXE [24064 2012-06-29] (Gerhard Schlager)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [FRITZ!protect] => FwebProt.exe
BootExecute: autocheck autochk /r \??\G:autocheck autochk /r \??\N:au

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
BHO: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 06 C:\Programme\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Mozilla\Firefox\Profiles\i437m79p.default-1383082487453
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*'))%20%7B%20return%20'PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Programme\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1488483606-1045282719-2118933040-1011: @unity3d.com/UnityPlayer,version=1.0 -> C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Extension: Google Toolbar for Firefox - C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2015-01-02]
FF Extension: ICQ Toolbar - C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2015-01-02]
FF Extension: Skype Click to Call - C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-14]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon [2010-10-16]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Programme\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2011-01-18]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Programme\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2011-01-18]
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-18]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome: 
=======
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\23.0.1271.97\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Programme\Google\Chrome\Application\23.0.1271.97\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\23.0.1271.97\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Ask Toolbar Plugin Stub) - C:\Programme\Mozilla Firefox\plugins\NPAskSBr.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Windows Genuine Advantage) - C:\Programme\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (My Web Search Plugin Stub) - C:\Programme\Mozilla Firefox\plugins\NPMyWebS.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Programme\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin8.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Programme\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Zylom Plugin) - C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (DivX Content Upload Plugin) - C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll No File
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Programme\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Ciuvo Preisvergleich) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cbmmkkbjmcidpennbibfkncodjenfpjh [2012-03-09]
CHR Extension: (DivX HiQ) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-01-18]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-09-21]
CHR Extension: (DivX Plus Web Player HTML5 video) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-18]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Programme\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Programme\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aawservice; C:\Programme\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-07-07] (Lavasoft)
S4 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [817264 2010-06-07] (Acronis)
S3 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
S4 BBSvc; C:\Programme\Microsoft\BingBar\BBSvc.EXE [196176 2011-10-21] (Microsoft Corporation.)
S3 BBUpdate; C:\Programme\Microsoft\BingBar\SeaPort.EXE [249648 2011-10-13] (Microsoft Corporation)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S2 BstHdAndroidSvc; C:\Programme\BlueStacks\HD-Service.exe [393080 2013-02-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Programme\BlueStacks\HD-LogRotatorService.exe [384888 2013-02-15] (BlueStack Systems, Inc.)
S3 CA_LIC_CLNT; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe [77824 2002-09-19] (Computer Associates) [File not signed]
S3 CA_LIC_SRVR; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe [77824 2002-09-19] (Computer Associates) [File not signed]
R2 CPUCooLServer; C:\Programme\CPUCooL\CooLSrv.exe [743936 2011-12-01] () [File not signed]
S3 de_serv; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin) [File not signed]
S4 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2005-12-24] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-10-28] (Macrovision Europe Ltd.) [File not signed]
S3 fsssvc; C:\Programme\Windows Live\Family Safety\fsssvc.exe [704864 2009-08-05] (Microsoft Corporation)
S4 gupdate1c9ece5216cdebe; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-06-14] (Google Inc.)
S4 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-06-14] (Google Inc.)
S4 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-05-21] (Google)
S3 Hamachi2Svc; C:\Programme\LogMeIn Hamachi\hamachi-2.exe [1385896 2012-06-27] (LogMeIn Inc.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IGDCTRL; C:\Programme\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553440 2012-12-12] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
S4 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [75304 2007-04-19] (Hewlett-Packard Company)
R2 LogWatch; C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe [53248 2002-09-19] (Computer Associates) [File not signed]
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-02] (Mozilla Foundation)
S3 Nero BackItUp Scheduler 4.0; C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe [935208 2008-12-05] (Nero AG)
S4 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 NovacomD; C:\Programme\Palm, Inc\novacom\x86\novacomd.exe [33280 2009-11-06] (Palm) [File not signed]
R2 nTuneService; C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe [191080 2009-11-06] (NVIDIA)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 PLFlash DeviceIoControl Service; C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-12-05] (Prolific Technology Inc.) [File not signed]
S3 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2015-01-02] ()
S3 Radio.fx; E:\Tobit Radio.fx\Server\rfx-server.exe [3630936 2011-08-02] ()
R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 SandraAgentSrv; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\RpcAgentSrv.exe [95896 2009-04-26] (SiSoftware) [File not signed]
S3 SbieSvc; C:\Programme\Sandboxie\SbieSvc.exe [75496 2010-08-09] (SANDBOXIE L.T.D)
S3 sdAuxService; C:\Programme\Spyware Doctor\svcntaux.exe [708688 2007-06-12] (PC Tools)
S3 sdCoreService; C:\Programme\Spyware Doctor\swdsvc.exe [1309264 2007-06-12] (PC Tools)
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [725400 2012-10-03] (Nokia)
S3 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-04-19] (Skype Technologies)
S3 StarWindServiceAE; C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 TomTomHOMEService; C:\Programme\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-03-22] (TomTom)
S3 TuneUp.Defrag; C:\windows\System32\TuneUpDefragService.exe [361288 2009-12-06] (TuneUp Software)
S3 TuneUp.ProgramStatisticsSvc; C:\windows\System32\TUProgSt.exe [604488 2009-12-06] (TuneUp Software)
R2 UPHClean; C:\Programme\UPHClean\uphclean.exe [241725 2005-04-27] (Microsoft Corporation) [File not signed]
S3 VideoAcceleratorService; C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe [292472 2008-10-05] (Speedbit Ltd.)
S4 VMCService; C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed]
S3 windoweyes; C:\Programme\GW Micro\Window-Eyes\weserv.exe [133952 2012-04-23] ()
R2 wlidsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE [1529728 2009-08-18] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 x10nets; C:\Programme\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S3 RichVideo; "C:\Programme\CyberLink\Shared Files\RichVideo.exe" [X]
S3 vToolbarUpdater13.2.0; C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybrid; C:\windows\System32\DRIVERS\3xHybrid.sys [945152 2004-10-06] (Philips Semiconductors GmbH)
S3 61883; C:\windows\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 ACEDRV07; C:\WINDOWS\system32\drivers\ACEDRV07.sys [101376 2007-07-29] (Protect Software GmbH) [File not signed]
R3 actser; C:\windows\System32\drivers\actser.sys [29440 2005-09-12] (Siemens AG) [File not signed]
R2 AegisP; C:\windows\System32\DRIVERS\AegisP.sys [19915 2011-03-10] (Meetinghouse Data Communications) [File not signed]
R3 AnyDVD; C:\windows\System32\Drivers\AnyDVD.sys [121248 2012-08-26] (SlySoft, Inc.)
R3 Apowersoft_AudioDevice; C:\windows\System32\drivers\Apowersoft_AudioDevice.sys [26080 2012-10-08] (Wondershare)
R2 Aspi32; C:\windows\system32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec) [File not signed]
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [26984 2012-11-15] (AVG Technologies)
U0 BMLoad; C:\windows\System32\drivers\BMLoad.sys [22528 2008-10-09] (Bytemobile, Inc.) [File not signed]
R2 BstHdDrv; C:\Programme\BlueStacks\HD-Hypervisor-x86.sys [63864 2013-02-15] (BlueStack Systems)
S3 CardReaderFilter; C:\WINDOWS\system32\Drivers\USBCRFT.SYS [17408 2012-09-16] (ICSI Technology Ltd.) [File not signed]
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 CdaC15BA; C:\WINDOWS\system32\drivers\CDAC15BA.SYS [8864 2006-11-04] () [File not signed]
S3 cmudau; C:\windows\System32\drivers\cmudau.sys [1383104 2007-05-23] (C-Media Inc) [File not signed]
R3 cmudax; C:\windows\System32\drivers\cmudax.sys [1287296 2005-05-12] (C-Media Inc.)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-13] (DT Soft Ltd)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [27672 2007-09-07] (EnTech Taiwan)
R1 Ext2fs; C:\windows\System32\DRIVERS\ext2fs.sys [181120 2008-09-25] (Stephan Schreiber) [File not signed]
R3 FETNDISB; C:\windows\System32\DRIVERS\fetnd5b.sys [42496 2004-04-15] (VIA Technologies, Inc.              )
R2 fssfltr; C:\windows\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [57672 2009-06-10] (FTDI Ltd.)
S3 GcKernel; C:\windows\System32\DRIVERS\GcKernel.sys [59136 2008-04-13] (Microsoft Corporation)
S3 GigasetGenericUSB; C:\windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R0 giveio; C:\windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 gwrdmir; C:\windows\System32\DRIVERS\gwrdmir.sys [9408 2011-09-23] (Windows (R) Win 7 DDK provider)
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HdAudAddService; C:\windows\System32\drivers\HdAudio.sys [113664 2004-03-17] (Windows (R) Server 2003 DDK provider)
S3 HIDSwvd; C:\windows\System32\DRIVERS\HIDSwvd.sys [2688 2001-08-17] (Microsoft Corporation)
S3 hipeer20; C:\windows\System32\DRIVERS\remobo32.sys [26112 2010-08-01] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R1 IfsMount; C:\windows\System32\DRIVERS\ifsmount.sys [51072 2008-08-28] (Stephan Schreiber) [File not signed]
S3 IKFileFlt; C:\windows\System32\drivers\ikfileflt.sys [39376 2007-05-23] (PCTools Research Pty Ltd.)
S3 IKFileSec; C:\windows\System32\drivers\ikfilesec.sys [53840 2007-05-23] (PCTools Research Pty Ltd.)
S3 IkSysFlt; C:\windows\System32\drivers\iksysflt.sys [57424 2007-05-23] (PCTools Research Pty Ltd.)
S3 IKSysSec; C:\windows\System32\drivers\iksyssec.sys [83024 2007-05-23] (PCTools Research Pty Ltd.)
R2 ithsgt; C:\windows\System32\DRIVERS\ithsgt.sys [162432 2007-10-17] () [File not signed]
R2 lilsgt; C:\windows\System32\DRIVERS\lilsgt.sys [12032 2007-10-17] () [File not signed]
R1 meiudf; C:\windows\System32\Drivers\meiudf.sys [102384 2005-12-24] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
S3 MPCSYS; C:\WINDOWS\system32\DRIVERS\mpcsys.sys [15360 2008-12-31] () [File not signed]
S3 MPE; C:\windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NinjaUSB; C:\windows\System32\drivers\NinjaUSB.sys [24704 2010-02-04] () [File not signed]
R1 ntiopnp; C:\windows\system32\Drivers\ntiopnp.sys [21080 2010-11-11] ()
S3 NTSIM; C:\WINDOWS\system32\ntsim.sys [7040 2003-07-17] (VIA Networking Technologies, Inc.       ) [File not signed]
S3 NVHDA; C:\windows\System32\drivers\nvhda32.sys [119272 2011-03-03] (NVIDIA Corporation)
S3 ogo_usb; C:\windows\System32\Drivers\ogo_usb.sys [48384 2006-10-10] (Windows (R) 2000 DDK provider) [File not signed]
S1 oxser; C:\windows\System32\DRIVERS\oxser.sys [51169 2003-04-28] (OEM) [File not signed]
S3 pfc; C:\windows\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.) [File not signed]
R1 prodrv05; C:\windows\System32\drivers\prodrv05.sys [53728 2002-11-13] (Protection Technology Co.) [File not signed]
R1 prodrv06; C:\windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
R0 prohlp01; C:\windows\System32\drivers\prohlp01.sys [60448 2002-11-13] (Protection Technology Co.) [File not signed]
R0 prohlp02; C:\windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
R0 prosync1; C:\windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R2 PStrip; C:\windows\System32\drivers\pstrip.sys [27992 2007-07-15] (EnTech Taiwan)
S3 QCPro; C:\windows\System32\DRIVERS\p35u.sys [116480 2002-06-10] (Logitech Inc.)
S3 RivaTuner32; C:\Programme\RivaTuner v2.22\RivaTuner32.sys [9088 2008-12-29] () [File not signed]
S3 RT2500USB; C:\windows\System32\DRIVERS\rt2500usb.sys [241536 2005-07-14] (Ralink Technology Inc.)
S3 s116bus; C:\windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R3 SaiMini; C:\windows\System32\DRIVERS\SaiMini.sys [13824 2006-07-27] (Saitek) [File not signed]
R3 SaiNtBus; C:\windows\System32\drivers\SaiBus.sys [35200 2006-07-27] (Saitek) [File not signed]
S3 SANDRA; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R2 sbbotdi; C:\Programme\SpeedBit Video Accelerator\sbbotdi.sys [35584 2008-10-05] (SpeedBit Ltd.) [File not signed]
S3 SbieDrv; C:\Programme\Sandboxie\SbieDrv.sys [123112 2010-08-09] (SANDBOXIE L.T.D)
S3 SCL01132; C:\windows\System32\DRIVERS\SCL01132.sys [61824 2010-05-07] (SCM Microsystems Inc.)
R0 sfdrv01; C:\windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp01; C:\windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sfhlp02; C:\windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
S3 siusbmod; C:\windows\System32\DRIVERS\siusbmod.sys [27008 2005-09-12] (Siemens AG )
R0 speedfan; C:\windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [477240 2012-06-04] (Duplex Secure Ltd.)
S3 StarOpen; C:\windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
S3 STCFUx32; C:\windows\System32\DRIVERS\STCFUx32.SYS [7680 2008-11-13] (SCM Microsystems Inc.)
S3 taphss; C:\windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R1 tcpipBM; C:\windows\system32\Drivers\tcpipBM.sys [18816 2008-10-09] (Bytemobile, Inc.) [File not signed]
S3 TVicHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [24656 2001-08-14] (EnTech Taiwan) [File not signed]
R3 UKBFLT; C:\windows\System32\DRIVERS\UKBFLT.sys [11672 2003-12-19] (Chicony)
S3 usbUDisc; C:\windows\System32\DRIVERS\USBDrv.sys [13824 2012-08-02] (Scott)
S3 usb_rndisx; C:\windows\System32\DRIVERS\usb8023x.sys [12800 2005-10-21] (Microsoft Corporation) [File not signed]
R3 VClone; C:\windows\System32\DRIVERS\VClone.sys [30208 2011-01-15] (Elaborate Bytes AG) [File not signed]
R3 vdrive; C:\windows\System32\DRIVERS\vdrive.sys [36328 2012-11-13] (Fengtao Software Inc.)
S3 vncmirror; C:\windows\System32\DRIVERS\vncmirror.sys [3072 2007-08-15] (RealVNC Ltd.)
R3 vsbus; C:\windows\System32\DRIVERS\vsb.sys [15264 2005-09-12] () [File not signed]
S3 vserial; C:\windows\System32\DRIVERS\vserial.sys [47744 2005-09-12] () [File not signed]
R3 wbscr; C:\windows\System32\drivers\wbscr.sys [19928 2002-04-24] (Winbond Electronics Corp.)
S3 wceusbsh; C:\windows\System32\DRIVERS\wceusbsh.sys [104576 2006-04-10] (Microsoft Corporation)
S3 wip0204; C:\windows\System32\DRIVERS\wip0204.sys [23480 2008-12-30] (Wippien Software)
R3 WmBEnum; C:\windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\windows\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
R3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [17792 2005-05-19] (X10 Wireless Technology, Inc.)
U3 a86ft5ci; C:\windows\system32\Drivers\a86ft5ci.sys [0 ] (Microsoft Corporation)
U3 acc2gy3m; C:\windows\system32\Drivers\acc2gy3m.sys [0 ] (Microsoft Corporation)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 BTHidEnum; system32\DRIVERS\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 catchme; \??\C:\DOKUME~1\Magic\Lokale Einstellungen\Temp\catchme.sys [X]
U2 CertPropSvc; No ImagePath
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 NETFWDSL; system32\DRIVERS\NETFWDSL.SYS [X]
S0 rseb; No ImagePath
S3 SCL0102K; system32\DRIVERS\SCL0102K.sys [X]
U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 20:33 - 2015-01-06 20:33 - 00000000 ____D () C:\FRST
2015-01-06 00:22 - 2015-01-06 00:22 - 00000000 ____D () C:\windows\ERUNT
2015-01-05 23:15 - 2015-01-06 00:17 - 00000000 ____D () C:\AdwCleaner
2015-01-04 18:59 - 2015-01-06 20:34 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\User\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temp
2015-01-04 17:59 - 2015-01-04 17:59 - 00000216 _____ () C:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-01-04 16:36 - 2015-01-04 16:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2893294$
2015-01-04 16:36 - 2015-01-04 16:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2757638$
2015-01-04 16:34 - 2015-01-04 18:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2749655$
2015-01-04 16:23 - 2015-01-04 16:23 - 00008192 ____H () C:\windows\system32\config\default.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\system.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\software.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\SAM.tmp.LOG
2015-01-04 16:22 - 2015-01-04 16:22 - 00008192 ____H () C:\windows\system32\config\SECURITY.tmp.LOG
2015-01-04 16:06 - 2015-01-04 16:33 - 00000000 ____D () C:\windows\system32\MRT
2015-01-04 15:58 - 2015-01-04 15:58 - 00000000 __HDC () C:\windows\$NtUninstallKB2892075$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2934207$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2862330$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2727528$
2015-01-04 15:43 - 2015-01-04 15:43 - 00000000 __HDC () C:\windows\$NtUninstallKB2813345$
2015-01-04 15:07 - 2015-01-04 15:07 - 00000000 __HDC () C:\windows\$NtUninstallKB2914368$
2015-01-04 14:53 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-01-04 14:53 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-01-04 14:53 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-01-04 14:52 - 2015-01-04 18:59 - 00000000 ____D () C:\Qoobox
2015-01-04 14:52 - 2015-01-04 18:12 - 00000000 ____D () C:\windows\erdnt
2015-01-04 13:43 - 2015-01-04 13:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Mumble
2015-01-04 13:42 - 2015-01-04 13:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Learn2.com
2015-01-03 15:30 - 2014-02-27 00:28 - 00013312 ____N (Microsoft Corporation) C:\windows\system32\xp_eos.exe
2015-01-03 15:30 - 2014-02-27 00:28 - 00013312 ____C (Microsoft Corporation) C:\windows\system32\dllcache\xp_eos.exe
2015-01-03 15:30 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbport.sys
2015-01-03 15:30 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbccgp.sys
2015-01-03 15:30 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbd.sys
2015-01-03 15:30 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbehci.sys
2015-01-03 14:45 - 2015-01-06 20:29 - 01531994 _____ () C:\windows\WindowsUpdate.log
2015-01-03 14:00 - 2015-01-03 16:09 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-01-03 13:58 - 2015-01-03 16:09 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Desktop\mbar
2015-01-02 11:26 - 2015-01-02 11:26 - 00000000 ____D () C:\Programme\Mozilla Firefox
2015-01-02 09:49 - 2015-01-02 19:00 - 00000000 ____D () C:\Programme\onlineTV 10
2015-01-02 09:49 - 2015-01-02 09:49 - 00000705 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\onlineTV 10.lnk
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü\Programme\onlineTV 10
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\concept design
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\onlineTV 10

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-06 00:49 - 2013-04-29 19:54 - 00000000 __SHD () C:\Dokumente und Einstellungen\Magic\UserData
2015-01-06 00:49 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic
2015-01-06 00:25 - 2004-10-11 20:51 - 00000000 ____D () C:\Programme
2015-01-06 00:19 - 2004-10-11 20:54 - 00000159 ____N () C:\windows\wiadebug.log
2015-01-06 00:19 - 2004-10-11 20:54 - 00000050 ____N () C:\windows\wiaservc.log
2015-01-06 00:17 - 2013-04-29 19:54 - 00000190 ___SH () C:\Dokumente und Einstellungen\Magic\ntuser.ini
2015-01-05 23:55 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-01-05 23:51 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü
2015-01-05 23:51 - 2009-11-28 20:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
2015-01-05 23:51 - 2004-10-11 20:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-01-05 23:08 - 2014-04-10 20:11 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 22:32 - 2004-10-11 20:01 - 00000000 ____D () C:\windows\Microsoft.NET
2015-01-04 18:56 - 2004-10-12 04:46 - 00000000 _____ () C:\windows\system.ini
2015-01-04 18:00 - 2004-10-11 19:56 - 00000000 ____D () C:\windows\system32\Restore
2015-01-04 17:58 - 2010-02-13 02:21 - 00000000 ____D () C:\Programme\Microsoft Silverlight
2015-01-04 16:39 - 2004-10-11 21:50 - 72613888 _____ () C:\windows\system32\config\software.bak
2015-01-04 16:35 - 2004-10-12 04:46 - 00000582 _____ () C:\windows\win.ini
2015-01-04 16:17 - 2004-10-11 21:47 - 00000000 ____D () C:\windows\system
2015-01-04 16:02 - 2004-10-11 19:55 - 00000072 ____C () C:\windows\vbaddin.ini
2015-01-04 16:01 - 2010-06-04 14:10 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight
2015-01-04 15:59 - 2004-10-11 21:50 - 18612224 _____ () C:\windows\system32\config\system.bak
2015-01-04 15:48 - 2009-12-02 23:04 - 00000000 ____D () C:\Programme\MW2
2015-01-04 15:45 - 2010-12-11 10:53 - 00000000 ____D () C:\Atari
2015-01-04 15:42 - 2009-06-14 00:36 - 00000000 ____D () C:\windows\ie8updates
2015-01-04 15:35 - 2009-02-14 01:13 - 00000000 ____D () C:\windows\system32\XPSViewer
2015-01-04 15:25 - 2013-05-04 13:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\vlc
2015-01-04 15:10 - 2008-03-23 16:16 - 00001010 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\Junk.lnk
2015-01-04 14:50 - 2006-12-29 17:29 - 00000000 ____D () C:\Programme\cod2
2015-01-04 13:46 - 2013-02-09 23:30 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Origin
2015-01-04 13:45 - 2013-02-09 23:30 - 00000000 ____D () C:\Programme\Origin
2015-01-04 13:43 - 2012-04-07 20:38 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Mumble
2015-01-04 13:38 - 2007-08-11 17:09 - 00000000 ____D () C:\Programme\Internet Download Manager
2015-01-03 15:39 - 2004-10-13 09:49 - 00000000 ___HD () C:\windows\$hf_mig$
2015-01-03 14:59 - 2014-04-10 19:53 - 00055000 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-03 14:47 - 2004-10-11 21:50 - 00786432 _____ () C:\windows\system32\config\default.bak
2015-01-03 14:47 - 2004-10-11 20:50 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2015-01-03 14:47 - 2004-10-11 20:50 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2015-01-03 12:35 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü\Programme
2015-01-03 12:35 - 2013-04-24 20:33 - 00000763 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\Revo Uninstaller.lnk
2015-01-02 19:30 - 2013-08-01 19:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\foobar2000
2015-01-02 14:53 - 2014-04-10 19:53 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2015-01-02 14:53 - 2012-05-06 08:57 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2015-01-02 14:53 - 2008-01-03 12:01 - 00000000 ____D () C:\windows\OvtCam
2015-01-02 14:51 - 2004-10-11 20:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-01-02 14:47 - 2013-05-03 20:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Skype
2015-01-02 13:50 - 2012-01-29 21:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
2015-01-02 13:28 - 2009-03-07 23:47 - 00271200 _____ () C:\windows\system32\PnkBstrB.xtr
2015-01-02 13:28 - 2008-12-27 18:59 - 00138160 _____ () C:\windows\system32\Drivers\PnkBstrK.sys
2015-01-02 13:28 - 2008-12-27 18:58 - 00271200 _____ () C:\windows\system32\PnkBstrB.exe
2015-01-02 13:28 - 2008-12-27 18:58 - 00075136 _____ () C:\windows\system32\PnkBstrA.exe
2015-01-02 13:09 - 2014-04-10 19:53 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2015-01-02 13:09 - 2012-07-26 19:33 - 00000769 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-02 12:34 - 2008-05-07 22:08 - 00000069 _____ () C:\windows\NeroDigital.ini
2015-01-02 12:18 - 2014-11-15 13:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-01-02 12:17 - 2013-01-26 23:44 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-02 12:17 - 2012-04-09 18:38 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-01-02 12:17 - 2011-05-22 22:06 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-02 11:18 - 2009-10-24 16:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Chilirec
2015-01-02 11:03 - 2006-04-24 10:44 - 00124928 _____ () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 10:47 - 2013-05-04 11:40 - 00033032 _____ () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\wklnhst.dat

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\temp\Quarantine.exe
C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---


Alt 07.01.2015, 08:47   #21
schrauber
/// the machine
/// TB-Ausbilder
 

Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Winlogon\Notify\wineyes: C:\windows\system32\welogon.dll ()
C:\windows\system32\welogon.dll
HKU\S-1-5-18\...\Run: [FRITZ!protect] => FwebProt.exe
BootExecute: autocheck autochk /r \??\G:autocheck autochk /r \??\N:au
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*'))%20%7B%20return%20'PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
R0 giveio; C:\windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
C:\windows\System32\giveio.sys
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Windows XP SP3 Firewall inaktiv

Alt 07.01.2015, 22:16   #22
Magic11
 
Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



So hier schon mal das log

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 07-01-2015
Ran by Magic at 2015-01-07 21:58:28 Run:1
Running from C:\FRST\FRST-OlderVersion
Loaded Profile: Magic (Available profiles: Magic & Administrator & Gast)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Winlogon\Notify\wineyes: C:\windows\system32\welogon.dll ()
C:\windows\system32\welogon.dll
HKU\S-1-5-18\...\Run: [FRITZ!protect] => FwebProt.exe
BootExecute: autocheck autochk /r \??\G:autocheck autochk /r \??\N:au
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.google.com" <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*'))%20%7B%20return%20'PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
R0 giveio; C:\windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
C:\windows\System32\giveio.sys
Emptytemp:
         
*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wineyes" => Key deleted successfully.
C:\windows\system32\welogon.dll => Moved successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\FRITZ!protect => value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
"HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\Tabs => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
giveio => Service stopped successfully.
giveio => Service deleted successfully.
C:\windows\System32\giveio.sys => Moved successfully.
EmptyTemp: => Removed 274.4 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 21:58:56 ====
         

Alt 08.01.2015, 07:57   #23
schrauber
/// the machine
/// TB-Ausbilder
 

Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



und weiter
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.01.2015, 22:24   #24
Magic11
 
Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=fc1a1ef9b188924fab2a07e872cc6389
# engine=21857
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-07 11:34:33
# local_time=2015-01-08 12:34:33 (+0100, Westeuropäische Normalzeit)
# country="Germany"
# lang=1031
# osver=5.1.2600 NT Service Pack 3
# scanned=314536
# found=9
# cleaned=9
# scan_time=7914
sh=82961301732E8AF889BDB1B7E50197C8B433BC5B ft=0 fh=0000000000000000 vn="Java/TrojanDownloader.OpenStream.NCM Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\63\306de57f-38e442b6"
sh=40D202A651FC7C6AE8C6773B0CD3FA8B652BCE09 ft=1 fh=9e25b6ea9088c4c6 vn="Win32/DownloadAdmin.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\downloads\PSP2991\Microsoft.Office.2010.Professional.Plus.x86.Full.Activated\Sd Card Formater Rescue del\cbsidlm-tr1_11-DDR_NTFS_Recovery-ORG-75305674.exe"
sh=40D202A651FC7C6AE8C6773B0CD3FA8B652BCE09 ft=1 fh=9e25b6ea9088c4c6 vn="Win32/DownloadAdmin.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\downloads\PSP2991\Microsoft.Office.2010.Professional.Plus.x86.Full.Activated\Sd Card Formater Rescue del\cbsidlm-tr1_11-DDR_Recovery-ORG-75305784.exe"
sh=40D202A651FC7C6AE8C6773B0CD3FA8B652BCE09 ft=1 fh=9e25b6ea9088c4c6 vn="Win32/DownloadAdmin.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\downloads\PSP2991\Microsoft.Office.2010.Professional.Plus.x86.Full.Activated\Sd Card Formater Rescue del\cbsidlm-tr1_11-DDR_Recovery_Pen_Drive-ORG-75312730.exe"
sh=4FE3AAD11CD9F6C83B111192E1F74598B105B872 ft=1 fh=d431394fd90e8fc0 vn="Win32/InstalleRex.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\downloads\PSP2991\Microsoft.Office.2010.Professional.Plus.x86.Full.Activated\XP Pro Corp SP3 mitKey pw 4boerse\Windows Loader v2.2.1.exe"
sh=12CF79FC957E9D7375BFF45F2C736A690BEC2D49 ft=1 fh=94b801675d29f3b6 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Programme\Dragon_Ball_Revenge_Of_King_Piccolo_PAL_Wii-WiiERD Lö\Neuer Ordner\SoftonicDownloader89153.exe"
sh=249ADF9740F0A002149855A15D93F70698E8A30F ft=1 fh=870f20eae3692438 vn="Win32/Packed.Autoit.C.Gen evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Programme\Dragon_Ball_Revenge_Of_King_Piccolo_PAL_Wii-WiiERD Lö\Resident Evil 4\ScanreadDateien\Winzip 14  Passwort 4you   00009.exe\CRC-Killer.exe\CRC-Killer.exe"
sh=6236FD68EB48403FAC158D2D5FF04724871476B6 ft=1 fh=c7ecabf2890312f0 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="E:\CX65\MyPhoneExplorer_Setup_v1.7.4.exe"
sh=955034C69D484803FD054C89B3017C902A56166B ft=1 fh=a3cf4d7b1ca87aed vn="Variante von Generik.ZQDUWE Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="E:\Spielstände\Black Mirror 2\whitemirror.dll"
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015
Ran by Magic at 2015-01-08 22:22:27
Running from C:\FRST\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3MobileWiFi (HKLM\...\3MobileWiFi) (Version: 15.001.06.02.156 - Huawei Technologies Co.,Ltd)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader 5.0 Sprint (HKLM\...\{D1696920-9794-4BBC-8A30-7A88763DE5A2}) (Version: 5.0.0.33418 - ABBYY Software House)
ABBYY FineReader OCR Engine (HKLM\...\{345C90FB-FA10-11D5-9C2A-0080C85A0C2D}) (Version:  - )
Acronis True Image WD Edition (HKLM\...\{A7D5787B-3A91-4433-A753-CFE520671683}) (Version: 13.0.14010 - Acronis)
Ad-Aware (HKLM\...\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}) (Version: 7.1.0.10 - Lavasoft)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Adobe® Photoshop® Album Starter Edition 3.0 (HKLM\...\{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}) (Version: 3.00.000 - Adobe Systems, Inc.)
Adobe® Photoshop® Album Starter Edition 3.2 (HKLM\...\Adobe® Photoshop® Album Starter Edition 3.2) (Version: 3.2.0 - hxxp://www.adobe.de)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Agere Systems PCI Soft Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - )
Alan Wake (HKLM\...\Alan Wake_is1) (Version:  - )
And Yet It Moves (HKLM\...\{2CEA7E55-D41E-4D58-91FB-E14F1FD690AE}) (Version: 1.00.0000 - )
Anti-Twin (Installation 27.06.2008) (HKLM\...\Anti-Twin 2008-06-27 21.21.39) (Version:  - Jorg Rosenthal, Germany)
Any Video Converter 3.4.0 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
AnyDVD (HKLM\...\AnyDVD) (Version: 7.1.5.0 - SlySoft)
Apowersoft Free Screen Recorder V1.1.0 (HKLM\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.1.0 - Apowersoft)
Apple Application Support (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Audacity 2.0.3 (HKLM\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Auslogics Disk Defrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd)
AVM FRITZ!Box AddOn (IE) (HKLM\...\{CEAD06D8-D033-4D2A-9328-AF49089E129F}) (Version: 1.7.0 - AVM Berlin)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
AVM FRITZ!DSL (HKLM\...\{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}) (Version: 2.04.03 - AVM Berlin)
BANG! Gunship Elite Demo (HKLM\...\{D434E46B-3222-11D4-9B62-004005E1220F}) (Version:  - )
Battle.net (HKLM\...\Battle.net) (Version:  - )
Battlefield 1942™ (HKLM\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Bing Bar (HKLM\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Black Mirror 1.2 (HKLM\...\Black Mirror_is1) (Version:  - Digital Tainment Pool)
Black Mirror III (HKLM\...\Black Mirror III_is1) (Version:  - dtp)
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.7.9.860 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{CD9D0827-A6D6-4E2C-B31E-23F01577E27B}) (Version: 0.7.9.860 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CA Licensing (Version: 1.52 - Computer Associates International, Inc.) Hidden
calibre (HKLM\...\{CA97CC85-FAF9-4316-9284-0F6CFA67B867}) (Version: 0.8.59 - Kovid Goyal)
Call of Duty(R) - World at War(TM) (HKLM\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) (Version: 1.0 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (Version: 1.00.0000 - Activision) Hidden
Call of Juarez - Bound in Blood (HKLM\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft)
Call of Juarez - Bound in Blood (Version: 1.00.0000 - Ubisoft) Hidden
Call of Juarez (HKLM\...\InstallShield_{3E7940A4-495B-4DC5-B5C9-D2EE1DE9E5EF}) (Version: 1.0.0.0 - Ubisoft)
Call of Juarez (Version: 1.0.0.0 - Ubisoft) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.21 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2316 - CDBurnerXP)
CDN Netzwerk Quartettspiel 1.6.3  (HKLM\...\CDN Netzwerk Quartettspiel) (Version: 1.6.3 - CDN Consulting & Development Network GmbH)
ChargeProfessional (HKLM\...\ChargeProfessional) (Version: 2.16 - eQ-3 Entwicklung GmbH)
ChargeProfessional (Version: 2.16 - eQ-3 Entwicklung GmbH) Hidden
ChargeProfessional 2005 1.5 (HKLM\...\ChargeProfession_0) (Version:  - )
Chilirec 1.01 (HKLM\...\Chilirec_0) (Version:  - )
Chrome (HKLM\...\InstallShield_{5281E5CC-70B1-4B1B-8731-B8533C9E5EEE}) (Version: 1.2.0.0 - Techland)
Chrome (Version: 1.2.0.0 - Techland) Hidden
Ciuvo (HKLM\...\{8DA04D15-6AB2-4E6F-95EB-E53B59F84001}) (Version: 1.3.668 - Ciuvo GmbH)
CloneDVD2 (HKLM\...\CloneDVD2) (Version:  - Elaborate Bytes)
C-Media High Definition Audio Driver (HKLM\...\C-Media Audio Driver) (Version:  - )
Company of Heroes 2 (HKLM\...\Steam App 231430) (Version:  - Relic Entertainment)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
concept/design onlineTV 10 (HKLM\...\{DCAB9AAC-1D1C-4B94-99B7-AA7D2617BD64}_is1) (Version: 10.6.0.0 - concept/design GmbH)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUCooL (remove only) (HKLM\...\CPUCooL) (Version:  - )
CPUID CPU-Z 1.55 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CPUID HWMonitor 1.19 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Creatix V.92 Data Fax Modem (HKLM\...\Creatix V.92 Data Fax Modem) (Version:  - )
Crysis WARHEAD(R) (HKLM\...\Crysis WARHEAD(R)) (Version:  - Electronic Arts)
Crysis WARHEAD(R) (Version: 1.0 - Crytek) Hidden
Crysis Wars(R) (HKLM\...\Crysis Wars(R)) (Version:  - Electronic Arts)
Crysis Wars(R) (Version: 1.0 - Crytek) Hidden
Crysis(R) SP Demo (HKLM\...\{92AF2F5A-4407-4A03-A80A-5A2582264746}) (Version: 1.00.0000 - Electronic Arts)
CrystalDiskInfo 4.0.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 4.0.2 - Crystal Dew World)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Der Inquisitor (HKLM\...\Der Inquisitor) (Version:  - )
DeviceControl (HKLM\...\{EABE2A27-9452-472E-9389-EFF410E956E1}) (Version: 1.00.0000 - MEDION)
Diablo (HKLM\...\Diablo) (Version:  - )
Diablo II (HKLM\...\Diablo II) (Version:  - )
Diablo III (HKLM\...\Diablo III) (Version: 1.0.1.9558 - Blizzard Entertainment)
Die drei Fragezeichen - Das verfluchte Schloss (HKLM\...\Die drei Fragezeichen - Das verfluchte Schloss_is1) (Version:  - )
DiRT2 (HKLM\...\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}) (Version: 1.00.0000 - Codemasters)
Disc2Phone (HKLM\...\{925936AC-9C9A-4897-874B-60961AAB6D52}) (Version: 1.5.185 - )
Disc2Phone (HKLM\...\{FFAB5ABB-8AAB-42E2-847F-1743E51E01E9}) (Version: 1.4.0.112 - Sony Media Software)
DivX Content Uploader (HKLM\...\DivX Content Uploader) (Version: 1.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX-Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC)
Droc´s AAM Tool 1.7.1 (HKLM\...\Doc´s AAM Tool 1.7.1_is1) (Version:  - Peter A. Gebhard)
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
DVDFab Virtual Drive Version 1.4.1.0 (HKLM\...\DVDFab Virtual Drive_is1) (Version: 1.4.1.0 - Fengtao Software Inc.)
dvdisaster-0.70.6 (HKLM\...\dvdisaster_is1) (Version:  - dvdisaster project)
DVD-RAM Driver (HKLM\...\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}) (Version: 5.0.2.1 - )
DynGate (HKLM\...\DynGate) (Version:  - )
ElsterFormular (HKLM\...\ElsterFormular 13.1.1.8479p) (Version: 13.1.1.8479p - Landesfinanzdirektion Thüringen)
eSupport UndeletePlus 3.0.2.1214 (HKLM\...\eSupport UndeletePlus_is1) (Version:  - Copyright © 2011 eSupport.com • All Rights Reserved)
eTrust Antivirus Registration (HKLM\...\{C5223522-2B12-4522-B165-99EE6C88771E}) (Version: 1.0.2 - Antivirus Offer)
EVGA Precision 2.1.1 (HKLM\...\Precision) (Version: 2.1.1 - EVGA Corporation)
Ext2 IFS 1.11a for Windows XP (HKLM\...\Ext2Ifs_for_NT501) (Version:  - )
Fahrenheit (HKLM\...\{BA10AC78-E687-4523-8B93-540428FC256F}) (Version: 1.1 - Ihr Firmenname)
Far Cry 2 (HKLM\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.01.00 - Ubisoft)
FastStone Capture 5.3 (HKLM\...\FastStone Capture) (Version: 5.3 - FastStone Soft)
FastStone Pacman 1.4 (HKLM\...\FastStone Pacman) (Version: 1.4 - FastStone Soft)
Flash Drive Tester v1.14 (HKLM\...\{272C8DEE-F54F-406C-9AA6-B4DE2985A47C}) (Version: 1.14 - Virtual Console)
foobar2000 v1.2.9 (HKLM\...\foobar2000) (Version: 1.2.9 - Peter Pawlowski)
Free Screen Video Recorder version 2.5.30.610 (HKLM\...\Free Screen Video Recorder_is1) (Version: 2.5.30.610 - DVDVideoSoft Ltd.)
FreeCommander 2009.02b (HKLM\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)
FTDI USB Serial Converter Drivers (HKLM\...\FTDICOMM) (Version:  - )
Generic USB CardReader 2.0 (HKLM\...\{EA1CB7AC-E221-4822-A789-0ADB051DC498}) (Version:  - )
getPlus(R)_ocx (HKLM\...\getPlus(R)_ocx) (Version:  - )
Gigaset QuickSync (HKLM\...\{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}) (Version: 7.2.0844.6 - Gigaset Communications GmbH)
Google Chrome (HKLM\...\Google Chrome) (Version: 27.0.1453.94 - Google Inc.)
Google Earth (HKLM\...\{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}) (Version: 7.0.3.8542 - Google)
Google Toolbar for Firefox (HKLM\...\{2CCBABCB-6427-4A55-B091-49864623C43F}) (Version: 7.1.20110512 - Google)
Google Update Helper (Version: 1.3.21.145 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GOTO PPL-C (HKLM\...\{809B22DC-A386-4F22-0023-DE0000000001}) (Version: 1.0 - Peters Software)
Grand Theft Auto Vice City (HKLM\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
Groschengrab 2.5 (HKLM\...\Groschengrab 2.5) (Version:  - )
GTR 2 1.0.0.0 (HKLM\...\{D560A981-FEB3-42F0-A61A-13E9528E0C51}_is1) (Version: v1.0.0.0 - 10tacle Studios Publishing AG)
GTR Evolution (HKLM\...\GTR Evolution_1.1.1.2_is1) (Version:  - SimBin)
GTR Evolution (HKLM\...\Steam App 8660) (Version:  - SimBin)
Haali Media Splitter (HKLM\...\HaaliMkx) (Version:  - )
Half-Life: Blue Shift (HKLM\...\Half-Life: Blue Shift) (Version:  - )
HALF-LIFE: COUNTER-STRIKE (HKLM\...\HALF-LIFE: COUNTER-STRIKE) (Version:  - )
Half-Life: Opposing Force (HKLM\...\Half-Life: Opposing Force) (Version:  - )
Hard Disk Low Level Format Tool 4.12 (HKLM\...\Hard Disk Low Level Format Tool_is1) (Version:  - HDDGURU)
HDD Health v3.3 Beta (HKLM\...\HDD Health_is1) (Version:  - )
HDD Thermometer (HKLM\...\HDD Thermometer) (Version: 1.3 - RSD Software Inc.)
HDD-Booster v1.2 (HKLM\...\HDD-Booster_is1) (Version:  - ASCOMP Software GmbH)
HeavyWeatherPublisher 1.0 (HKLM\...\HeavyWeatherPublisher_is1) (Version:  - LaCrosse Technology USA)
HeavyWeatherReview 1.0 (HKLM\...\HeavyWeatherReview_is1) (Version:  - LaCrosse Technology USA)
HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs (HKLM\...\{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}) (Version: 1.1.1905.1 - Microsoft Corporation)
Hitman - Codename 47 (HKLM\...\Hitman - Codename 47) (Version:  - )
Holly 2 Magic Land (HKLM\...\Holly 2 Magic Land_is1) (Version:  - BigFishGames)
Hotfix für Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation)
HP USB Disk Storage Format Tool (HKLM\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version:  - )
ICQ6.5 (HKLM\...\{60DE4033-9503-48D1-A483-7846BD217CA9}) (Version: 6.5 - ICQ)
IKEA Home Planner (HKLM\...\{E7310F2E-C551-4FAB-BA07-EAC2E158B1BB}) (Version: 1.9.9 - IKEA IT)
Informationen über Ihren PC (HKLM\...\{3D1A6B70-3E02-49BC-88B0-916C80274632}) (Version:  - )
InterActual Player (HKLM\...\InterActual Player) (Version:  - )
IsoBuster 2.7 (HKLM\...\IsoBuster_is1) (Version: 2.7 - Smart Projects)
iTunes (HKLM\...\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kingpin: Life of Crime (HKLM\...\Kingpin) (Version:  - )
K-Meleon 1.5.4 de-DE (nur entfernen) (HKLM\...\K-Meleon) (Version: 1.5.4 - K-Meleon Team)
KW's ReDown 1.6 (HKLM\...\{534E26BF-4746-475A-9AAB-128486122624}_is1) (Version:  - )
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version:  - )
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 9.01.1124.01 - )
LightScribe  1.6.43.1 (Version: 1.6.43.1 - hxxp://www.lightscribe.com) Hidden
Lock On: Modern Air Combat (HKLM\...\{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}) (Version: 1.00.000 - )
Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version:  - )
Logitech Gaming Software 5.10 (HKLM\...\{60D32CDC-E3BE-4578-BA10-29322307CDDC}) (Version: 5.10.127 - Logitech)
Logitech ImageStudio (HKLM\...\{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}) (Version: 7.30.0000 - Logitech, Inc.)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.1.0.210 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.1.0.210 - LogMeIn, Inc.) Hidden
LOST PLANET COLONIES (HKLM\...\{6FCFA783-CE7B-4018-AC48-0E6EEAAEA322}) (Version: 1.00.129 - CAPCOM CO.,LTD.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Max Payne (HKLM\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version:  - )
MediaShow 3.0 (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version:  - )
Medieval II Total War (HKLM\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.00.0000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2656353) (HKLM\...\M2656353) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2656370) (HKLM\...\M2656370) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU (HKLM\...\{C314CE45-3392-3B73-B4E1-139CD41CA933}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU (HKLM\...\{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ActiveSync 4.0 (HKLM\...\{B208806F-A231-4FA0-AB3F-5C1B8979223E}) (Version: 4.2.4876.0 - Microsoft Corporation)
Microsoft AutoRoute 2005 (HKLM\...\{67E4EE98-59F4-4220-89A6-A20AF5BEC689}) (Version: 12.00.07.1200 - Microsoft Corporation)
Microsoft Encarta Enzyklopädie 2005 (HKLM\...\{05440044-64A6-4248-A026-9745C1E9E159}) (Version: 2005 - Microsoft Corporation)
Microsoft Flight Simulator X Demo (HKLM\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE (HKLM\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office FrontPage 2003 (HKLM\...\{90170407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote 2003 (HKLM\...\{90A10407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Project Professional 2003 (HKLM\...\{903B0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Visio Professional 2003 (HKLM\...\{90510407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Picture It! Foto Premium 10 (HKLM\...\PictureItPrem_v10) (Version: 10.0.0715 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Tool Web Package:diskpart.exe (HKLM\...\{9782762F-639B-499B-A23D-5EBEAFC160E6}) (Version: 1.0.0.1 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows-Journal-Viewer (HKLM\...\{43DCF766-6838-4F9A-8C91-D92DA586DFA7}) (Version: 1.5.2315.3 - Microsoft)
Microsoft Word 2002 (HKLM\...\{911B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Works (HKLM\...\{B26E3B0D-C2FA-4370-B068-7C476766F029}) (Version: 08.04.0702 - Microsoft Corporation)
Microsoft Works Suite-Add-Ins für Microsoft Word (HKLM\...\{C6A12D9B-D86A-4ee6-B980-95E4B26A2E13}) (Version: 8.0.0.0000 - Microsoft Corporation)
Microsoft WorldWide Telescope (HKLM\...\{B559F2B9-E0BE-484C-A0E1-59C79B8C9325}) (Version: 3.0.76 - Microsoft Research)
Mobile Modem Assistant (HKLM\...\{A6B7B910-69BE-4873-8CA8-B5C37BAFE9F4}) (Version: 1.00.000 - )
Mobile Phone Manager (HKLM\...\InstallShield_{6BAA26DB-2D4E-42B6-BC3F-3B58144A64B6}) (Version: 3.04.40.48.4 - Siemens AG)
Mobile Phone Manager (Version: 3.04.40.48.4 - Siemens AG) Hidden
Mobile Phone Manager (Version: 4.06.17.31.0.1 - BenQ Mobile GmbH & Co. OHG) Hidden
MobileMe Control Panel (HKLM\...\{A71D5E81-B967-43DB-93D7-FD31BFB95748}) (Version: 3.1.5.0 - Apple Inc.)
Movavi Screen Capture Studio 4 (HKLM\...\Movavi Screen Capture Studio 4) (Version: 4.3.3 - MOVAVI)
Mozilla Firefox 34.0.5 (x86 de) (HKLM\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mplayer.com (HKLM\...\Mplayer.com) (Version:  - )
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Multi-Card Reader & Flash Disk (HKLM\...\{83F3EED2-DDE2-4434-8FBE-9D2A1E7C2BC9}) (Version: 1.00.0000 - )
Mumble 1.2.3 (HKLM\...\{C3E9887A-23BA-4777-8080-191A5AFCAB74}) (Version: 1.2.3 - Thorvald Natvig)
Musicmatch® Jukebox (HKLM\...\{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}) (Version: 9.00.5100 - )
myMP3 4.0 (HKLM\...\myMP3 4.0) (Version:  - )
Nero 7 Essentials (HKLM\...\{99D328E0-51DE-465E-9307-B85CA9511031}) (Version: 7.03.0992 - Nero AG)
Nero 7 Essentials (HKLM\...\{A2104078-AAA5-449E-95DD-55C9443A1031}) (Version: 7.02.8506 - Nero AG)
Nero BackItUp 4 Essentials (HKLM\...\{4e1ff274-2934-427f-81b4-fd695c8aa0b8}) (Version:  - Nero AG)
NiBiRu 1.2 (HKLM\...\NiBiRu_is1) (Version:  - Digital Tainment Pool)
Nokia Connectivity Cable Driver (HKLM\...\{0906982B-A432-4C06-8F01-C01BE1143779}) (Version: 7.1.92.0 - Nokia)
Nokia Map Loader (HKLM\...\{45D4F727-43B5-49CD-B474-B9866A8F4FB8}) (Version: 3.0.22 - Nokia)
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.6.36.0 - Nokia)
Nokia Suite (Version: 3.6.36.0 - Nokia) Hidden
Notepad++ (HKLM\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Novacomd (HKLM\...\{BA9A297F-0198-4EE8-90CB-F5036C180E1D}) (Version: 1.0.0.46 - Palm, Inc.)
Nuance RealSpeak Solo German (HKLM\...\InstallShield_{38743B23-0A51-42CD-8F0F-B17D15D1B134}) (Version: 1.00.0000 - Nuance)
Nuance RealSpeak Solo German (Version: 1.00.0000 - Nuance) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 285.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.58 - NVIDIA Corporation)
NVIDIA nView 135.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 135.95 - NVIDIA Corporation)
NVIDIA Performance (HKLM\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA System Monitor (HKLM\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)
Obscure (HKLM\...\InstallShield_{95633EBE-216B-48B5-B103-0C9919787F46}) (Version: 1.00.0000 - Ihr Firmenname)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.1.12.73 - Electronic Arts, Inc.)
Pac Man Advanced 1.1.0 (HKLM\...\Pac Man Advanced_is1) (Version: 1.1.0 - Novel Games Limited)
Pando (HKLM\...\{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}) (Version: 2.5.1.4 - Pando Networks Inc.)
PaperPort (HKLM\...\{71C97545-E547-4A8B-B0C8-61FF853270AC}) (Version: 9.02.0827 - ScanSoft, Inc.)
Paragon Migrate OS to SSD™ (HKLM\...\{D4378A80-C713-11DF-9399-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM\...\{BA77F9D2-CD35-41EB-9BC9-769879DFF8A6}) (Version: 12.0.48.0 - Nokia)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 0.9.6 - Frank Heindörfer, Philip Chinery)
PDFCreator Toolbar (HKLM\...\PDFCreator Toolbar) (Version: 3.3.0.1 - )
phonostar-Player Version 2.01.4 (HKLM\...\phonostarRadioPlayer_is1) (Version:  - )
PhotoNow! 1.0 (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version:  - )
PhotoShow Deluxe 3 (HKLM\...\PhotoShow Deluxe 3) (Version: 3.0 - Simple Star, Inc.)
PowerCinema 3.0 (HKLM\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version:  - )
PowerDirector (HKLM\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
PowerStrip 3 (remove only) (HKLM\...\PowerStrip 3 (remove only)) (Version:  - )
Pro Pinball - Big Race USA (HKLM\...\Pro Pinball - Big Race USA_is1) (Version:  - GOG.com)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickLOAD-QuickTARGET Demo (HKLM\...\ST5UNST #1) (Version:  - )
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Radio.fx (HKLM\...\Tobit Radio.fx Server) (Version:  - Tobit.Software)
Rapture3D 2.3.22 Game (HKLM\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
RealDownloader (Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
RealUpgrade 1.0 (Version: 1.0.0 - RealNetworks, Inc.) Hidden
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
Reiner Knizia's Samurai 1.5.1 (HKLM\...\Reiner Knizia's Samurai_is1) (Version: 1.5.1 - Klear Games, L.L.C.)
Remobo (HKLM\...\Remobo) (Version:  - )
Return to Castle Wolfenstein (HKLM\...\Return to Castle Wolfenstein) (Version: 1.0 - Activision, Inc.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Ricochet Xtreme (HKLM\...\Ricochet_is1) (Version:  - )
Rising Storm/Red Orchestra 2 Multiplayer (HKLM\...\Steam App 35450) (Version:  - Tripwire Interactive)
RivaTuner v2.22 (HKLM\...\RivaTuner) (Version:  - )
Roger Wilco (HKLM\...\Roger Wilco) (Version:  - )
RT2500 USB Wireless LAN Card (HKLM\...\{5490B6EF-5A48-40B7-A9E0-D3B886D17A29}) (Version: 1.00.00.05 - RALINK)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Saitek SST Programming Software (HKLM\...\{967FB80D-56BD-42EF-A942-9E8C78F984A4}) (Version: 1.00.0000 - Saitek)
Sandboxie 3.48 (HKLM\...\Sandboxie) (Version:  - )
ScanWizard 5 (HKLM\...\{B08D262E-D902-11D5-9C28-0080C85A0C2D}) (Version:  - )
SCL011 Contactless Reader (HKLM\...\{101A21B2-E102-4F64-A7FA-CEF7182D0E2D}) (Version: 1.01 - SCM Microsystems)
Scott's Space Invaders v 1.9 (HKLM\...\Scott's Space Invaders_is1) (Version: 1.9 - SB-Software)
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.0 - Seagate Technology)
SecurDisc Viewer (HKLM\...\{ABD1DC2F-0D20-4C44-BEB9-3EEFA0EA1031}) (Version: 7.02.8511 - Nero AG)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Setup-Start von Microsoft Works 2005 (HKLM\...\Works2005Setup) (Version:  - )
Shareaza 2.5.5.0 (HKLM\...\Shareaza_is1) (Version: 2.5.5.0 - Shareaza Development Team)
Shockwave (HKLM\...\Shockwave) (Version:  - )
Sicherheitsupdate für Windows Internet Explorer 8 (KB2183461) (HKLM\...\KB2183461-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2360131) (HKLM\...\KB2360131-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2416400) (HKLM\...\KB2416400-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2482017) (HKLM\...\KB2482017-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2497640) (HKLM\...\KB2497640-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (HKLM\...\KB2510531-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2530548) (HKLM\...\KB2530548-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (HKLM\...\KB2544521-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2586448) (HKLM\...\KB2586448-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2618444) (HKLM\...\KB2618444-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2647516) (HKLM\...\KB2647516-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2675157) (HKLM\...\KB2675157-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2699988) (HKLM\...\KB2699988-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (HKLM\...\KB2722913-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2909210) (HKLM\...\KB2909210-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB2936068) (HKLM\...\KB2936068-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB969897) (HKLM\...\KB969897-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB971961) (HKLM\...\KB971961-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB972260) (HKLM\...\KB972260-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB974455) (HKLM\...\KB974455-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB976325) (HKLM\...\KB976325-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB978207) (HKLM\...\KB978207-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB981332) (HKLM\...\KB981332-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 8 (KB982381) (HKLM\...\KB982381-IE8) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB911564) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Siemens SmartSync (HKLM\...\{5B12573C-9C90-4790-BFEE-2BC43C2EB997}) (Version:  - )
Sierra Utilities (HKLM\...\Sierra Utilities) (Version:  - )
SiSoftware Sandra Lite 2012.SP4 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 18.45.2012.6 - SiSoftware)
Skypad (HKLM\...\Skypad) (Version:  - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.0.10297 - Skype Technologies S.A.)
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Smart Manager (HKLM\...\{1E02403C-C469-4937-9B94-7DF9F78888FA}) (Version:  - )
Software Informer 1.0 BETA (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Soldat 1.5.0 (HKLM\...\Soldat_is1) (Version:  - Michal Marcinkowski)
Sony Ericsson Media Manager 1.2 (HKLM\...\{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}) (Version: 1.2.610 - Sony Ericsson)
Sony Ericsson PC Suite 3.209.00 (HKLM\...\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}) (Version: 3.209.00 - Sony Ericsson)
SpeedBit Video Accelerator (HKLM\...\SpeedBit Video Accelerator) (Version: 2249(build_665) - SpeedBit Ltd.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
SPEED-LINK Medusa 5.1 USB (HKLM\...\C-Media USB Sound) (Version:  - )
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems)
Spyware Doctor 5.0 (HKLM\...\Spyware Doctor) (Version: 5.0 - PC Tools)
Star Wars JK II Jedi Outcast (HKLM\...\{576E71DA-3000-48F6-9B21-B9A70D47DFCF}) (Version:  - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49 (HKLM\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2011.build.49 - eRightSoft)
Super Collapse! Puzzle Gallery 4 (HKLM\...\Super Collapse! Puzzle Gallery 4) (Version: 1.0.0 - Zylom Games)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TeamSpeak 2 RC2 (HKLM\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.12799 - TeamViewer)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
The Core Media Player 4.0 (HKLM\...\The Core Media Player) (Version:  - )
The Witcher 2 (HKLM\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
TomTom HOME (HKLM\...\{EC5F4C1B-F838-4CB7-8561-8F809296428B}) (Version: 2.9.5 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Toolbar fuer eBay (HKLM\...\TBSB03968.TBSB03968Toolbar) (Version:  - )
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.57a - Ghisler Software GmbH)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TuneUp Utilities 2009 (HKLM\...\{55A29068-F2CE-456C-9148-C869879E2357}) (Version: 8.0.3310.3 - TuneUp Software)
UGS JT2Go (HKLM\...\{E0DF9069-9702-4188-AAA9-D1C24BC79669}) (Version: 7.1.7320 - UGS)
Ulead Photo Explorer 8.0 SE Basic (HKLM\...\{D271DAE0-8D68-4C97-8356-A126D48A1D8C}) (Version: 8.0 - Ulead Systems, Inc.)
Undelete Plus 2.71 (HKLM\...\Undelete Plus_is1) (Version:  - FDRLab)
UndeletePlus™ 3.0.0.602 (HKLM\...\UndeletePlus™_is1) (Version:  - Copyright © 2009 Phoenix Technologies • All Rights Reserved)
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update für Windows Internet Explorer 8 (KB971180) (HKLM\...\KB971180-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB980302) (HKLM\...\KB980302-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB982632) (HKLM\...\KB982632-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 8 (KB982664) (HKLM\...\KB982664-IE8) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955704) (HKLM\...\KB955704) (Version: 1 - Microsoft Corporation)
Update Service (HKLM\...\Update Service) (Version: 2.8.5.12 - Sony Ericsson Mobile Communications AB)
USB Wireless Keyboard Driver (HKLM\...\{D1955A3A-EA24-4682-8641-43B5B688B09A}) (Version:  - )
User Profile Hive Cleanup Service (HKLM\...\{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}) (Version: 1.6.30 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
VGA USB Camera (HKLM\...\VGA USB Camera) (Version:  - )
videon (HKLM\...\{261D0486-9127-4071-BA1D-FE784310752E}) (Version: 3.5 - muvee Technologies)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.17550 - Vodafone)
W83L518D (HKLM\...\{CD815603-AB71-4CFB-B3AC-522298037ACC}) (Version:  - )
Warcraft III (HKLM\...\Warcraft III) (Version:  - Blizzard Entertainment)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Wheel of Time (HKLM\...\Wheel of Time) (Version:  - )
Window-Eyes 7.5.4.0 (HKLM\...\{2C077F43-2B29-49CF-9924-1D932824302F}) (Version: 7.5.4 - GW Micro, Inc.)
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Driver Package - Palm (WinUSB) Palm Devices  (11/30/2008 1.0.0) (HKLM\...\84713BEB4A2EB4B0E2F1346FDEBFFE94DAB5225D) (Version: 11/30/2008 1.0.0 - Palm)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows-Sicherungsprogramm (HKLM\...\{76EFFC7C-17A6-479D-9E47-8E658C1695AE}) (Version: 5.1 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Wings Of Fury (HKLM\...\Wings Of Fury) (Version:  - )
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinTrack 6.0 3D (HKLM\...\wintrack6_is1) (Version: 6.0 - Ing.-Büro Schneider)
WinZip (HKLM\...\WinZip) (Version:  - )
WISO Mein Geld 5 (HKLM\...\{8CD9282B-A8F4-4A6D-A11C-6B9738975B00}) (Version:  - )
WONswap (HKLM\...\WONswap) (Version:  - )
Works Update (Version: 8.0.0.0000 - Microsoft Corporation) Hidden
World of Warcraft (HKLM\...\World of Warcraft) (Version: 4.3.0.15050 - Blizzard Entertainment)
WSM-Online (HKLM\...\{C33C67C0-6787-4260-A340-1AFE21DE907A}) (Version: 1.0.7 - BMW AG)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )
X3: Reunion v2.0.02 (HKLM\...\X3-Reunion2.0.02DE_is1) (Version:  - EGOSOFT)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.7.2.20130122 - Xilisoft)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version:  - )
Zattoo 3.3.1 Beta (HKLM\...\Zattoo) (Version: 3.3.1 Beta - Zattoo Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1488483606-1045282719-2118933040-1011_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-10-12 04:46 - 2015-01-04 18:55 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\1-Klick-Wartung.job => C:\Programme\TuneUp Utilities 2009\OneClickStarter.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job => C:\windows\system32\xp_eos.exe
Task: C:\windows\Tasks\Google Software Updater.job => C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1ce565cc67ec5e0.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\MP Scheduled Scan.job => C:\Programme\Windows Defender\MpCmdRun.exe
Task: C:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1488483606-1045282719-2118933040-1011.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1488483606-1045282719-2118933040-1011.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1488483606-1045282719-2118933040-1007.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1488483606-1045282719-2118933040-1011.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1488483606-1045282719-2118933040-1007.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1488483606-1045282719-2118933040-1011.job => C:\Programme\Real\RealUpgrade\realupgrade.exe
Task: C:\windows\Tasks\ReclaimerResumeInstall_Magic.job => C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe
Task: C:\windows\Tasks\User_Feed_Synchronization-{D8C0ACC2-FA46-413B-B33A-93D4EC6B55F7}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2008-12-13 23:07 - 2001-10-28 17:42 - 00116224 _____ () C:\windows\system32\pdfcmnnt.dll
2011-12-01 17:11 - 2011-12-01 17:11 - 00743936 _____ () C:\Programme\CPUCooL\CooLSrv.exe
2010-09-11 11:38 - 2010-03-04 22:38 - 00071096 _____ () C:\Programme\CDBurnerXP\NMSAccessU.exe
2013-04-16 02:07 - 2013-04-16 02:07 - 00039056 _____ () C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
2010-07-04 22:32 - 2010-07-04 22:32 - 00004608 _____ () C:\Programme\Unlocker\UnlockerHook.dll
2015-01-02 11:26 - 2015-01-02 11:26 - 03758192 _____ () C:\Programme\Mozilla Firefox\mozjs.dll
2010-07-04 20:51 - 2010-07-04 20:51 - 00017408 _____ () C:\Programme\Unlocker\UnlockerAssistant.exe
2005-11-24 22:24 - 2005-11-24 22:24 - 00053248 _____ () C:\Programme\Haali\MatroskaSplitter\mmfinfo.dll
2005-11-24 22:22 - 2005-11-24 22:22 - 00023552 _____ () C:\Programme\Haali\MatroskaSplitter\mkunicode.dll
2004-09-12 02:47 - 2004-09-12 02:47 - 00126464 _____ () C:\Programme\The Core Media Player\System\coreshellagent.cll
2009-03-19 00:02 - 2008-09-16 20:18 - 00132608 _____ () C:\Programme\WinRAR\rarext.dll
2008-06-28 13:48 - 1998-10-17 06:00 - 00033792 _____ () C:\Programme\WinZip\WZSHLEXT.DLL
2012-08-11 14:11 - 2011-10-26 16:41 - 00325120 _____ () C:\Programme\TeraCopy\TeraCopy.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Dokumente und Einstellungen\Magic\Eigene Dateien\Shareaza Downloads:Shareaza.GUID

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aawservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Audible Download Manager.lnk => C:\windows\pss\Audible Download Manager.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^CHIP Exklusiv.lnk => C:\windows\pss\CHIP Exklusiv.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^FRITZ!DSL Protect.lnk => C:\windows\pss\FRITZ!DSL Protect.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^FRITZ!DSL Startcenter.lnk => C:\windows\pss\FRITZ!DSL Startcenter.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^heavy weather.lnk => C:\windows\pss\heavy weather.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office OneNote 2003 Schnellstart.lnk => C:\windows\pss\Microsoft Office OneNote 2003 Schnellstart.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk => C:\windows\pss\Microsoft Office.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^PowerCinema.lnk => C:\windows\pss\PowerCinema.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Ralink Wireless Utility.lnk => C:\windows\pss\Ralink Wireless Utility.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^RAMASST.lnk => C:\windows\pss\RAMASST.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Scanner Finder.lnk => C:\windows\pss\Scanner Finder.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Windows Search.lnk => C:\windows\pss\Windows Search.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^Magic^Startmenü^Programme^Autostart^FRITZ!DSL Startcenter.lnk => C:\windows\pss\FRITZ!DSL Startcenter.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^Desktopnotes.lnk => C:\windows\pss\Desktopnotes.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^FRITZ!DSL Protect.lnk => C:\windows\pss\FRITZ!DSL Protect.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^FRITZ!DSL Startcenter.lnk => C:\windows\pss\FRITZ!DSL Startcenter.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^hamachi.lnk => C:\windows\pss\hamachi.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^IFH Server.lnk => C:\windows\pss\IFH Server.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^JDownloader.exe.lnk => C:\windows\pss\JDownloader.exe.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^K-Meleon Loader.lnk => C:\windows\pss\K-Meleon Loader.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^Seagate 2GHL8K0H Registrierungen.lnk => C:\WINDOWS\pss\Seagate 2GHL8K0H Registrierungen.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^Seagate 2GHL8LHT Registrierungen.lnk => C:\WINDOWS\pss\Seagate 2GHL8LHT Registrierungen.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^WSM-Online-Agent.lnk => C:\windows\pss\WSM-Online-Agent.lnkStartup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^User^Startmenü^Programme^Autostart^WSM-Online.lnk => C:\windows\pss\WSM-Online.lnkStartup
MSCONFIG\startupreg: 1und1Dispatcher => "C:\Programme\1und1Softwareaktualisierung\SchedDispatcher.exe" xp
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Programme\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AGRSMMSG => AGRSMMSG.exe
MSCONFIG\startupreg: AlcoholAutomount => "C:\Programme\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
MSCONFIG\startupreg: AnyDVD => C:\Programme\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: AOLMIcon => C:\Programme\Gemeinsame Dateien\AOLSHARE\AOLMIcon.exe
MSCONFIG\startupreg: AppleSyncNotifier => C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Programme\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: BluetoothAuthenticationAgent => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
MSCONFIG\startupreg: CHotkey => mHotkey.exe
MSCONFIG\startupreg: Cmaudio => RunDll32 cmicnfg.cpl,CMICtrlWnd
MSCONFIG\startupreg: CmUsbSound => RunDll32 cmcnfgu.cpl,CMICtrlWnd
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Programme\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Programme\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Dit => Dit.exe
MSCONFIG\startupreg: DivX Download Manager => "C:\Programme\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: DivXUpdate => "C:\Programme\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DVDFab VDrive => "C:\Programme\DVDFab Virtual Drive\vdrive.exe"
MSCONFIG\startupreg: GameXN GO => "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GameXN\GameXNGO.exe" /startup
MSCONFIG\startupreg: H/PC Connection Agent => "C:\Programme\Microsoft ActiveSync\wcescomm.exe"
MSCONFIG\startupreg: HeavyWeatherPublisher => C:\Programme\HeavyWeather\HeavyWeatherPublisher.exe -minimized
MSCONFIG\startupreg: InCD => C:\Programme\Nero\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: IndexSearch => C:\Programme\ScanSoft\PaperPort\IndexSearch.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: LDM => C:\Programme\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
MSCONFIG\startupreg: ledpointer => CNYHKey.exe
MSCONFIG\startupreg: LGODDFU => C:\Programme\lg_fwupdate\fwupdate.exe blrun
MSCONFIG\startupreg: LightScribe Control Panel => C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: LogitechGalleryRepair => C:\Programme\Logitech\ImageStudio\ISStart.exe
MSCONFIG\startupreg: LogitechImageStudioTray => C:\Programme\Logitech\ImageStudio\LogiTray.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Programme\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: LVCOMS => C:\Programme\Gemeinsame Dateien\Logitech\QCDriver3\LVCOMS.EXE
MSCONFIG\startupreg: MailCheck IE Broker => "C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe"
MSCONFIG\startupreg: mmtask => "C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
MSCONFIG\startupreg: Mobile Partner => C:\Programme\3MobileWiFi\3MobileWiFi
MSCONFIG\startupreg: MobileConnect => %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
MSCONFIG\startupreg: MsgCenterExe => "c:\program files\real\realplayer\update\RealOneMessageCenter.exe"  -osboot
MSCONFIG\startupreg: MSMSGS => "C:\Programme\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: My Web Search Bar Search Scope Monitor => "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
MSCONFIG\startupreg: MyWebSearch Email Plugin => C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
MSCONFIG\startupreg: NBKeyScan => "C:\Programme\Nero\Nero BackItUp 4\NBKeyScan.exe"
MSCONFIG\startupreg: NokiaMServer => C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaSuite.exe => C:\Programme\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: nwiz => C:\Programme\NVIDIA Corporation\nview\nwiz.exe /installquiet
MSCONFIG\startupreg: PaperPort PTD => C:\Programme\ScanSoft\PaperPort\pptd40nt.exe
MSCONFIG\startupreg: PCMService => "C:\Programme\Home Cinema\PowerCinema\PCMService.exe"
MSCONFIG\startupreg: PhonostarTimer => C:\Programme\phonostar\ps_timer.exe
MSCONFIG\startupreg: PhotoShow Deluxe Media Manager => C:\PROGRA~1\PHOTOS~1\data\Xtras\mssysmgr.exe
MSCONFIG\startupreg: PowerStrip => c:\programme\powerstrip\pstrip.exe
MSCONFIG\startupreg: Profiler => C:\Programme\Saitek\Software\ProfilerU.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Programme\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: Remobo => C:\Programme\Remobo\Remobo-GUI.exe
MSCONFIG\startupreg: rfxsrvtray => "E:\Tobit Radio.fx\Client\rfx-tray.exe"
MSCONFIG\startupreg: RSD_HDDThermo => C:\Programme\HDD Thermometer\HDD Thermometer.exe
MSCONFIG\startupreg: SaiMfd => C:\Programme\Saitek\Software\SaiMfd.exe
MSCONFIG\startupreg: SandboxieControl => "C:\Programme\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Shareaza => "C:\Programme\Shareaza\Shareaza.exe" -tray
MSCONFIG\startupreg: SideWinderTrayV4 => C:\PROGRA~1\MI948F~1\GAMECO~1\Common\SWTrayV4.exe
MSCONFIG\startupreg: Siemens SmartSync - ScheduleSync => C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE
MSCONFIG\startupreg: Skype => "C:\Programme\Skype\\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: SmartSync - ScheduleSync => C:\PROGRA~1\MOBILE~1\SMARTS~1\SCHEDU~1.EXE
MSCONFIG\startupreg: SpeedBitVideoAccelerator => "C:\Programme\SpeedBit Video Accelerator\VideoAccelerator.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SSBkgdUpdate => "C:\Programme\Gemeinsame Dateien\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
MSCONFIG\startupreg: Start WingMan Profiler => C:\Programme\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: Steam => "D:\Programme\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TkBellExe => "C:\program files\real\realplayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe" -s
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
MSCONFIG\startupreg: Ulead AutoDetector => C:\Programme\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
MSCONFIG\startupreg: UnlockerAssistant => "C:\Programme\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: Verknüpfung mit der High Definition Audio-Eigenschaftenseite => HDAudPropShortcut.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: vProt => "C:\Programme\AVG Secure Search\vprot.exe"
MSCONFIG\startupreg: WMPNSCFG => C:\Programme\Windows Media Player\WMPNSCFG.exe
MSCONFIG\startupreg: Ykapli => "C:\Dokumente und Einstellungen\User\Anwendungsdaten\Ukmegy\imdoi.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1488483606-1045282719-2118933040-500 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Administrator
ASPNET (S-1-5-21-1488483606-1045282719-2118933040-1005 - Limited - Enabled)
Gast (S-1-5-21-1488483606-1045282719-2118933040-501 - Limited - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Gast
Hilfeassistent (S-1-5-21-1488483606-1045282719-2118933040-1006 - Limited - Disabled)
Magic (S-1-5-21-1488483606-1045282719-2118933040-1011 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Magic
SUPPORT_388945a0 (S-1-5-21-1488483606-1045282719-2118933040-1002 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: RT2500 USB Wireless LAN Card
Description: RT2500 USB Wireless LAN Card
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Ralink Technology Corp.
Service: RT2500USB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Description: Bluetooth-Gerät (RFCOMM-Protokoll-TDI)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RFCOMM
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Bluetooth-Auflistung
Description: Microsoft Bluetooth-Auflistung
Class Guid: {E0CBF06C-CD8B-4647-BB8A-263B43F0F974}
Manufacturer: Microsoft
Service: BthEnum
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Gerät (PAN)
Description: Bluetooth-Gerät (PAN)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unimodem Halbduplex Audiogerät
Description: Unimodem Halbduplex Audiogerät
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: MODEMCSA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: CZK QBOTM78PQF SCSI CdRom Device
Description: CD-ROM-Laufwerk
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VNC Mirror Driver
Description: VNC Mirror Driver
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: RealVNC
Service: vncmirror
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Remobo Instant Private Network
Description: Remobo Instant Private Network
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: AWIT Systems, Inc.
Service: hipeer20
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ELBY CLONEDRIVE SCSI CdRom Device
Description: CD-ROM-Laufwerk
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard-CD-ROM-Laufwerke)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/08/2015 03:42:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2297

Error: (01/08/2015 03:42:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2297

Error: (01/08/2015 03:42:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2015 02:34:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7875

Error: (01/08/2015 02:34:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7875

Error: (01/08/2015 02:34:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2015 02:34:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5922

Error: (01/08/2015 02:34:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5922

Error: (01/08/2015 02:34:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2015 02:34:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3953


System errors:
=============
Error: (01/08/2015 10:21:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/08/2015 10:19:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/08/2015 10:19:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/08/2015 10:17:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/08/2015 10:15:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/08/2015 10:15:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/08/2015 10:13:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/08/2015 10:13:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/08/2015 10:11:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (01/08/2015 10:11:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office Sessions:
=========================
Error: (01/08/2015 03:42:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2297

Error: (01/08/2015 03:42:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2297

Error: (01/08/2015 03:42:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2015 02:34:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7875

Error: (01/08/2015 02:34:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7875

Error: (01/08/2015 02:34:58 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2015 02:34:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5922

Error: (01/08/2015 02:34:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5922

Error: (01/08/2015 02:34:56 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/08/2015 02:34:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3953


==================== Memory info =========================== 

Processor:  Intel(R) Pentium(R) 4 CPU 3.40GHz
Percentage of memory in use: 35%
Total physical RAM: 2559.48 MB
Available physical RAM: 1648.89 MB
Total Pagefile: 4505.33 MB
Available Pagefile: 3713.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1929.09 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:125.46 GB) (Free:1.27 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (BACKUP) (Fixed) (Total:97.65 GB) (Free:0.78 GB) NTFS
Drive e: (RECOVER) (Fixed) (Total:9.76 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 95F195F1)
Partition 1: (Active) - (Size=125.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=107.4 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

Alt 08.01.2015, 22:29   #25
Magic11
 
Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Magic (administrator) on NAME-4E62F3A7F1 on 08-01-2015 22:18:31
Running from C:\FRST\FRST-OlderVersion
Loaded Profile: Magic (Available profiles: Magic & Administrator & Gast)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lavasoft) C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
(Microsoft Corporation) C:\WINDOWS\system32\netdde.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Programme\BlueStacks\HD-LogRotatorService.exe
() C:\Programme\CPUCooL\CooLSRV.exe
(AVM Berlin) C:\Programme\FRITZ!DSL\IGDCTRL.EXE
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Computer Associates) C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
() C:\Programme\CDBurnerXP\NMSAccessU.exe
(NVIDIA) C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
(Prolific Technology Inc.) C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe
() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Programme\UPHClean\uphclean.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(DT Soft Ltd) C:\Programme\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
() C:\Programme\Unlocker\UnlockerAssistant.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\...\Run: [swg] => C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-08-09] (Google Inc.)
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\...\Run: [DAEMON Tools Pro Agent] => C:\Programme\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINDOWS\system32\CTFMON.EXE [24064 2012-06-29] (Gerhard Schlager)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
BHO: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 06 C:\Programme\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Mozilla\Firefox\Profiles\i437m79p.default-1383082487453
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Programme\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1488483606-1045282719-2118933040-1011: @unity3d.com/UnityPlayer,version=1.0 -> C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Extension: Google Toolbar for Firefox - C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2015-01-02]
FF Extension: ICQ Toolbar - C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2015-01-02]
FF Extension: Skype Click to Call - C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-14]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon [2010-10-16]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Programme\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2011-01-18]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Programme\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2011-01-18]
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-18]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome: 
=======
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\23.0.1271.97\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Programme\Google\Chrome\Application\23.0.1271.97\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\23.0.1271.97\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Ask Toolbar Plugin Stub) - C:\Programme\Mozilla Firefox\plugins\NPAskSBr.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Windows Genuine Advantage) - C:\Programme\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (My Web Search Plugin Stub) - C:\Programme\Mozilla Firefox\plugins\NPMyWebS.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Programme\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin8.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Programme\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Zylom Plugin) - C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (DivX Content Upload Plugin) - C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll No File
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Programme\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Ciuvo Preisvergleich) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cbmmkkbjmcidpennbibfkncodjenfpjh [2012-03-09]
CHR Extension: (DivX HiQ) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-01-18]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-09-21]
CHR Extension: (DivX Plus Web Player HTML5 video) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-18]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Programme\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Programme\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aawservice; C:\Programme\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-07-07] (Lavasoft)
S4 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [817264 2010-06-07] (Acronis)
S3 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
S4 BBSvc; C:\Programme\Microsoft\BingBar\BBSvc.EXE [196176 2011-10-21] (Microsoft Corporation.)
S3 BBUpdate; C:\Programme\Microsoft\BingBar\SeaPort.EXE [249648 2011-10-13] (Microsoft Corporation)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S2 BstHdAndroidSvc; C:\Programme\BlueStacks\HD-Service.exe [393080 2013-02-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Programme\BlueStacks\HD-LogRotatorService.exe [384888 2013-02-15] (BlueStack Systems, Inc.)
S3 CA_LIC_CLNT; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe [77824 2002-09-19] (Computer Associates) [File not signed]
S3 CA_LIC_SRVR; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe [77824 2002-09-19] (Computer Associates) [File not signed]
R2 CPUCooLServer; C:\Programme\CPUCooL\CooLSrv.exe [743936 2011-12-01] () [File not signed]
S3 de_serv; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin) [File not signed]
S4 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2005-12-24] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-10-28] (Macrovision Europe Ltd.) [File not signed]
S3 fsssvc; C:\Programme\Windows Live\Family Safety\fsssvc.exe [704864 2009-08-05] (Microsoft Corporation)
S4 gupdate1c9ece5216cdebe; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-06-14] (Google Inc.)
S4 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-06-14] (Google Inc.)
S4 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-05-21] (Google)
S3 Hamachi2Svc; C:\Programme\LogMeIn Hamachi\hamachi-2.exe [1385896 2012-06-27] (LogMeIn Inc.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IGDCTRL; C:\Programme\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553440 2012-12-12] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
S4 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [75304 2007-04-19] (Hewlett-Packard Company)
R2 LogWatch; C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe [53248 2002-09-19] (Computer Associates) [File not signed]
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-02] (Mozilla Foundation)
S3 Nero BackItUp Scheduler 4.0; C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe [935208 2008-12-05] (Nero AG)
S4 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 NovacomD; C:\Programme\Palm, Inc\novacom\x86\novacomd.exe [33280 2009-11-06] (Palm) [File not signed]
R2 nTuneService; C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe [191080 2009-11-06] (NVIDIA)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 PLFlash DeviceIoControl Service; C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-12-05] (Prolific Technology Inc.) [File not signed]
S3 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2015-01-02] ()
S3 Radio.fx; E:\Tobit Radio.fx\Server\rfx-server.exe [3630936 2011-08-02] ()
R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 SandraAgentSrv; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\RpcAgentSrv.exe [95896 2009-04-26] (SiSoftware) [File not signed]
S3 SbieSvc; C:\Programme\Sandboxie\SbieSvc.exe [75496 2010-08-09] (SANDBOXIE L.T.D)
S3 sdAuxService; C:\Programme\Spyware Doctor\svcntaux.exe [708688 2007-06-12] (PC Tools)
S3 sdCoreService; C:\Programme\Spyware Doctor\swdsvc.exe [1309264 2007-06-12] (PC Tools)
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [725400 2012-10-03] (Nokia)
S3 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-04-19] (Skype Technologies)
S3 StarWindServiceAE; C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 TomTomHOMEService; C:\Programme\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-03-22] (TomTom)
S3 TuneUp.Defrag; C:\windows\System32\TuneUpDefragService.exe [361288 2009-12-06] (TuneUp Software)
S3 TuneUp.ProgramStatisticsSvc; C:\windows\System32\TUProgSt.exe [604488 2009-12-06] (TuneUp Software)
R2 UPHClean; C:\Programme\UPHClean\uphclean.exe [241725 2005-04-27] (Microsoft Corporation) [File not signed]
S3 VideoAcceleratorService; C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe [292472 2008-10-05] (Speedbit Ltd.)
S4 VMCService; C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed]
S3 windoweyes; C:\Programme\GW Micro\Window-Eyes\weserv.exe [133952 2012-04-23] ()
R2 wlidsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE [1529728 2009-08-18] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 x10nets; C:\Programme\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S3 RichVideo; "C:\Programme\CyberLink\Shared Files\RichVideo.exe" [X]
S3 vToolbarUpdater13.2.0; C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybrid; C:\windows\System32\DRIVERS\3xHybrid.sys [945152 2004-10-06] (Philips Semiconductors GmbH)
S3 61883; C:\windows\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 ACEDRV07; C:\WINDOWS\system32\drivers\ACEDRV07.sys [101376 2007-07-29] (Protect Software GmbH) [File not signed]
R3 actser; C:\windows\System32\drivers\actser.sys [29440 2005-09-12] (Siemens AG) [File not signed]
R2 AegisP; C:\windows\System32\DRIVERS\AegisP.sys [19915 2011-03-10] (Meetinghouse Data Communications) [File not signed]
R3 AnyDVD; C:\windows\System32\Drivers\AnyDVD.sys [121248 2012-08-26] (SlySoft, Inc.)
R3 Apowersoft_AudioDevice; C:\windows\System32\drivers\Apowersoft_AudioDevice.sys [26080 2012-10-08] (Wondershare)
R2 Aspi32; C:\windows\system32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec) [File not signed]
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [26984 2012-11-15] (AVG Technologies)
U0 BMLoad; C:\windows\System32\drivers\BMLoad.sys [22528 2008-10-09] (Bytemobile, Inc.) [File not signed]
R2 BstHdDrv; C:\Programme\BlueStacks\HD-Hypervisor-x86.sys [63864 2013-02-15] (BlueStack Systems)
S3 CardReaderFilter; C:\WINDOWS\system32\Drivers\USBCRFT.SYS [17408 2012-09-16] (ICSI Technology Ltd.) [File not signed]
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 CdaC15BA; C:\WINDOWS\system32\drivers\CDAC15BA.SYS [8864 2006-11-04] () [File not signed]
S3 cmudau; C:\windows\System32\drivers\cmudau.sys [1383104 2007-05-23] (C-Media Inc) [File not signed]
R3 cmudax; C:\windows\System32\drivers\cmudax.sys [1287296 2005-05-12] (C-Media Inc.)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-13] (DT Soft Ltd)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [27672 2007-09-07] (EnTech Taiwan)
R1 Ext2fs; C:\windows\System32\DRIVERS\ext2fs.sys [181120 2008-09-25] (Stephan Schreiber) [File not signed]
R3 FETNDISB; C:\windows\System32\DRIVERS\fetnd5b.sys [42496 2004-04-15] (VIA Technologies, Inc.              )
R2 fssfltr; C:\windows\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [57672 2009-06-10] (FTDI Ltd.)
S3 GcKernel; C:\windows\System32\DRIVERS\GcKernel.sys [59136 2008-04-13] (Microsoft Corporation)
S3 GigasetGenericUSB; C:\windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 gwrdmir; C:\windows\System32\DRIVERS\gwrdmir.sys [9408 2011-09-23] (Windows (R) Win 7 DDK provider)
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HdAudAddService; C:\windows\System32\drivers\HdAudio.sys [113664 2004-03-17] (Windows (R) Server 2003 DDK provider)
S3 HIDSwvd; C:\windows\System32\DRIVERS\HIDSwvd.sys [2688 2001-08-17] (Microsoft Corporation)
S3 hipeer20; C:\windows\System32\DRIVERS\remobo32.sys [26112 2010-08-01] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R1 IfsMount; C:\windows\System32\DRIVERS\ifsmount.sys [51072 2008-08-28] (Stephan Schreiber) [File not signed]
S3 IKFileFlt; C:\windows\System32\drivers\ikfileflt.sys [39376 2007-05-23] (PCTools Research Pty Ltd.)
S3 IKFileSec; C:\windows\System32\drivers\ikfilesec.sys [53840 2007-05-23] (PCTools Research Pty Ltd.)
S3 IkSysFlt; C:\windows\System32\drivers\iksysflt.sys [57424 2007-05-23] (PCTools Research Pty Ltd.)
S3 IKSysSec; C:\windows\System32\drivers\iksyssec.sys [83024 2007-05-23] (PCTools Research Pty Ltd.)
R2 ithsgt; C:\windows\System32\DRIVERS\ithsgt.sys [162432 2007-10-17] () [File not signed]
R2 lilsgt; C:\windows\System32\DRIVERS\lilsgt.sys [12032 2007-10-17] () [File not signed]
R1 meiudf; C:\windows\System32\Drivers\meiudf.sys [102384 2005-12-24] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
S3 MPCSYS; C:\WINDOWS\system32\DRIVERS\mpcsys.sys [15360 2008-12-31] () [File not signed]
S3 MPE; C:\windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NinjaUSB; C:\windows\System32\drivers\NinjaUSB.sys [24704 2010-02-04] () [File not signed]
R1 ntiopnp; C:\windows\system32\Drivers\ntiopnp.sys [21080 2010-11-11] ()
S3 NTSIM; C:\WINDOWS\system32\ntsim.sys [7040 2003-07-17] (VIA Networking Technologies, Inc.       ) [File not signed]
S3 NVHDA; C:\windows\System32\drivers\nvhda32.sys [119272 2011-03-03] (NVIDIA Corporation)
S3 ogo_usb; C:\windows\System32\Drivers\ogo_usb.sys [48384 2006-10-10] (Windows (R) 2000 DDK provider) [File not signed]
S1 oxser; C:\windows\System32\DRIVERS\oxser.sys [51169 2003-04-28] (OEM) [File not signed]
S3 pfc; C:\windows\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.) [File not signed]
R1 prodrv05; C:\windows\System32\drivers\prodrv05.sys [53728 2002-11-13] (Protection Technology Co.) [File not signed]
R1 prodrv06; C:\windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
R0 prohlp01; C:\windows\System32\drivers\prohlp01.sys [60448 2002-11-13] (Protection Technology Co.) [File not signed]
R0 prohlp02; C:\windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
R0 prosync1; C:\windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R2 PStrip; C:\windows\System32\drivers\pstrip.sys [27992 2007-07-15] (EnTech Taiwan)
S3 QCPro; C:\windows\System32\DRIVERS\p35u.sys [116480 2002-06-10] (Logitech Inc.)
S3 RivaTuner32; C:\Programme\RivaTuner v2.22\RivaTuner32.sys [9088 2008-12-29] () [File not signed]
S3 RT2500USB; C:\windows\System32\DRIVERS\rt2500usb.sys [241536 2005-07-14] (Ralink Technology Inc.)
S3 s116bus; C:\windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R3 SaiMini; C:\windows\System32\DRIVERS\SaiMini.sys [13824 2006-07-27] (Saitek) [File not signed]
R3 SaiNtBus; C:\windows\System32\drivers\SaiBus.sys [35200 2006-07-27] (Saitek) [File not signed]
S3 SANDRA; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R2 sbbotdi; C:\Programme\SpeedBit Video Accelerator\sbbotdi.sys [35584 2008-10-05] (SpeedBit Ltd.) [File not signed]
S3 SbieDrv; C:\Programme\Sandboxie\SbieDrv.sys [123112 2010-08-09] (SANDBOXIE L.T.D)
S3 SCL01132; C:\windows\System32\DRIVERS\SCL01132.sys [61824 2010-05-07] (SCM Microsystems Inc.)
R0 sfdrv01; C:\windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp01; C:\windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sfhlp02; C:\windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
S3 siusbmod; C:\windows\System32\DRIVERS\siusbmod.sys [27008 2005-09-12] (Siemens AG )
R0 speedfan; C:\windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [477240 2012-06-04] (Duplex Secure Ltd.)
S3 StarOpen; C:\windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
S3 STCFUx32; C:\windows\System32\DRIVERS\STCFUx32.SYS [7680 2008-11-13] (SCM Microsystems Inc.)
S3 taphss; C:\windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R1 tcpipBM; C:\windows\system32\Drivers\tcpipBM.sys [18816 2008-10-09] (Bytemobile, Inc.) [File not signed]
S3 TVicHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [24656 2001-08-14] (EnTech Taiwan) [File not signed]
R3 UKBFLT; C:\windows\System32\DRIVERS\UKBFLT.sys [11672 2003-12-19] (Chicony)
S3 usbUDisc; C:\windows\System32\DRIVERS\USBDrv.sys [13824 2012-08-02] (Scott)
S3 usb_rndisx; C:\windows\System32\DRIVERS\usb8023x.sys [12800 2005-10-21] (Microsoft Corporation) [File not signed]
R3 VClone; C:\windows\System32\DRIVERS\VClone.sys [30208 2011-01-15] (Elaborate Bytes AG) [File not signed]
R3 vdrive; C:\windows\System32\DRIVERS\vdrive.sys [36328 2012-11-13] (Fengtao Software Inc.)
S3 vncmirror; C:\windows\System32\DRIVERS\vncmirror.sys [3072 2007-08-15] (RealVNC Ltd.)
R3 vsbus; C:\windows\System32\DRIVERS\vsb.sys [15264 2005-09-12] () [File not signed]
S3 vserial; C:\windows\System32\DRIVERS\vserial.sys [47744 2005-09-12] () [File not signed]
R3 wbscr; C:\windows\System32\drivers\wbscr.sys [19928 2002-04-24] (Winbond Electronics Corp.)
S3 wceusbsh; C:\windows\System32\DRIVERS\wceusbsh.sys [104576 2006-04-10] (Microsoft Corporation)
S3 wip0204; C:\windows\System32\DRIVERS\wip0204.sys [23480 2008-12-30] (Wippien Software)
R3 WmBEnum; C:\windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\windows\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
R3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [17792 2005-05-19] (X10 Wireless Technology, Inc.)
U3 anrcco21; C:\windows\system32\Drivers\anrcco21.sys [0 ] (Microsoft Corporation)
U3 ap9emcd3; C:\windows\system32\Drivers\ap9emcd3.sys [0 ] (Microsoft Corporation)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 BTHidEnum; system32\DRIVERS\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 catchme; \??\C:\DOKUME~1\Magic\Lokale Einstellungen\Temp\catchme.sys [X]
U2 CertPropSvc; No ImagePath
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 NETFWDSL; system32\DRIVERS\NETFWDSL.SYS [X]
S0 rseb; No ImagePath
S3 SCL0102K; system32\DRIVERS\SCL0102K.sys [X]
U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 22:05 - 2015-01-07 22:05 - 00000000 __SHD () C:\found.000
2015-01-06 20:33 - 2015-01-08 22:18 - 00000000 ____D () C:\FRST
2015-01-06 00:22 - 2015-01-06 00:22 - 00000000 ____D () C:\windows\ERUNT
2015-01-05 23:15 - 2015-01-06 00:17 - 00000000 ____D () C:\AdwCleaner
2015-01-04 18:59 - 2015-01-08 22:20 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\User\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temp
2015-01-04 17:59 - 2015-01-04 17:59 - 00000216 _____ () C:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-01-04 16:36 - 2015-01-04 16:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2893294$
2015-01-04 16:36 - 2015-01-04 16:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2757638$
2015-01-04 16:34 - 2015-01-04 18:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2749655$
2015-01-04 16:23 - 2015-01-04 16:23 - 00008192 ____H () C:\windows\system32\config\default.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\system.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\software.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\SAM.tmp.LOG
2015-01-04 16:22 - 2015-01-04 16:22 - 00008192 ____H () C:\windows\system32\config\SECURITY.tmp.LOG
2015-01-04 16:06 - 2015-01-04 16:33 - 00000000 ____D () C:\windows\system32\MRT
2015-01-04 15:58 - 2015-01-04 15:58 - 00000000 __HDC () C:\windows\$NtUninstallKB2892075$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2934207$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2862330$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2727528$
2015-01-04 15:43 - 2015-01-04 15:43 - 00000000 __HDC () C:\windows\$NtUninstallKB2813345$
2015-01-04 15:07 - 2015-01-04 15:07 - 00000000 __HDC () C:\windows\$NtUninstallKB2914368$
2015-01-04 14:53 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-01-04 14:53 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-01-04 14:53 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-01-04 14:52 - 2015-01-04 18:59 - 00000000 ____D () C:\Qoobox
2015-01-04 14:52 - 2015-01-04 18:12 - 00000000 ____D () C:\windows\erdnt
2015-01-04 13:43 - 2015-01-04 13:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Mumble
2015-01-04 13:42 - 2015-01-04 13:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Learn2.com
2015-01-03 15:30 - 2014-02-27 00:28 - 00013312 ____N (Microsoft Corporation) C:\windows\system32\xp_eos.exe
2015-01-03 15:30 - 2014-02-27 00:28 - 00013312 ____C (Microsoft Corporation) C:\windows\system32\dllcache\xp_eos.exe
2015-01-03 15:30 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbport.sys
2015-01-03 15:30 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbccgp.sys
2015-01-03 15:30 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbd.sys
2015-01-03 15:30 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbehci.sys
2015-01-03 14:45 - 2015-01-08 22:19 - 01617760 _____ () C:\windows\WindowsUpdate.log
2015-01-03 14:00 - 2015-01-03 16:09 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-01-03 13:58 - 2015-01-03 16:09 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Desktop\mbar
2015-01-02 11:26 - 2015-01-02 11:26 - 00000000 ____D () C:\Programme\Mozilla Firefox
2015-01-02 09:49 - 2015-01-02 19:00 - 00000000 ____D () C:\Programme\onlineTV 10
2015-01-02 09:49 - 2015-01-02 09:49 - 00000705 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\onlineTV 10.lnk
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü\Programme\onlineTV 10
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\concept design
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\onlineTV 10

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 22:16 - 2004-10-11 20:51 - 00000000 ____D () C:\Programme
2015-01-07 22:09 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf
2015-01-07 22:08 - 2004-10-11 20:54 - 00000159 _____ () C:\windows\wiadebug.log
2015-01-07 22:08 - 2004-10-11 20:54 - 00000050 _____ () C:\windows\wiaservc.log
2015-01-07 22:08 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Verlauf
2015-01-07 22:07 - 2013-04-29 19:54 - 00000000 __SHD () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Verlauf
2015-01-07 21:59 - 2013-04-29 19:54 - 00000190 ___SH () C:\Dokumente und Einstellungen\Magic\ntuser.ini
2015-01-07 21:58 - 2008-11-19 23:08 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf
2015-01-07 21:58 - 2004-10-11 20:51 - 00000000 __SHD () C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Verlauf
2015-01-06 20:43 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic
2015-01-06 00:49 - 2013-04-29 19:54 - 00000000 __SHD () C:\Dokumente und Einstellungen\Magic\UserData
2015-01-05 23:55 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-01-05 23:51 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü
2015-01-05 23:51 - 2009-11-28 20:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
2015-01-05 23:51 - 2004-10-11 20:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-01-05 23:08 - 2014-04-10 20:11 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 22:32 - 2004-10-11 20:01 - 00000000 ____D () C:\windows\Microsoft.NET
2015-01-04 18:56 - 2004-10-12 04:46 - 00000000 _____ () C:\windows\system.ini
2015-01-04 18:00 - 2004-10-11 19:56 - 00000000 ____D () C:\windows\system32\Restore
2015-01-04 17:58 - 2010-02-13 02:21 - 00000000 ____D () C:\Programme\Microsoft Silverlight
2015-01-04 16:39 - 2004-10-11 21:50 - 72613888 _____ () C:\windows\system32\config\software.bak
2015-01-04 16:35 - 2004-10-12 04:46 - 00000582 _____ () C:\windows\win.ini
2015-01-04 16:17 - 2004-10-11 21:47 - 00000000 ____D () C:\windows\system
2015-01-04 16:02 - 2004-10-11 19:55 - 00000072 ____C () C:\windows\vbaddin.ini
2015-01-04 16:01 - 2010-06-04 14:10 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight
2015-01-04 15:59 - 2004-10-11 21:50 - 18612224 _____ () C:\windows\system32\config\system.bak
2015-01-04 15:48 - 2009-12-02 23:04 - 00000000 ____D () C:\Programme\MW2
2015-01-04 15:45 - 2010-12-11 10:53 - 00000000 ____D () C:\Atari
2015-01-04 15:42 - 2009-06-14 00:36 - 00000000 ____D () C:\windows\ie8updates
2015-01-04 15:35 - 2009-02-14 01:13 - 00000000 ____D () C:\windows\system32\XPSViewer
2015-01-04 15:25 - 2013-05-04 13:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\vlc
2015-01-04 15:10 - 2008-03-23 16:16 - 00001010 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\Junk.lnk
2015-01-04 14:50 - 2006-12-29 17:29 - 00000000 ____D () C:\Programme\cod2
2015-01-04 13:46 - 2013-02-09 23:30 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Origin
2015-01-04 13:45 - 2013-02-09 23:30 - 00000000 ____D () C:\Programme\Origin
2015-01-04 13:43 - 2012-04-07 20:38 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Mumble
2015-01-04 13:38 - 2007-08-11 17:09 - 00000000 ____D () C:\Programme\Internet Download Manager
2015-01-03 15:39 - 2004-10-13 09:49 - 00000000 ___HD () C:\windows\$hf_mig$
2015-01-03 14:59 - 2014-04-10 19:53 - 00055000 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-03 14:47 - 2004-10-11 21:50 - 00786432 _____ () C:\windows\system32\config\default.bak
2015-01-03 14:47 - 2004-10-11 20:50 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2015-01-03 14:47 - 2004-10-11 20:50 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2015-01-03 12:35 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü\Programme
2015-01-03 12:35 - 2013-04-24 20:33 - 00000763 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\Revo Uninstaller.lnk
2015-01-02 19:30 - 2013-08-01 19:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\foobar2000
2015-01-02 14:53 - 2014-04-10 19:53 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2015-01-02 14:53 - 2012-05-06 08:57 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2015-01-02 14:53 - 2008-01-03 12:01 - 00000000 ____D () C:\windows\OvtCam
2015-01-02 14:51 - 2004-10-11 20:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-01-02 14:47 - 2013-05-03 20:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Skype
2015-01-02 13:50 - 2012-01-29 21:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
2015-01-02 13:28 - 2009-03-07 23:47 - 00271200 _____ () C:\windows\system32\PnkBstrB.xtr
2015-01-02 13:28 - 2008-12-27 18:59 - 00138160 _____ () C:\windows\system32\Drivers\PnkBstrK.sys
2015-01-02 13:28 - 2008-12-27 18:58 - 00271200 _____ () C:\windows\system32\PnkBstrB.exe
2015-01-02 13:28 - 2008-12-27 18:58 - 00075136 _____ () C:\windows\system32\PnkBstrA.exe
2015-01-02 13:09 - 2014-04-10 19:53 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2015-01-02 13:09 - 2012-07-26 19:33 - 00000769 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-02 12:34 - 2008-05-07 22:08 - 00000069 _____ () C:\windows\NeroDigital.ini
2015-01-02 12:18 - 2014-11-15 13:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-01-02 12:17 - 2013-01-26 23:44 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-02 12:17 - 2012-04-09 18:38 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-01-02 12:17 - 2011-05-22 22:06 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-02 11:18 - 2009-10-24 16:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Chilirec
2015-01-02 11:03 - 2006-04-24 10:44 - 00124928 _____ () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 10:47 - 2013-05-04 11:40 - 00033032 _____ () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\wklnhst.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
 Results of screen317's Security Check version 0.99.93  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
 eTrust Antivirus Registration    
`````````Anti-malware/Other Utilities Check:````````` 
 Ad-Aware 
 Spyware Doctor 5.0   
 Windows Defender    
 Gmer     
 TuneUp Utilities 2009   
 CCleaner     
 JavaFX 2.1.1    
 Java 7 Update 45  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	16.0.0.235  
 Adobe Reader 8  
 Adobe Reader XI  
 Mozilla Firefox (for.) 
 Google Chrome 27.0.1453.93  Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 Ad-Aware AAWService.exe 
 Ad-Aware AAWTray.exe is disabled! 
 Firewall Poblem del SecurityCheck.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C::  
````````````````````End of Log``````````````````````
         
et voila, klappt immer schneller ;-))


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Magic (administrator) on NAME-4E62F3A7F1 on 08-01-2015 22:28:05
Running from C:\FRST\FRST-OlderVersion
Loaded Profile: Magic (Available profiles: Magic & Administrator & Gast)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lavasoft) C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
(Microsoft Corporation) C:\WINDOWS\system32\netdde.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Programme\BlueStacks\HD-LogRotatorService.exe
() C:\Programme\CPUCooL\CooLSRV.exe
(AVM Berlin) C:\Programme\FRITZ!DSL\IGDCTRL.EXE
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Computer Associates) C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
() C:\Programme\CDBurnerXP\NMSAccessU.exe
(NVIDIA) C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
(Prolific Technology Inc.) C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe
() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Programme\UPHClean\uphclean.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(DT Soft Ltd) C:\Programme\DAEMON Tools Pro\DTShellHlp.exe
() C:\Programme\Unlocker\UnlockerAssistant.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\...\Run: [swg] => C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-08-09] (Google Inc.)
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\...\Run: [DAEMON Tools Pro Agent] => C:\Programme\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINDOWS\system32\CTFMON.EXE [24064 2012-06-29] (Gerhard Schlager)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
BHO: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 06 C:\Programme\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Mozilla\Firefox\Profiles\i437m79p.default-1383082487453
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Programme\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1488483606-1045282719-2118933040-1011: @unity3d.com/UnityPlayer,version=1.0 -> C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Extension: Google Toolbar for Firefox - C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2015-01-02]
FF Extension: ICQ Toolbar - C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2015-01-02]
FF Extension: Skype Click to Call - C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-14]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon [2010-10-16]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Programme\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2011-01-18]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Programme\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2011-01-18]
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-18]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome: 
=======
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\23.0.1271.97\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Programme\Google\Chrome\Application\23.0.1271.97\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\23.0.1271.97\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Ask Toolbar Plugin Stub) - C:\Programme\Mozilla Firefox\plugins\NPAskSBr.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Windows Genuine Advantage) - C:\Programme\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (My Web Search Plugin Stub) - C:\Programme\Mozilla Firefox\plugins\NPMyWebS.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Programme\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin8.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Programme\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Zylom Plugin) - C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (DivX Content Upload Plugin) - C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll No File
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Programme\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Ciuvo Preisvergleich) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cbmmkkbjmcidpennbibfkncodjenfpjh [2012-03-09]
CHR Extension: (DivX HiQ) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-01-18]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-09-21]
CHR Extension: (DivX Plus Web Player HTML5 video) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-18]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Programme\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Programme\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aawservice; C:\Programme\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-07-07] (Lavasoft)
S4 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [817264 2010-06-07] (Acronis)
S3 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
S4 BBSvc; C:\Programme\Microsoft\BingBar\BBSvc.EXE [196176 2011-10-21] (Microsoft Corporation.)
S3 BBUpdate; C:\Programme\Microsoft\BingBar\SeaPort.EXE [249648 2011-10-13] (Microsoft Corporation)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S2 BstHdAndroidSvc; C:\Programme\BlueStacks\HD-Service.exe [393080 2013-02-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Programme\BlueStacks\HD-LogRotatorService.exe [384888 2013-02-15] (BlueStack Systems, Inc.)
S3 CA_LIC_CLNT; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe [77824 2002-09-19] (Computer Associates) [File not signed]
S3 CA_LIC_SRVR; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe [77824 2002-09-19] (Computer Associates) [File not signed]
R2 CPUCooLServer; C:\Programme\CPUCooL\CooLSrv.exe [743936 2011-12-01] () [File not signed]
S3 de_serv; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin) [File not signed]
S4 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2005-12-24] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-10-28] (Macrovision Europe Ltd.) [File not signed]
S3 fsssvc; C:\Programme\Windows Live\Family Safety\fsssvc.exe [704864 2009-08-05] (Microsoft Corporation)
S4 gupdate1c9ece5216cdebe; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-06-14] (Google Inc.)
S4 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-06-14] (Google Inc.)
S4 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-05-21] (Google)
S3 Hamachi2Svc; C:\Programme\LogMeIn Hamachi\hamachi-2.exe [1385896 2012-06-27] (LogMeIn Inc.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IGDCTRL; C:\Programme\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553440 2012-12-12] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
S4 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [75304 2007-04-19] (Hewlett-Packard Company)
R2 LogWatch; C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe [53248 2002-09-19] (Computer Associates) [File not signed]
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-02] (Mozilla Foundation)
S3 Nero BackItUp Scheduler 4.0; C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe [935208 2008-12-05] (Nero AG)
S4 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 NovacomD; C:\Programme\Palm, Inc\novacom\x86\novacomd.exe [33280 2009-11-06] (Palm) [File not signed]
R2 nTuneService; C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe [191080 2009-11-06] (NVIDIA)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 PLFlash DeviceIoControl Service; C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-12-05] (Prolific Technology Inc.) [File not signed]
S3 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2015-01-02] ()
S3 Radio.fx; E:\Tobit Radio.fx\Server\rfx-server.exe [3630936 2011-08-02] ()
R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 SandraAgentSrv; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\RpcAgentSrv.exe [95896 2009-04-26] (SiSoftware) [File not signed]
S3 SbieSvc; C:\Programme\Sandboxie\SbieSvc.exe [75496 2010-08-09] (SANDBOXIE L.T.D)
S3 sdAuxService; C:\Programme\Spyware Doctor\svcntaux.exe [708688 2007-06-12] (PC Tools)
S3 sdCoreService; C:\Programme\Spyware Doctor\swdsvc.exe [1309264 2007-06-12] (PC Tools)
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [725400 2012-10-03] (Nokia)
S3 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-04-19] (Skype Technologies)
S3 StarWindServiceAE; C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 TomTomHOMEService; C:\Programme\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-03-22] (TomTom)
S3 TuneUp.Defrag; C:\windows\System32\TuneUpDefragService.exe [361288 2009-12-06] (TuneUp Software)
S3 TuneUp.ProgramStatisticsSvc; C:\windows\System32\TUProgSt.exe [604488 2009-12-06] (TuneUp Software)
R2 UPHClean; C:\Programme\UPHClean\uphclean.exe [241725 2005-04-27] (Microsoft Corporation) [File not signed]
S3 VideoAcceleratorService; C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe [292472 2008-10-05] (Speedbit Ltd.)
S4 VMCService; C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed]
S3 windoweyes; C:\Programme\GW Micro\Window-Eyes\weserv.exe [133952 2012-04-23] ()
R2 wlidsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE [1529728 2009-08-18] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 x10nets; C:\Programme\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S3 RichVideo; "C:\Programme\CyberLink\Shared Files\RichVideo.exe" [X]
S3 vToolbarUpdater13.2.0; C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybrid; C:\windows\System32\DRIVERS\3xHybrid.sys [945152 2004-10-06] (Philips Semiconductors GmbH)
S3 61883; C:\windows\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 ACEDRV07; C:\WINDOWS\system32\drivers\ACEDRV07.sys [101376 2007-07-29] (Protect Software GmbH) [File not signed]
R3 actser; C:\windows\System32\drivers\actser.sys [29440 2005-09-12] (Siemens AG) [File not signed]
R2 AegisP; C:\windows\System32\DRIVERS\AegisP.sys [19915 2011-03-10] (Meetinghouse Data Communications) [File not signed]
R3 AnyDVD; C:\windows\System32\Drivers\AnyDVD.sys [121248 2012-08-26] (SlySoft, Inc.)
R3 Apowersoft_AudioDevice; C:\windows\System32\drivers\Apowersoft_AudioDevice.sys [26080 2012-10-08] (Wondershare)
R2 Aspi32; C:\windows\system32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec) [File not signed]
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [26984 2012-11-15] (AVG Technologies)
U0 BMLoad; C:\windows\System32\drivers\BMLoad.sys [22528 2008-10-09] (Bytemobile, Inc.) [File not signed]
R2 BstHdDrv; C:\Programme\BlueStacks\HD-Hypervisor-x86.sys [63864 2013-02-15] (BlueStack Systems)
S3 CardReaderFilter; C:\WINDOWS\system32\Drivers\USBCRFT.SYS [17408 2012-09-16] (ICSI Technology Ltd.) [File not signed]
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 CdaC15BA; C:\WINDOWS\system32\drivers\CDAC15BA.SYS [8864 2006-11-04] () [File not signed]
S3 cmudau; C:\windows\System32\drivers\cmudau.sys [1383104 2007-05-23] (C-Media Inc) [File not signed]
R3 cmudax; C:\windows\System32\drivers\cmudax.sys [1287296 2005-05-12] (C-Media Inc.)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-13] (DT Soft Ltd)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [27672 2007-09-07] (EnTech Taiwan)
R1 Ext2fs; C:\windows\System32\DRIVERS\ext2fs.sys [181120 2008-09-25] (Stephan Schreiber) [File not signed]
R3 FETNDISB; C:\windows\System32\DRIVERS\fetnd5b.sys [42496 2004-04-15] (VIA Technologies, Inc.              )
R2 fssfltr; C:\windows\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [57672 2009-06-10] (FTDI Ltd.)
S3 GcKernel; C:\windows\System32\DRIVERS\GcKernel.sys [59136 2008-04-13] (Microsoft Corporation)
S3 GigasetGenericUSB; C:\windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 gwrdmir; C:\windows\System32\DRIVERS\gwrdmir.sys [9408 2011-09-23] (Windows (R) Win 7 DDK provider)
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HdAudAddService; C:\windows\System32\drivers\HdAudio.sys [113664 2004-03-17] (Windows (R) Server 2003 DDK provider)
S3 HIDSwvd; C:\windows\System32\DRIVERS\HIDSwvd.sys [2688 2001-08-17] (Microsoft Corporation)
S3 hipeer20; C:\windows\System32\DRIVERS\remobo32.sys [26112 2010-08-01] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R1 IfsMount; C:\windows\System32\DRIVERS\ifsmount.sys [51072 2008-08-28] (Stephan Schreiber) [File not signed]
S3 IKFileFlt; C:\windows\System32\drivers\ikfileflt.sys [39376 2007-05-23] (PCTools Research Pty Ltd.)
S3 IKFileSec; C:\windows\System32\drivers\ikfilesec.sys [53840 2007-05-23] (PCTools Research Pty Ltd.)
S3 IkSysFlt; C:\windows\System32\drivers\iksysflt.sys [57424 2007-05-23] (PCTools Research Pty Ltd.)
S3 IKSysSec; C:\windows\System32\drivers\iksyssec.sys [83024 2007-05-23] (PCTools Research Pty Ltd.)
R2 ithsgt; C:\windows\System32\DRIVERS\ithsgt.sys [162432 2007-10-17] () [File not signed]
R2 lilsgt; C:\windows\System32\DRIVERS\lilsgt.sys [12032 2007-10-17] () [File not signed]
R1 meiudf; C:\windows\System32\Drivers\meiudf.sys [102384 2005-12-24] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
S3 MPCSYS; C:\WINDOWS\system32\DRIVERS\mpcsys.sys [15360 2008-12-31] () [File not signed]
S3 MPE; C:\windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NinjaUSB; C:\windows\System32\drivers\NinjaUSB.sys [24704 2010-02-04] () [File not signed]
R1 ntiopnp; C:\windows\system32\Drivers\ntiopnp.sys [21080 2010-11-11] ()
S3 NTSIM; C:\WINDOWS\system32\ntsim.sys [7040 2003-07-17] (VIA Networking Technologies, Inc.       ) [File not signed]
S3 NVHDA; C:\windows\System32\drivers\nvhda32.sys [119272 2011-03-03] (NVIDIA Corporation)
S3 ogo_usb; C:\windows\System32\Drivers\ogo_usb.sys [48384 2006-10-10] (Windows (R) 2000 DDK provider) [File not signed]
S1 oxser; C:\windows\System32\DRIVERS\oxser.sys [51169 2003-04-28] (OEM) [File not signed]
S3 pfc; C:\windows\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.) [File not signed]
R1 prodrv05; C:\windows\System32\drivers\prodrv05.sys [53728 2002-11-13] (Protection Technology Co.) [File not signed]
R1 prodrv06; C:\windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
R0 prohlp01; C:\windows\System32\drivers\prohlp01.sys [60448 2002-11-13] (Protection Technology Co.) [File not signed]
R0 prohlp02; C:\windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
R0 prosync1; C:\windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R2 PStrip; C:\windows\System32\drivers\pstrip.sys [27992 2007-07-15] (EnTech Taiwan)
S3 QCPro; C:\windows\System32\DRIVERS\p35u.sys [116480 2002-06-10] (Logitech Inc.)
S3 RivaTuner32; C:\Programme\RivaTuner v2.22\RivaTuner32.sys [9088 2008-12-29] () [File not signed]
S3 RT2500USB; C:\windows\System32\DRIVERS\rt2500usb.sys [241536 2005-07-14] (Ralink Technology Inc.)
S3 s116bus; C:\windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R3 SaiMini; C:\windows\System32\DRIVERS\SaiMini.sys [13824 2006-07-27] (Saitek) [File not signed]
R3 SaiNtBus; C:\windows\System32\drivers\SaiBus.sys [35200 2006-07-27] (Saitek) [File not signed]
S3 SANDRA; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R2 sbbotdi; C:\Programme\SpeedBit Video Accelerator\sbbotdi.sys [35584 2008-10-05] (SpeedBit Ltd.) [File not signed]
S3 SbieDrv; C:\Programme\Sandboxie\SbieDrv.sys [123112 2010-08-09] (SANDBOXIE L.T.D)
S3 SCL01132; C:\windows\System32\DRIVERS\SCL01132.sys [61824 2010-05-07] (SCM Microsystems Inc.)
R0 sfdrv01; C:\windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp01; C:\windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sfhlp02; C:\windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
S3 siusbmod; C:\windows\System32\DRIVERS\siusbmod.sys [27008 2005-09-12] (Siemens AG )
R0 speedfan; C:\windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [477240 2012-06-04] (Duplex Secure Ltd.)
S3 StarOpen; C:\windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
S3 STCFUx32; C:\windows\System32\DRIVERS\STCFUx32.SYS [7680 2008-11-13] (SCM Microsystems Inc.)
S3 taphss; C:\windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R1 tcpipBM; C:\windows\system32\Drivers\tcpipBM.sys [18816 2008-10-09] (Bytemobile, Inc.) [File not signed]
S3 TVicHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [24656 2001-08-14] (EnTech Taiwan) [File not signed]
R3 UKBFLT; C:\windows\System32\DRIVERS\UKBFLT.sys [11672 2003-12-19] (Chicony)
S3 usbUDisc; C:\windows\System32\DRIVERS\USBDrv.sys [13824 2012-08-02] (Scott)
S3 usb_rndisx; C:\windows\System32\DRIVERS\usb8023x.sys [12800 2005-10-21] (Microsoft Corporation) [File not signed]
R3 VClone; C:\windows\System32\DRIVERS\VClone.sys [30208 2011-01-15] (Elaborate Bytes AG) [File not signed]
R3 vdrive; C:\windows\System32\DRIVERS\vdrive.sys [36328 2012-11-13] (Fengtao Software Inc.)
S3 vncmirror; C:\windows\System32\DRIVERS\vncmirror.sys [3072 2007-08-15] (RealVNC Ltd.)
R3 vsbus; C:\windows\System32\DRIVERS\vsb.sys [15264 2005-09-12] () [File not signed]
S3 vserial; C:\windows\System32\DRIVERS\vserial.sys [47744 2005-09-12] () [File not signed]
R3 wbscr; C:\windows\System32\drivers\wbscr.sys [19928 2002-04-24] (Winbond Electronics Corp.)
S3 wceusbsh; C:\windows\System32\DRIVERS\wceusbsh.sys [104576 2006-04-10] (Microsoft Corporation)
S3 wip0204; C:\windows\System32\DRIVERS\wip0204.sys [23480 2008-12-30] (Wippien Software)
R3 WmBEnum; C:\windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\windows\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
R3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [17792 2005-05-19] (X10 Wireless Technology, Inc.)
U3 anrcco21; C:\windows\system32\Drivers\anrcco21.sys [0 ] (Microsoft Corporation)
U3 ap9emcd3; C:\windows\system32\Drivers\ap9emcd3.sys [0 ] (Microsoft Corporation)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 BTHidEnum; system32\DRIVERS\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 catchme; \??\C:\DOKUME~1\Magic\Lokale Einstellungen\Temp\catchme.sys [X]
U2 CertPropSvc; No ImagePath
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 NETFWDSL; system32\DRIVERS\NETFWDSL.SYS [X]
S0 rseb; No ImagePath
S3 SCL0102K; system32\DRIVERS\SCL0102K.sys [X]
U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 22:05 - 2015-01-07 22:05 - 00000000 __SHD () C:\found.000
2015-01-06 20:33 - 2015-01-08 22:28 - 00000000 ____D () C:\FRST
2015-01-06 00:22 - 2015-01-06 00:22 - 00000000 ____D () C:\windows\ERUNT
2015-01-05 23:15 - 2015-01-06 00:17 - 00000000 ____D () C:\AdwCleaner
2015-01-04 18:59 - 2015-01-08 22:28 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\User\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temp
2015-01-04 17:59 - 2015-01-04 17:59 - 00000216 _____ () C:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-01-04 16:36 - 2015-01-04 16:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2893294$
2015-01-04 16:36 - 2015-01-04 16:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2757638$
2015-01-04 16:34 - 2015-01-04 18:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2749655$
2015-01-04 16:23 - 2015-01-04 16:23 - 00008192 ____H () C:\windows\system32\config\default.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\system.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\software.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\SAM.tmp.LOG
2015-01-04 16:22 - 2015-01-04 16:22 - 00008192 ____H () C:\windows\system32\config\SECURITY.tmp.LOG
2015-01-04 16:06 - 2015-01-04 16:33 - 00000000 ____D () C:\windows\system32\MRT
2015-01-04 15:58 - 2015-01-04 15:58 - 00000000 __HDC () C:\windows\$NtUninstallKB2892075$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2934207$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2862330$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2727528$
2015-01-04 15:43 - 2015-01-04 15:43 - 00000000 __HDC () C:\windows\$NtUninstallKB2813345$
2015-01-04 15:07 - 2015-01-04 15:07 - 00000000 __HDC () C:\windows\$NtUninstallKB2914368$
2015-01-04 14:53 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-01-04 14:53 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-01-04 14:53 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-01-04 14:52 - 2015-01-04 18:59 - 00000000 ____D () C:\Qoobox
2015-01-04 14:52 - 2015-01-04 18:12 - 00000000 ____D () C:\windows\erdnt
2015-01-04 13:43 - 2015-01-04 13:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Mumble
2015-01-04 13:42 - 2015-01-04 13:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Learn2.com
2015-01-03 15:30 - 2014-02-27 00:28 - 00013312 ____N (Microsoft Corporation) C:\windows\system32\xp_eos.exe
2015-01-03 15:30 - 2014-02-27 00:28 - 00013312 ____C (Microsoft Corporation) C:\windows\system32\dllcache\xp_eos.exe
2015-01-03 15:30 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbport.sys
2015-01-03 15:30 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbccgp.sys
2015-01-03 15:30 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbd.sys
2015-01-03 15:30 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbehci.sys
2015-01-03 14:45 - 2015-01-08 22:22 - 01633924 _____ () C:\windows\WindowsUpdate.log
2015-01-03 14:00 - 2015-01-03 16:09 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-01-03 13:58 - 2015-01-03 16:09 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Desktop\mbar
2015-01-02 11:26 - 2015-01-02 11:26 - 00000000 ____D () C:\Programme\Mozilla Firefox
2015-01-02 09:49 - 2015-01-02 19:00 - 00000000 ____D () C:\Programme\onlineTV 10
2015-01-02 09:49 - 2015-01-02 09:49 - 00000705 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\onlineTV 10.lnk
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü\Programme\onlineTV 10
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\concept design
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\onlineTV 10

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 22:16 - 2004-10-11 20:51 - 00000000 ____D () C:\Programme
2015-01-07 22:09 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf
2015-01-07 22:08 - 2004-10-11 20:54 - 00000159 _____ () C:\windows\wiadebug.log
2015-01-07 22:08 - 2004-10-11 20:54 - 00000050 _____ () C:\windows\wiaservc.log
2015-01-07 22:08 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Verlauf
2015-01-07 22:07 - 2013-04-29 19:54 - 00000000 __SHD () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Verlauf
2015-01-07 21:59 - 2013-04-29 19:54 - 00000190 ___SH () C:\Dokumente und Einstellungen\Magic\ntuser.ini
2015-01-07 21:58 - 2008-11-19 23:08 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf
2015-01-07 21:58 - 2004-10-11 20:51 - 00000000 __SHD () C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Verlauf
2015-01-06 20:43 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic
2015-01-06 00:49 - 2013-04-29 19:54 - 00000000 __SHD () C:\Dokumente und Einstellungen\Magic\UserData
2015-01-05 23:55 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-01-05 23:51 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü
2015-01-05 23:51 - 2009-11-28 20:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
2015-01-05 23:51 - 2004-10-11 20:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-01-05 23:08 - 2014-04-10 20:11 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 22:32 - 2004-10-11 20:01 - 00000000 ____D () C:\windows\Microsoft.NET
2015-01-04 18:56 - 2004-10-12 04:46 - 00000000 _____ () C:\windows\system.ini
2015-01-04 18:00 - 2004-10-11 19:56 - 00000000 ____D () C:\windows\system32\Restore
2015-01-04 17:58 - 2010-02-13 02:21 - 00000000 ____D () C:\Programme\Microsoft Silverlight
2015-01-04 16:39 - 2004-10-11 21:50 - 72613888 _____ () C:\windows\system32\config\software.bak
2015-01-04 16:35 - 2004-10-12 04:46 - 00000582 _____ () C:\windows\win.ini
2015-01-04 16:17 - 2004-10-11 21:47 - 00000000 ____D () C:\windows\system
2015-01-04 16:02 - 2004-10-11 19:55 - 00000072 ____C () C:\windows\vbaddin.ini
2015-01-04 16:01 - 2010-06-04 14:10 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight
2015-01-04 15:59 - 2004-10-11 21:50 - 18612224 _____ () C:\windows\system32\config\system.bak
2015-01-04 15:48 - 2009-12-02 23:04 - 00000000 ____D () C:\Programme\MW2
2015-01-04 15:45 - 2010-12-11 10:53 - 00000000 ____D () C:\Atari
2015-01-04 15:42 - 2009-06-14 00:36 - 00000000 ____D () C:\windows\ie8updates
2015-01-04 15:35 - 2009-02-14 01:13 - 00000000 ____D () C:\windows\system32\XPSViewer
2015-01-04 15:25 - 2013-05-04 13:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\vlc
2015-01-04 15:10 - 2008-03-23 16:16 - 00001010 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\Junk.lnk
2015-01-04 14:50 - 2006-12-29 17:29 - 00000000 ____D () C:\Programme\cod2
2015-01-04 13:46 - 2013-02-09 23:30 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Origin
2015-01-04 13:45 - 2013-02-09 23:30 - 00000000 ____D () C:\Programme\Origin
2015-01-04 13:43 - 2012-04-07 20:38 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Mumble
2015-01-04 13:38 - 2007-08-11 17:09 - 00000000 ____D () C:\Programme\Internet Download Manager
2015-01-03 15:39 - 2004-10-13 09:49 - 00000000 ___HD () C:\windows\$hf_mig$
2015-01-03 14:59 - 2014-04-10 19:53 - 00055000 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-03 14:47 - 2004-10-11 21:50 - 00786432 _____ () C:\windows\system32\config\default.bak
2015-01-03 14:47 - 2004-10-11 20:50 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2015-01-03 14:47 - 2004-10-11 20:50 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2015-01-03 12:35 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü\Programme
2015-01-03 12:35 - 2013-04-24 20:33 - 00000763 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\Revo Uninstaller.lnk
2015-01-02 19:30 - 2013-08-01 19:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\foobar2000
2015-01-02 14:53 - 2014-04-10 19:53 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2015-01-02 14:53 - 2012-05-06 08:57 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2015-01-02 14:53 - 2008-01-03 12:01 - 00000000 ____D () C:\windows\OvtCam
2015-01-02 14:51 - 2004-10-11 20:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-01-02 14:47 - 2013-05-03 20:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Skype
2015-01-02 13:50 - 2012-01-29 21:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
2015-01-02 13:28 - 2009-03-07 23:47 - 00271200 _____ () C:\windows\system32\PnkBstrB.xtr
2015-01-02 13:28 - 2008-12-27 18:59 - 00138160 _____ () C:\windows\system32\Drivers\PnkBstrK.sys
2015-01-02 13:28 - 2008-12-27 18:58 - 00271200 _____ () C:\windows\system32\PnkBstrB.exe
2015-01-02 13:28 - 2008-12-27 18:58 - 00075136 _____ () C:\windows\system32\PnkBstrA.exe
2015-01-02 13:09 - 2014-04-10 19:53 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2015-01-02 13:09 - 2012-07-26 19:33 - 00000769 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-02 12:34 - 2008-05-07 22:08 - 00000069 _____ () C:\windows\NeroDigital.ini
2015-01-02 12:18 - 2014-11-15 13:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-01-02 12:17 - 2013-01-26 23:44 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-02 12:17 - 2012-04-09 18:38 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-01-02 12:17 - 2011-05-22 22:06 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-02 11:18 - 2009-10-24 16:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Chilirec
2015-01-02 11:03 - 2006-04-24 10:44 - 00124928 _____ () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 10:47 - 2013-05-04 11:40 - 00033032 _____ () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\wklnhst.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 08.01.2015, 22:30   #26
Magic11
 
Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



et voila, klappt immer schneller ;-))
soll ich die firewall wieder aktivieren?
grüße

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Magic (administrator) on NAME-4E62F3A7F1 on 08-01-2015 22:28:05
Running from C:\FRST\FRST-OlderVersion
Loaded Profile: Magic (Available profiles: Magic & Administrator & Gast)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lavasoft) C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
(Microsoft Corporation) C:\WINDOWS\system32\netdde.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Programme\BlueStacks\HD-LogRotatorService.exe
() C:\Programme\CPUCooL\CooLSRV.exe
(AVM Berlin) C:\Programme\FRITZ!DSL\IGDCTRL.EXE
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Computer Associates) C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
() C:\Programme\CDBurnerXP\NMSAccessU.exe
(NVIDIA) C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe
(Prolific Technology Inc.) C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe
() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Programme\UPHClean\uphclean.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe
(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(DT Soft Ltd) C:\Programme\DAEMON Tools Pro\DTShellHlp.exe
() C:\Programme\Unlocker\UnlockerAssistant.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\...\Run: [swg] => C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2007-08-09] (Google Inc.)
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\...\Run: [DAEMON Tools Pro Agent] => C:\Programme\DAEMON Tools Pro\DTAgent.exe [3111744 2012-04-26] (DT Soft Ltd)
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINDOWS\system32\CTFMON.EXE [24064 2012-06-29] (Gerhard Schlager)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.medion.com
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1488483606-1045282719-2118933040-1011\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
BHO: FRITZ!Box Addon BHO -> {C0C86BBE-9509-4296-8459-FDBFDAF4B673} -> C:\Programme\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: gmx - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll No File
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 05 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 06 C:\Programme\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)

FireFox:
========
FF ProfilePath: C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Mozilla\Firefox\Profiles\i437m79p.default-1383082487453
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.3 -> C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.2.32 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Programme\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-1488483606-1045282719-2118933040-1011: @unity3d.com/UnityPlayer,version=1.0 -> C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Extension: Google Toolbar for Firefox - C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2015-01-02]
FF Extension: ICQ Toolbar - C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2015-01-02]
FF Extension: Skype Click to Call - C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-02]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-14]
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon
FF Extension: Bytemobile Optimization Client - C:\Programme\Vodafone\Vodafone Mobile Connect\Optimization Client\addon [2010-10-16]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Programme\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Programme\DivX\DivX Plus Web Player\firefox\html5video [2011-01-18]
FF HKLM\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Programme\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Programme\DivX\DivX Plus Web Player\firefox\wpa [2011-01-18]
FF HKLM\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-08-18]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome: 
=======
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\23.0.1271.97\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Programme\Google\Chrome\Application\23.0.1271.97\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\23.0.1271.97\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Ask Toolbar Plugin Stub) - C:\Programme\Mozilla Firefox\plugins\NPAskSBr.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Windows Genuine Advantage) - C:\Programme\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (My Web Search Plugin Stub) - C:\Programme\Mozilla Firefox\plugins\NPMyWebS.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Programme\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Programme\Mozilla Firefox\plugins\npqtplugin8.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Programme\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Programme\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Zylom Plugin) - C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (DivX Content Upload Plugin) - C:\Programme\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
CHR Plugin: (DivX OVS Helper Plug-in) - C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Web Player) - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll No File
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Programme\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\4.0.51204.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Ciuvo Preisvergleich) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\cbmmkkbjmcidpennbibfkncodjenfpjh [2012-03-09]
CHR Extension: (DivX HiQ) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-01-18]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-09-21]
CHR Extension: (DivX Plus Web Player HTML5 video) - C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-18]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Programme\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Programme\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aawservice; C:\Programme\Lavasoft\Ad-Aware\aawservice.exe [611664 2008-07-07] (Lavasoft)
S4 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [817264 2010-06-07] (Acronis)
S3 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184 2012-08-11] (Apple Inc.)
S4 BBSvc; C:\Programme\Microsoft\BingBar\BBSvc.EXE [196176 2011-10-21] (Microsoft Corporation.)
S3 BBUpdate; C:\Programme\Microsoft\BingBar\SeaPort.EXE [249648 2011-10-13] (Microsoft Corporation)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
S2 BstHdAndroidSvc; C:\Programme\BlueStacks\HD-Service.exe [393080 2013-02-15] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Programme\BlueStacks\HD-LogRotatorService.exe [384888 2013-02-15] (BlueStack Systems, Inc.)
S3 CA_LIC_CLNT; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmt.exe [77824 2002-09-19] (Computer Associates) [File not signed]
S3 CA_LIC_SRVR; C:\Programme\CA\SharedComponents\CA_LIC\lic98rmtd.exe [77824 2002-09-19] (Computer Associates) [File not signed]
R2 CPUCooLServer; C:\Programme\CPUCooL\CooLSrv.exe [743936 2011-12-01] () [File not signed]
S3 de_serv; C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe [315392 2005-11-21] (AVM Berlin) [File not signed]
S4 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2005-12-24] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-10-28] (Macrovision Europe Ltd.) [File not signed]
S3 fsssvc; C:\Programme\Windows Live\Family Safety\fsssvc.exe [704864 2009-08-05] (Microsoft Corporation)
S4 gupdate1c9ece5216cdebe; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-06-14] (Google Inc.)
S4 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-06-14] (Google Inc.)
S4 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194032 2013-05-21] (Google)
S3 Hamachi2Svc; C:\Programme\LogMeIn Hamachi\hamachi-2.exe [1385896 2012-06-27] (LogMeIn Inc.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IGDCTRL; C:\Programme\FRITZ!DSL\IGDCTRL.EXE [73528 2009-07-28] (AVM Berlin)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553440 2012-12-12] (Apple Inc.)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
S4 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [75304 2007-04-19] (Hewlett-Packard Company)
R2 LogWatch; C:\Programme\CA\SharedComponents\CA_LIC\LogWatNT.exe [53248 2002-09-19] (Computer Associates) [File not signed]
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-02] (Mozilla Foundation)
S3 Nero BackItUp Scheduler 4.0; C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe [935208 2008-12-05] (Nero AG)
S4 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
R2 NMSAccess; C:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S3 NovacomD; C:\Programme\Palm, Inc\novacom\x86\novacomd.exe [33280 2009-11-06] (Palm) [File not signed]
R2 nTuneService; C:\Programme\NVIDIA Corporation\nTune\nTuneService.exe [191080 2009-11-06] (NVIDIA)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 PLFlash DeviceIoControl Service; C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-12-05] (Prolific Technology Inc.) [File not signed]
S3 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75136 2015-01-02] ()
S3 Radio.fx; E:\Tobit Radio.fx\Server\rfx-server.exe [3630936 2011-08-02] ()
R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
S3 SandraAgentSrv; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\RpcAgentSrv.exe [95896 2009-04-26] (SiSoftware) [File not signed]
S3 SbieSvc; C:\Programme\Sandboxie\SbieSvc.exe [75496 2010-08-09] (SANDBOXIE L.T.D)
S3 sdAuxService; C:\Programme\Spyware Doctor\svcntaux.exe [708688 2007-06-12] (PC Tools)
S3 sdCoreService; C:\Programme\Spyware Doctor\swdsvc.exe [1309264 2007-06-12] (PC Tools)
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [725400 2012-10-03] (Nokia)
S3 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [161384 2013-04-19] (Skype Technologies)
S3 StarWindServiceAE; C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 TomTomHOMEService; C:\Programme\TomTom HOME 2\TomTomHOMEService.exe [93072 2013-03-22] (TomTom)
S3 TuneUp.Defrag; C:\windows\System32\TuneUpDefragService.exe [361288 2009-12-06] (TuneUp Software)
S3 TuneUp.ProgramStatisticsSvc; C:\windows\System32\TUProgSt.exe [604488 2009-12-06] (TuneUp Software)
R2 UPHClean; C:\Programme\UPHClean\uphclean.exe [241725 2005-04-27] (Microsoft Corporation) [File not signed]
S3 VideoAcceleratorService; C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe [292472 2008-10-05] (Speedbit Ltd.)
S4 VMCService; C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed]
S3 windoweyes; C:\Programme\GW Micro\Window-Eyes\weserv.exe [133952 2012-04-23] ()
R2 wlidsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE [1529728 2009-08-18] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 x10nets; C:\Programme\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S3 RichVideo; "C:\Programme\CyberLink\Shared Files\RichVideo.exe" [X]
S3 vToolbarUpdater13.2.0; C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 3xHybrid; C:\windows\System32\DRIVERS\3xHybrid.sys [945152 2004-10-06] (Philips Semiconductors GmbH)
S3 61883; C:\windows\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 ACEDRV07; C:\WINDOWS\system32\drivers\ACEDRV07.sys [101376 2007-07-29] (Protect Software GmbH) [File not signed]
R3 actser; C:\windows\System32\drivers\actser.sys [29440 2005-09-12] (Siemens AG) [File not signed]
R2 AegisP; C:\windows\System32\DRIVERS\AegisP.sys [19915 2011-03-10] (Meetinghouse Data Communications) [File not signed]
R3 AnyDVD; C:\windows\System32\Drivers\AnyDVD.sys [121248 2012-08-26] (SlySoft, Inc.)
R3 Apowersoft_AudioDevice; C:\windows\System32\drivers\Apowersoft_AudioDevice.sys [26080 2012-10-08] (Wondershare)
R2 Aspi32; C:\windows\system32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec) [File not signed]
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [26984 2012-11-15] (AVG Technologies)
U0 BMLoad; C:\windows\System32\drivers\BMLoad.sys [22528 2008-10-09] (Bytemobile, Inc.) [File not signed]
R2 BstHdDrv; C:\Programme\BlueStacks\HD-Hypervisor-x86.sys [63864 2013-02-15] (BlueStack Systems)
S3 CardReaderFilter; C:\WINDOWS\system32\Drivers\USBCRFT.SYS [17408 2012-09-16] (ICSI Technology Ltd.) [File not signed]
S3 CCDECODE; C:\windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 CdaC15BA; C:\WINDOWS\system32\drivers\CDAC15BA.SYS [8864 2006-11-04] () [File not signed]
S3 cmudau; C:\windows\System32\drivers\cmudau.sys [1383104 2007-05-23] (C-Media Inc) [File not signed]
R3 cmudax; C:\windows\System32\drivers\cmudax.sys [1287296 2005-05-12] (C-Media Inc.)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-13] (DT Soft Ltd)
R1 ElbyCDIO; C:\windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 ENTECH; C:\WINDOWS\system32\DRIVERS\ENTECH.sys [27672 2007-09-07] (EnTech Taiwan)
R1 Ext2fs; C:\windows\System32\DRIVERS\ext2fs.sys [181120 2008-09-25] (Stephan Schreiber) [File not signed]
R3 FETNDISB; C:\windows\System32\DRIVERS\fetnd5b.sys [42496 2004-04-15] (VIA Technologies, Inc.              )
R2 fssfltr; C:\windows\System32\DRIVERS\fssfltr_tdi.sys [54752 2009-08-05] (Microsoft Corporation)
S3 FTDIBUS; C:\windows\System32\drivers\ftdibus.sys [57672 2009-06-10] (FTDI Ltd.)
S3 GcKernel; C:\windows\System32\DRIVERS\GcKernel.sys [59136 2008-04-13] (Microsoft Corporation)
S3 GigasetGenericUSB; C:\windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 gwrdmir; C:\windows\System32\DRIVERS\gwrdmir.sys [9408 2011-09-23] (Windows (R) Win 7 DDK provider)
R3 hamachi; C:\windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
S3 HdAudAddService; C:\windows\System32\drivers\HdAudio.sys [113664 2004-03-17] (Windows (R) Server 2003 DDK provider)
S3 HIDSwvd; C:\windows\System32\DRIVERS\HIDSwvd.sys [2688 2001-08-17] (Microsoft Corporation)
S3 hipeer20; C:\windows\System32\DRIVERS\remobo32.sys [26112 2010-08-01] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R1 IfsMount; C:\windows\System32\DRIVERS\ifsmount.sys [51072 2008-08-28] (Stephan Schreiber) [File not signed]
S3 IKFileFlt; C:\windows\System32\drivers\ikfileflt.sys [39376 2007-05-23] (PCTools Research Pty Ltd.)
S3 IKFileSec; C:\windows\System32\drivers\ikfilesec.sys [53840 2007-05-23] (PCTools Research Pty Ltd.)
S3 IkSysFlt; C:\windows\System32\drivers\iksysflt.sys [57424 2007-05-23] (PCTools Research Pty Ltd.)
S3 IKSysSec; C:\windows\System32\drivers\iksyssec.sys [83024 2007-05-23] (PCTools Research Pty Ltd.)
R2 ithsgt; C:\windows\System32\DRIVERS\ithsgt.sys [162432 2007-10-17] () [File not signed]
R2 lilsgt; C:\windows\System32\DRIVERS\lilsgt.sys [12032 2007-10-17] () [File not signed]
R1 meiudf; C:\windows\System32\Drivers\meiudf.sys [102384 2005-12-24] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
S3 MPCSYS; C:\WINDOWS\system32\DRIVERS\mpcsys.sys [15360 2008-12-31] () [File not signed]
S3 MPE; C:\windows\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 NdisIP; C:\windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 NinjaUSB; C:\windows\System32\drivers\NinjaUSB.sys [24704 2010-02-04] () [File not signed]
R1 ntiopnp; C:\windows\system32\Drivers\ntiopnp.sys [21080 2010-11-11] ()
S3 NTSIM; C:\WINDOWS\system32\ntsim.sys [7040 2003-07-17] (VIA Networking Technologies, Inc.       ) [File not signed]
S3 NVHDA; C:\windows\System32\drivers\nvhda32.sys [119272 2011-03-03] (NVIDIA Corporation)
S3 ogo_usb; C:\windows\System32\Drivers\ogo_usb.sys [48384 2006-10-10] (Windows (R) 2000 DDK provider) [File not signed]
S1 oxser; C:\windows\System32\DRIVERS\oxser.sys [51169 2003-04-28] (OEM) [File not signed]
S3 pfc; C:\windows\System32\drivers\pfc.sys [10368 2003-12-05] (Padus, Inc.) [File not signed]
R1 prodrv05; C:\windows\System32\drivers\prodrv05.sys [53728 2002-11-13] (Protection Technology Co.) [File not signed]
R1 prodrv06; C:\windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
R0 prohlp01; C:\windows\System32\drivers\prohlp01.sys [60448 2002-11-13] (Protection Technology Co.) [File not signed]
R0 prohlp02; C:\windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
R0 prosync1; C:\windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R2 PStrip; C:\windows\System32\drivers\pstrip.sys [27992 2007-07-15] (EnTech Taiwan)
S3 QCPro; C:\windows\System32\DRIVERS\p35u.sys [116480 2002-06-10] (Logitech Inc.)
S3 RivaTuner32; C:\Programme\RivaTuner v2.22\RivaTuner32.sys [9088 2008-12-29] () [File not signed]
S3 RT2500USB; C:\windows\System32\DRIVERS\rt2500usb.sys [241536 2005-07-14] (Ralink Technology Inc.)
S3 s116bus; C:\windows\System32\DRIVERS\s116bus.sys [83336 2007-04-03] (MCCI Corporation)
S3 s116mdfl; C:\windows\System32\DRIVERS\s116mdfl.sys [15112 2007-04-03] (MCCI Corporation)
S3 s116mdm; C:\windows\System32\DRIVERS\s116mdm.sys [108680 2007-04-03] (MCCI Corporation)
S3 s116mgmt; C:\windows\System32\DRIVERS\s116mgmt.sys [100488 2007-04-03] (MCCI Corporation)
S3 s116nd5; C:\windows\System32\DRIVERS\s116nd5.sys [23176 2007-04-03] (MCCI Corporation)
S3 s116obex; C:\windows\System32\DRIVERS\s116obex.sys [98696 2007-04-03] (MCCI Corporation)
S3 s116unic; C:\windows\System32\DRIVERS\s116unic.sys [99080 2007-04-03] (MCCI Corporation)
R3 SaiMini; C:\windows\System32\DRIVERS\SaiMini.sys [13824 2006-07-27] (Saitek) [File not signed]
R3 SaiNtBus; C:\windows\System32\drivers\SaiBus.sys [35200 2006-07-27] (Saitek) [File not signed]
S3 SANDRA; C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP4\WNt500x86\Sandra.sys [23112 2009-08-07] (SiSoftware)
R2 sbbotdi; C:\Programme\SpeedBit Video Accelerator\sbbotdi.sys [35584 2008-10-05] (SpeedBit Ltd.) [File not signed]
S3 SbieDrv; C:\Programme\Sandboxie\SbieDrv.sys [123112 2010-08-09] (SANDBOXIE L.T.D)
S3 SCL01132; C:\windows\System32\DRIVERS\SCL01132.sys [61824 2010-05-07] (SCM Microsystems Inc.)
R0 sfdrv01; C:\windows\System32\drivers\sfdrv01.sys [50688 2005-08-10] (Protection Technology) [File not signed]
R0 sfhlp01; C:\windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sfhlp02; C:\windows\System32\drivers\sfhlp02.sys [6656 2005-05-16] (Protection Technology) [File not signed]
R0 sfvfs02; C:\windows\System32\drivers\sfvfs02.sys [63488 2005-11-03] (Protection Technology) [File not signed]
S3 siusbmod; C:\windows\System32\DRIVERS\siusbmod.sys [27008 2005-09-12] (Siemens AG )
R0 speedfan; C:\windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
R0 sptd; C:\windows\System32\Drivers\sptd.sys [477240 2012-06-04] (Duplex Secure Ltd.)
S3 StarOpen; C:\windows\system32\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
S3 STCFUx32; C:\windows\System32\DRIVERS\STCFUx32.SYS [7680 2008-11-13] (SCM Microsystems Inc.)
S3 taphss; C:\windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R1 tcpipBM; C:\windows\system32\Drivers\tcpipBM.sys [18816 2008-10-09] (Bytemobile, Inc.) [File not signed]
S3 TVicHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [24656 2001-08-14] (EnTech Taiwan) [File not signed]
R3 UKBFLT; C:\windows\System32\DRIVERS\UKBFLT.sys [11672 2003-12-19] (Chicony)
S3 usbUDisc; C:\windows\System32\DRIVERS\USBDrv.sys [13824 2012-08-02] (Scott)
S3 usb_rndisx; C:\windows\System32\DRIVERS\usb8023x.sys [12800 2005-10-21] (Microsoft Corporation) [File not signed]
R3 VClone; C:\windows\System32\DRIVERS\VClone.sys [30208 2011-01-15] (Elaborate Bytes AG) [File not signed]
R3 vdrive; C:\windows\System32\DRIVERS\vdrive.sys [36328 2012-11-13] (Fengtao Software Inc.)
S3 vncmirror; C:\windows\System32\DRIVERS\vncmirror.sys [3072 2007-08-15] (RealVNC Ltd.)
R3 vsbus; C:\windows\System32\DRIVERS\vsb.sys [15264 2005-09-12] () [File not signed]
S3 vserial; C:\windows\System32\DRIVERS\vserial.sys [47744 2005-09-12] () [File not signed]
R3 wbscr; C:\windows\System32\drivers\wbscr.sys [19928 2002-04-24] (Winbond Electronics Corp.)
S3 wceusbsh; C:\windows\System32\DRIVERS\wceusbsh.sys [104576 2006-04-10] (Microsoft Corporation)
S3 wip0204; C:\windows\System32\DRIVERS\wip0204.sys [23480 2008-12-30] (Wippien Software)
R3 WmBEnum; C:\windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmHidLo; C:\windows\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
R3 XUIF; C:\windows\System32\Drivers\x10ufx2.sys [17792 2005-05-19] (X10 Wireless Technology, Inc.)
U3 anrcco21; C:\windows\system32\Drivers\anrcco21.sys [0 ] (Microsoft Corporation)
U3 ap9emcd3; C:\windows\system32\Drivers\ap9emcd3.sys [0 ] (Microsoft Corporation)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S3 BTHidEnum; system32\DRIVERS\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 catchme; \??\C:\DOKUME~1\Magic\Lokale Einstellungen\Temp\catchme.sys [X]
U2 CertPropSvc; No ImagePath
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 NETFWDSL; system32\DRIVERS\NETFWDSL.SYS [X]
S0 rseb; No ImagePath
S3 SCL0102K; system32\DRIVERS\SCL0102K.sys [X]
U5 ScsiPort; C:\windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr; No ImagePath
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-07 22:05 - 2015-01-07 22:05 - 00000000 __SHD () C:\found.000
2015-01-06 20:33 - 2015-01-08 22:28 - 00000000 ____D () C:\FRST
2015-01-06 00:22 - 2015-01-06 00:22 - 00000000 ____D () C:\windows\ERUNT
2015-01-05 23:15 - 2015-01-06 00:17 - 00000000 ____D () C:\AdwCleaner
2015-01-04 18:59 - 2015-01-08 22:28 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\User\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-01-04 18:59 - 2015-01-04 18:59 - 00000000 ____D () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\temp
2015-01-04 17:59 - 2015-01-04 17:59 - 00000216 _____ () C:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-01-04 16:36 - 2015-01-04 16:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2893294$
2015-01-04 16:36 - 2015-01-04 16:36 - 00000000 __HDC () C:\windows\$NtUninstallKB2757638$
2015-01-04 16:34 - 2015-01-04 18:12 - 00000000 __HDC () C:\windows\$NtUninstallKB2749655$
2015-01-04 16:23 - 2015-01-04 16:23 - 00008192 ____H () C:\windows\system32\config\default.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\system.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\software.tmp.LOG
2015-01-04 16:23 - 2015-01-04 16:23 - 00000000 ____H () C:\windows\system32\config\SAM.tmp.LOG
2015-01-04 16:22 - 2015-01-04 16:22 - 00008192 ____H () C:\windows\system32\config\SECURITY.tmp.LOG
2015-01-04 16:06 - 2015-01-04 16:33 - 00000000 ____D () C:\windows\system32\MRT
2015-01-04 15:58 - 2015-01-04 15:58 - 00000000 __HDC () C:\windows\$NtUninstallKB2892075$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2934207$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2862330$
2015-01-04 15:49 - 2015-01-04 15:49 - 00000000 __HDC () C:\windows\$NtUninstallKB2727528$
2015-01-04 15:43 - 2015-01-04 15:43 - 00000000 __HDC () C:\windows\$NtUninstallKB2813345$
2015-01-04 15:07 - 2015-01-04 15:07 - 00000000 __HDC () C:\windows\$NtUninstallKB2914368$
2015-01-04 14:53 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-01-04 14:53 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-01-04 14:53 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\windows\SWXCACLS.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-01-04 14:53 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-01-04 14:52 - 2015-01-04 18:59 - 00000000 ____D () C:\Qoobox
2015-01-04 14:52 - 2015-01-04 18:12 - 00000000 ____D () C:\windows\erdnt
2015-01-04 13:43 - 2015-01-04 13:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Mumble
2015-01-04 13:42 - 2015-01-04 13:42 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Learn2.com
2015-01-03 15:30 - 2014-02-27 00:28 - 00013312 ____N (Microsoft Corporation) C:\windows\system32\xp_eos.exe
2015-01-03 15:30 - 2014-02-27 00:28 - 00013312 ____C (Microsoft Corporation) C:\windows\system32\dllcache\xp_eos.exe
2015-01-03 15:30 - 2013-08-09 01:55 - 00144128 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbport.sys
2015-01-03 15:30 - 2013-08-09 01:55 - 00032384 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbccgp.sys
2015-01-03 15:30 - 2013-08-09 01:55 - 00005376 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbd.sys
2015-01-03 15:30 - 2009-03-18 12:02 - 00030336 ____C (Microsoft Corporation) C:\windows\system32\dllcache\usbehci.sys
2015-01-03 14:45 - 2015-01-08 22:22 - 01633924 _____ () C:\windows\WindowsUpdate.log
2015-01-03 14:00 - 2015-01-03 16:09 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes' Anti-Malware (portable)
2015-01-03 13:58 - 2015-01-03 16:09 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Desktop\mbar
2015-01-02 11:26 - 2015-01-02 11:26 - 00000000 ____D () C:\Programme\Mozilla Firefox
2015-01-02 09:49 - 2015-01-02 19:00 - 00000000 ____D () C:\Programme\onlineTV 10
2015-01-02 09:49 - 2015-01-02 09:49 - 00000705 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\onlineTV 10.lnk
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü\Programme\onlineTV 10
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\concept design
2015-01-02 09:49 - 2015-01-02 09:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\onlineTV 10

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 22:16 - 2004-10-11 20:51 - 00000000 ____D () C:\Programme
2015-01-07 22:09 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf
2015-01-07 22:08 - 2004-10-11 20:54 - 00000159 _____ () C:\windows\wiadebug.log
2015-01-07 22:08 - 2004-10-11 20:54 - 00000050 _____ () C:\windows\wiaservc.log
2015-01-07 22:08 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Verlauf
2015-01-07 22:07 - 2013-04-29 19:54 - 00000000 __SHD () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Verlauf
2015-01-07 21:59 - 2013-04-29 19:54 - 00000190 ___SH () C:\Dokumente und Einstellungen\Magic\ntuser.ini
2015-01-07 21:58 - 2008-11-19 23:08 - 00000000 __SHD () C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Verlauf
2015-01-07 21:58 - 2004-10-11 20:51 - 00000000 __SHD () C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Verlauf
2015-01-06 20:43 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic
2015-01-06 00:49 - 2013-04-29 19:54 - 00000000 __SHD () C:\Dokumente und Einstellungen\Magic\UserData
2015-01-05 23:55 - 2004-10-11 19:59 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
2015-01-05 23:51 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü
2015-01-05 23:51 - 2009-11-28 20:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
2015-01-05 23:51 - 2004-10-11 20:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-01-05 23:08 - 2014-04-10 20:11 - 00114904 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-05 22:32 - 2004-10-11 20:01 - 00000000 ____D () C:\windows\Microsoft.NET
2015-01-04 18:56 - 2004-10-12 04:46 - 00000000 _____ () C:\windows\system.ini
2015-01-04 18:00 - 2004-10-11 19:56 - 00000000 ____D () C:\windows\system32\Restore
2015-01-04 17:58 - 2010-02-13 02:21 - 00000000 ____D () C:\Programme\Microsoft Silverlight
2015-01-04 16:39 - 2004-10-11 21:50 - 72613888 _____ () C:\windows\system32\config\software.bak
2015-01-04 16:35 - 2004-10-12 04:46 - 00000582 _____ () C:\windows\win.ini
2015-01-04 16:17 - 2004-10-11 21:47 - 00000000 ____D () C:\windows\system
2015-01-04 16:02 - 2004-10-11 19:55 - 00000072 ____C () C:\windows\vbaddin.ini
2015-01-04 16:01 - 2010-06-04 14:10 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight
2015-01-04 15:59 - 2004-10-11 21:50 - 18612224 _____ () C:\windows\system32\config\system.bak
2015-01-04 15:48 - 2009-12-02 23:04 - 00000000 ____D () C:\Programme\MW2
2015-01-04 15:45 - 2010-12-11 10:53 - 00000000 ____D () C:\Atari
2015-01-04 15:42 - 2009-06-14 00:36 - 00000000 ____D () C:\windows\ie8updates
2015-01-04 15:35 - 2009-02-14 01:13 - 00000000 ____D () C:\windows\system32\XPSViewer
2015-01-04 15:25 - 2013-05-04 13:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\vlc
2015-01-04 15:10 - 2008-03-23 16:16 - 00001010 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\Junk.lnk
2015-01-04 14:50 - 2006-12-29 17:29 - 00000000 ____D () C:\Programme\cod2
2015-01-04 13:46 - 2013-02-09 23:30 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Origin
2015-01-04 13:45 - 2013-02-09 23:30 - 00000000 ____D () C:\Programme\Origin
2015-01-04 13:43 - 2012-04-07 20:38 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Mumble
2015-01-04 13:38 - 2007-08-11 17:09 - 00000000 ____D () C:\Programme\Internet Download Manager
2015-01-03 15:39 - 2004-10-13 09:49 - 00000000 ___HD () C:\windows\$hf_mig$
2015-01-03 14:59 - 2014-04-10 19:53 - 00055000 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-03 14:47 - 2004-10-11 21:50 - 00786432 _____ () C:\windows\system32\config\default.bak
2015-01-03 14:47 - 2004-10-11 20:50 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2015-01-03 14:47 - 2004-10-11 20:50 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2015-01-03 12:35 - 2013-04-29 19:54 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Startmenü\Programme
2015-01-03 12:35 - 2013-04-24 20:33 - 00000763 _____ () C:\Dokumente und Einstellungen\Magic\Desktop\Revo Uninstaller.lnk
2015-01-02 19:30 - 2013-08-01 19:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\foobar2000
2015-01-02 14:53 - 2014-04-10 19:53 - 00000000 ____D () C:\Programme\ Malwarebytes Anti-Malware 
2015-01-02 14:53 - 2012-05-06 08:57 - 00000000 ____D () C:\Programme\Mozilla Maintenance Service
2015-01-02 14:53 - 2008-01-03 12:01 - 00000000 ____D () C:\windows\OvtCam
2015-01-02 14:51 - 2004-10-11 20:51 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-01-02 14:47 - 2013-05-03 20:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Skype
2015-01-02 13:50 - 2012-01-29 21:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\LogMeIn Hamachi
2015-01-02 13:28 - 2009-03-07 23:47 - 00271200 _____ () C:\windows\system32\PnkBstrB.xtr
2015-01-02 13:28 - 2008-12-27 18:59 - 00138160 _____ () C:\windows\system32\Drivers\PnkBstrK.sys
2015-01-02 13:28 - 2008-12-27 18:58 - 00271200 _____ () C:\windows\system32\PnkBstrB.exe
2015-01-02 13:28 - 2008-12-27 18:58 - 00075136 _____ () C:\windows\system32\PnkBstrA.exe
2015-01-02 13:09 - 2014-04-10 19:53 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ Malwarebytes Anti-Malware 
2015-01-02 13:09 - 2012-07-26 19:33 - 00000769 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-02 12:34 - 2008-05-07 22:08 - 00000069 _____ () C:\windows\NeroDigital.ini
2015-01-02 12:18 - 2014-11-15 13:49 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-01-02 12:17 - 2013-01-26 23:44 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-01-02 12:17 - 2012-04-09 18:38 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-01-02 12:17 - 2011-05-22 22:06 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-01-02 11:18 - 2009-10-24 16:40 - 00000000 ____D () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Chilirec
2015-01-02 11:03 - 2006-04-24 10:44 - 00124928 _____ () C:\Dokumente und Einstellungen\Magic\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 10:47 - 2013-05-04 11:40 - 00033032 _____ () C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\wklnhst.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---

Alt 08.01.2015, 23:06   #27
schrauber
/// the machine
/// TB-Ausbilder
 

Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



Java und Chrome updaten.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Dokumente und Einstellungen\Magic\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\63\306de57f-38e442b6

D:\downloads\PSP2991\Microsoft.Office.2010.Professional.Plus.x86.Full.Activated

D:\Programme\Dragon_Ball_Revenge_Of_King_Piccolo_PAL_Wii-WiiERD Lö\Neuer Ordner\SoftonicDownloader89153.exe

D:\Programme\Dragon_Ball_Revenge_Of_King_Piccolo_PAL_Wii-WiiERD Lö\Resident Evil 4\ScanreadDateien\Winzip 14  Passwort 4you   00009.exe\CRC-Killer.exe\CRC-Killer.exe

E:\CX65\MyPhoneExplorer_Setup_v1.7.4.exe

E:\Spielstände\Black Mirror 2\whitemirror.dll
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.01.2015, 10:22   #28
Magic11
 
Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



Hi erst mal vielen Dank für die schnell und profesionelle Unterstützung.
Ich nutze haubtsächlich nocd Dateien, da mich das Suchen und wechseln sowie das auch noch langsammen DVD's nervt.(Originale hab ich ja)
Der Mediom-Rechner ist halt mit Win XP von 2005.... und das Recovery von E: hab ich auf DVD's gebrannt um Platz zu schaffen, die nicht mehr funktionieren
Update habe ich eingeschaltet.(nutzt aber weniger da XP jetzt nicht mehr suportet wird, und bei Java update 7 auf 8 gibts jetzt auch Probleme mit anderen Programmen.
Die Explorerleisten z.B. Babylon sind noch aus Zeiten wo ich z.B. Übersetzungstools gesucht habe und verpennt habe die "Hacken" beim installen zu entfernen ;-(

Antivierenprogramm habe ich entfernt wegen nocd patches und performance Themen, werde ich aber wieder installieren.
Und leider laufen mit dem bescheidenen Win 8 viele meiner Originale nicht mehr und überfordert den Rechner
Deshalb hänge ich noch an dem Pentium 4 und dem tollen XP.

Hatte schon vor einem Jahr einen Virus , Meldung von gmx. Da gabs eine Ansprechstelle die mir Malwarebyte empfohlen hatte. Damit konnte ich das Problem entfernen.

P.s. nach was muß man in den Reports Filtern um die "Probleme" zu finden?
Viele Grüße

Alt 09.01.2015, 13:58   #29
schrauber
/// the machine
/// TB-Ausbilder
 

Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



In jedem Log steht eigentlich ziemlich zu Anfang was gelöscht wurde
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.01.2015, 13:55   #30
Magic11
 
Windows XP SP3 Firewall inaktiv - Standard

Windows XP SP3 Firewall inaktiv [gelöst]



Hi, habe jetzt noch einige der Programme zum reinigen in C: installiert, sowie auf D: zwei Ordner c28717637c0cdbc190d04b/ darin sind Ordner wie 125 mit 3 Dateien Eula.rtf und 2 weitere Dateien und ein ähnliche mit Eula .rtf LocalizedData.xml und SetupResources.dll etc. die waren vorher nicht da. Denke sind deinstallationordner. Kann ich die löschen einfach mit del Ordner?
Ebeso auf E: FOUND.000 und FOUND.001 /FILE0000.CHK.
Was kann ich wie löschen?
Grüße und schönes WE

Antwort

Themen zu Windows XP SP3 Firewall inaktiv
aktiviere, ask toolbar entfernen, babylon entfernen, babylon toolbar on ie entfernen, babylonobjectinstaller entfernen, daemon tools toolbar entfernen, einstellungen, fehlercode 0xc00d2711, fehlercode 22, firewall, firewall inaktiv, nicht mehr, problems, quickstores-toolbar 1.1.0 entfernen, sicherheitscenter, this device is disabled. (code 22), trojan.siredef.c, windowes xp firewall, windows firewall, windows xp, windows xp sp3, ytd video downloader 3.9.6 entfernen




Ähnliche Themen: Windows XP SP3 Firewall inaktiv


  1. Avira antivir guard lässt sich nicht aktivieren, Sicherheitscenter: Firewall, Virenschutz und automatische Updates inaktiv
    Log-Analyse und Auswertung - 21.10.2014 (34)
  2. MSE & Windows Defender plötzlich inaktiv
    Log-Analyse und Auswertung - 02.06.2013 (41)
  3. Vista: Trojan.Ransom.Gen; Trojan.0Access; Trojan.Agent; Firewall inaktiv
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (3)
  4. Nach Virenbefall und Entfernung ist Windows Firewall inaktiv
    Plagegeister aller Art und deren Bekämpfung - 08.11.2012 (20)
  5. Fehlercode 0x80070424 bei Windows Defender, Firewall. Sicherheitscenter inaktiv.
    Plagegeister aller Art und deren Bekämpfung - 30.07.2012 (1)
  6. Kann das sein? Firewall grün u. o.k. und trotzdem inaktiv?
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (1)
  7. Windows-Defender, -Update und Virenscanner inaktiv
    Alles rund um Windows - 06.06.2012 (10)
  8. Abnow.com / Backdoor.Agent / Defender+Firewall inaktiv
    Log-Analyse und Auswertung - 24.03.2012 (45)
  9. Firewall inaktiv und lässt sich nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 26.02.2012 (14)
  10. Firewall jedes mal nach Neustart kurz inaktiv!
    Log-Analyse und Auswertung - 06.12.2011 (7)
  11. Firewall inaktiv und lässt sich nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 04.11.2011 (31)
  12. Viren wie runDlll.exe, AvProtector.exe usw.Taskmanager startet nicht, Firewall nach neustart inaktiv
    Log-Analyse und Auswertung - 25.11.2010 (16)
  13. IE langsam ! AntiVir Guard inaktiv ! Firewall inaktiv ! Bitte helft !
    Log-Analyse und Auswertung - 09.01.2009 (11)
  14. Windows Firewall bleibt nach dem Start inaktiv
    Log-Analyse und Auswertung - 29.12.2008 (3)
  15. Windows Firewall inaktiv
    Log-Analyse und Auswertung - 22.11.2008 (1)
  16. Windows Updates&Firewall inaktiv, IE PopUps, AntySpywareExpert plötzlich da,..
    Plagegeister aller Art und deren Bekämpfung - 30.06.2008 (39)
  17. Firewall inaktiv???
    Alles rund um Windows - 18.02.2005 (8)

Zum Thema Windows XP SP3 Firewall inaktiv - ok hab mal probeweise updates gesucht funktioniert nicht und um platz auf der platte zu schaffen kompriemieren wird nicht fertig bleibt bei einem grunen balken hangen. na dann weiter nach - Windows XP SP3 Firewall inaktiv...
Archiv
Du betrachtest: Windows XP SP3 Firewall inaktiv auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.