Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Meldung in Win7: Der Proxyserver reagiert nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.02.2015, 15:02   #16
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Meldung in Win7: Der Proxyserver reagiert nicht - Standard

Meldung in Win7: Der Proxyserver reagiert nicht



Das ESET-Log sieht OK aus weil alles in den Temps oder in der Quarantäne steckt.

Schritt 1



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
ATTFilter
CloseProcesses:
EmptyTemp:
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52515;https=127.0.0.1:52515
URLSearchHook: [S-1-5-21-2226251454-2989245828-1209764460-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
2015-01-27 21:16 - 2015-01-27 21:16 - 00000000 ____D () C:\Users\bfzadm\AppData\Roaming\dlg
2015-01-27 21:14 - 2015-01-30 20:07 - 00000000 ____D () C:\ProgramData\SecurityUtility
2015-01-27 21:14 - 2015-01-27 21:14 - 00000000 ____D () C:\ProgramData\SecurityUtilityData
2015-01-27 21:14 - 2015-01-27 17:31 - 00344440 _____ (CartCrunch Israel Ltd.) C:\windows\system32\ColorMedia64.dll
2015-01-27 21:14 - 2015-01-27 17:31 - 00301168 _____ (CartCrunch Israel Ltd.) C:\windows\SysWOW64\ColorMedia.dll
         
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Fix-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.


Schritt 2
Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.





Schritt 3
Zitat:
Ran by bfzn (ATTENTION: The logged in user is not administrator) on SEVENUP on 31-01-2015 13:59:10
Running from C:\Users\bfzn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QT7IUK6
Zitat:
Zitat von deeprybka Beitrag anzeigen
Bitte FRST als Admin ausführen.


Bitte FRST vom Desktop mit Administrator-Rechten ausführen!





Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Geändert von deeprybka (02.02.2015 um 15:10 Uhr)

Alt 02.02.2015, 19:44   #17
BerndFranzen
 
Meldung in Win7: Der Proxyserver reagiert nicht - Standard

Meldung in Win7: Der Proxyserver reagiert nicht



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by bfzadm at 2015-02-02 19:26:51 Run:1
Running from C:\Users\bfzn\Desktop
Loaded Profiles: bfzadm & bfzn (Available profiles: bfzadm & bfzn & DoKo)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
EmptyTemp:
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52515;https=127.0.0.1:52515
URLSearchHook: [S-1-5-21-2226251454-2989245828-1209764460-1001] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ColorMedia => ""="service"
2015-01-27 21:16 - 2015-01-27 21:16 - 00000000 ____D () C:\Users\bfzadm\AppData\Roaming\dlg
2015-01-27 21:14 - 2015-01-30 20:07 - 00000000 ____D () C:\ProgramData\SecurityUtility
2015-01-27 21:14 - 2015-01-27 21:14 - 00000000 ____D () C:\ProgramData\SecurityUtilityData
2015-01-27 21:14 - 2015-01-27 17:31 - 00344440 _____ (CartCrunch Israel Ltd.) C:\windows\system32\ColorMedia64.dll
2015-01-27 21:14 - 2015-01-27 17:31 - 00301168 _____ (CartCrunch Israel Ltd.) C:\windows\SysWOW64\ColorMedia.dll
*****************

Processes closed successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
Error setting Default URLSearchHook.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. 
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\ColorMedia" => Key deleted successfully.
C:\Users\bfzadm\AppData\Roaming\dlg => Moved successfully.
C:\ProgramData\SecurityUtility => Moved successfully.
C:\ProgramData\SecurityUtilityData => Moved successfully.
C:\windows\system32\ColorMedia64.dll => Moved successfully.
C:\windows\SysWOW64\ColorMedia.dll => Moved successfully.
EmptyTemp: => Removed 2.5 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 19:30:45 ====
         
Code:
ATTFilter
Farbar Service Scanner Version: 17-01-2015
Ran by bfzadm (administrator) on 02-02-2015 at 19:38:29
Running from "C:\Users\bfzn\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
         

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by bfzadm (administrator) on SEVENUP on 02-02-2015 19:40:30
Running from C:\Users\bfzn\Desktop
Loaded Profiles: bfzadm & bfzn (Available profiles: bfzadm & bfzn & DoKo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
(ArcSoft, Inc.) C:\Windows\system\uArcCapture.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_296_ActiveX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Farbar) C:\Users\bfzn\Desktop\FSS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-06-19] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [563736 2009-10-23] (PDF Complete Inc)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-18] (ArcSoft Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3674576 2015-01-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-08-20] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1949080 2014-12-23] (APN)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S0].txt [7522 2015-01-31] ()
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\...\Run: [Epson Stylus SX525WD(Netzwerk)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2014-12-02] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\bfzadm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\134E09AA1.lnk
ShortcutTarget: 134E09AA1.lnk -> C:\PROGRA~3\1AA90E431.cpp (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52515;https=127.0.0.1:52515
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/de-de/?ocid=U218DHP&pc=U218
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11DEDE/WOL_WCP
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {AA5CC064-C92C-4050-82FD-3CA90F36F4FF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> {71883CF6-4AA3-44C6-A4AE-3678C8AFAA97} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^DE&gct=&itbv=12.23.0.15&apn_uid=DCAFEAF3-9DFA-4EE9-98FE-A94FD35FB539&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^DE&apn_dbr=ie_11.0.9600.17496&doi=2015-02-01&trgb=IE&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> {AF0C3425-2B00-44B5-A39D-C644774ADC84} URL = https://www.google.com/search?q={searchTerms}
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Search App by Ask -> {4F524A2D-5350-4500-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll (APN LLC.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Search App by Ask -> {4F524A2D-5350-4500-76A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Search App by Ask - {4F524A2D-5350-4500-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ-SPE\Passport.dll (APN LLC.)
Toolbar: HKU\S-1-5-21-2226251454-2989245828-1209764460-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-12-07]

Chrome: 
=======
CHR Profile: C:\Users\bfzadm\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [177560 2014-12-23] (APN LLC.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3440080 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-01-06] (AVG Technologies CZ, s.r.o.)
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2009-12-16] (McAfee, Inc.) [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462088 2009-11-25] (DigitalPersona, Inc.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-07-01] (Hewlett-Packard Company) [File not signed]
R2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-19] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112 2010-05-10] (Hewlett-Packard Company) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (McAfee, Inc.)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-23] (PDF Complete Inc)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-08-20] (Sony Corporation)
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (IDT, Inc.)
R2 uArcCapture; C:\windows\system\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32640 2009-12-04] (ArcSoft, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [129752 2015-01-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2009-12-16] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2009-12-16] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2009-12-16] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2009-12-16] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2009-12-16] (McAfee, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2010-10-13] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 19:40 - 2015-02-02 19:40 - 00025918 _____ () C:\Users\bfzn\Desktop\FRST.txt
2015-02-02 19:38 - 2015-02-02 19:38 - 00002748 _____ () C:\Users\bfzn\Desktop\FSS.txt
2015-02-02 19:37 - 2015-02-02 19:37 - 00415232 _____ (Farbar) C:\Users\bfzn\Desktop\FSS.exe
2015-02-02 19:24 - 2015-02-02 19:24 - 02131456 _____ (Farbar) C:\Users\bfzn\Desktop\FRST64.exe
2015-02-01 22:22 - 2015-02-01 22:22 - 00000000 ____D () C:\Users\bfzn\AppData\Local\AskPartnerNetwork
2015-02-01 22:22 - 2015-02-01 22:22 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2015-02-01 22:22 - 2015-02-01 22:22 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2015-02-01 22:21 - 2015-02-01 22:21 - 00000000 ____D () C:\ProgramData\APN
2015-02-01 22:19 - 2015-02-01 22:19 - 00000000 ____D () C:\ProgramData\Sun
2015-02-01 22:19 - 2015-02-01 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-01 22:19 - 2015-02-01 22:18 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-01 22:18 - 2015-02-01 22:20 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-01 22:18 - 2015-02-01 22:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-31 15:38 - 2015-01-31 15:38 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\ATI
2015-01-31 15:38 - 2015-01-31 15:38 - 00000000 ____D () C:\Users\DoKo\AppData\Local\ATI
2015-01-31 15:37 - 2015-01-31 15:37 - 00088016 _____ () C:\Users\DoKo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\Documents\Bluetooth-Exchange-Ordner
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Intel Corporation
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Epson
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\AVG2015
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Apple Computer
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Local\PDFC
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Broadcom
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Avg2015
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Adobe
2015-01-31 15:36 - 2015-01-31 15:36 - 00002251 _____ () C:\Users\DoKo\Desktop\Google Chrome.lnk
2015-01-31 15:36 - 2015-01-31 15:36 - 00001425 _____ () C:\Users\DoKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Vorlagen
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Startmenü
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Netzwerkumgebung
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Lokale Einstellungen
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Eigene Dateien
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Druckumgebung
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Documents\Eigene Musik
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Documents\Eigene Bilder
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\AppData\Local\Verlauf
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\AppData\Local\Anwendungsdaten
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Anwendungsdaten
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\DigitalPersona
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Adobe
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Local\VirtualStore
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Google
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Local\DigitalPersona
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo
2015-01-31 15:36 - 2015-01-12 19:07 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\TuneUp Software
2015-01-31 15:36 - 2014-12-11 01:36 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Microsoft Help
2015-01-31 15:36 - 2014-12-05 22:48 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Macromedia
2015-01-31 15:36 - 2009-07-27 15:09 - 00000020 ___SH () C:\Users\DoKo\ntuser.ini
2015-01-31 15:36 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\DoKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-31 15:36 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\DoKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-31 14:59 - 2015-01-31 14:59 - 02347384 _____ (ESET) C:\Users\bfzn\Downloads\esetsmartinstaller_deu.exe
2015-01-31 13:26 - 2015-01-31 13:27 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-31 13:25 - 2015-01-31 13:25 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-31 13:25 - 2015-01-31 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-31 13:25 - 2015-01-31 13:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-31 13:25 - 2015-01-31 13:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-31 13:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-31 13:25 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-31 13:25 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-31 13:06 - 2015-01-31 13:06 - 02194432 _____ () C:\Users\bfzn\Desktop\AdwCleaner_4.109.exe
2015-01-31 13:02 - 2015-01-31 13:10 - 00000000 ____D () C:\AdwCleaner
2015-01-31 12:55 - 2015-01-31 12:55 - 00000000 ____D () C:\Users\bfzn\Desktop\RevoUninstallerPortable
2015-01-30 20:46 - 2015-01-30 20:48 - 00035837 _____ () C:\Users\bfzadm\Downloads\Addition.txt
2015-01-30 20:44 - 2015-01-30 20:48 - 00049395 _____ () C:\Users\bfzadm\Downloads\FRST.txt
2015-01-30 20:43 - 2015-01-30 20:44 - 02130432 _____ (Farbar) C:\Users\bfzadm\Downloads\FRST64.exe
2015-01-28 23:02 - 2015-01-28 23:03 - 00020928 _____ () C:\Users\bfzn\Desktop\Result.txt
2015-01-28 22:32 - 2015-01-28 22:32 - 00000000 ____D () C:\Users\bfzadm\AppData\Local\CrashDumps
2015-01-28 22:22 - 2015-02-02 19:40 - 00000000 ____D () C:\FRST
2015-01-28 22:20 - 2015-01-28 22:20 - 00000474 _____ () C:\Users\bfzn\Desktop\defogger_disable.log
2015-01-28 22:20 - 2015-01-28 22:20 - 00000000 _____ () C:\Users\bfzadm\defogger_reenable
2015-01-28 21:21 - 2015-01-28 21:21 - 00000000 ___HD () C:\windows\msdownld.tmp
2015-01-28 21:20 - 2015-01-28 21:20 - 65495720 _____ (Microsoft Corporation) C:\Users\bfzadm\Downloads\EIE11_DE-DE_WOL_WIN764.EXE
2015-01-28 19:19 - 2015-01-28 19:19 - 00000000 ____D () C:\Users\bfzadm\AppData\Roaming\Apple Computer
2015-01-27 21:39 - 2015-01-27 21:39 - 00002607 _____ () C:\Users\Public\Desktop\HNK für Excel.lnk
2015-01-27 21:39 - 2015-01-27 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heiz- und Nebenkosten
2015-01-27 21:39 - 2015-01-27 21:39 - 00000000 ____D () C:\Program Files (x86)\KV Software
2015-01-27 21:19 - 2015-01-27 21:19 - 00000000 __SHD () C:\Users\bfzadm\AppData\Local\EmieUserList
2015-01-27 21:19 - 2015-01-27 21:19 - 00000000 __SHD () C:\Users\bfzadm\AppData\Local\EmieSiteList
2015-01-27 21:19 - 2015-01-27 21:19 - 00000000 __SHD () C:\Users\bfzadm\AppData\Local\EmieBrowserModeList
2015-01-27 21:17 - 2015-01-27 21:17 - 00000000 ____D () C:\Temp
2015-01-26 18:33 - 2015-01-26 18:33 - 480951400 _____ () C:\windows\MEMORY.DMP
2015-01-26 18:33 - 2015-01-26 18:33 - 00344552 _____ () C:\windows\Minidump\012615-38563-01.dmp
2015-01-26 18:33 - 2015-01-26 18:33 - 00000000 ____D () C:\windows\Minidump
2015-01-23 21:04 - 2015-01-23 21:18 - 00000000 ____D () C:\Program Files (x86)\No23 Recorder
2015-01-23 21:04 - 2015-01-23 21:04 - 00001061 _____ () C:\Users\Public\Desktop\No23 Recorder.lnk
2015-01-23 21:04 - 2015-01-23 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2015-01-23 21:04 - 2015-01-23 21:04 - 00000000 ____D () C:\ProgramData\Caphyon
2015-01-23 21:03 - 2015-01-23 21:03 - 04144094 _____ (No23) C:\Users\bfzn\Downloads\No23Recorder.exe
2015-01-22 00:03 - 2015-01-22 00:03 - 00000000 ____D () C:\Users\bfzn\AppData\Local\Apple
2015-01-19 21:12 - 2015-01-19 21:12 - 00101691 _____ () C:\Users\bfzn\Downloads\ComparePlugin.v1.5.6.2.bin.zip
2015-01-16 21:36 - 2015-01-16 21:36 - 00000000 ____D () C:\Users\bfzn\AppData\Local\ascendere_IT_Systeme
2015-01-16 20:50 - 2015-01-20 21:04 - 00000000 ____D () C:\Program Files (x86)\Isovar 2015
2015-01-16 20:50 - 2015-01-16 20:50 - 00001047 _____ () C:\Users\Public\Desktop\Isovar 2015.lnk
2015-01-16 20:50 - 2015-01-16 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Isovar 2015
2015-01-16 20:49 - 2015-01-16 20:49 - 07572386 _____ (ascendere IT-Systeme ) C:\Users\bfzn\Downloads\Isovar2015_Setup.exe
2015-01-16 20:44 - 2015-01-16 20:44 - 00000000 ____D () C:\Datensicherung_Beihilfe_V1_1
2015-01-16 20:36 - 2015-01-16 20:36 - 00000000 ____D () C:\Datensicherung_Beihilfe_V1_2
2015-01-16 20:25 - 2015-01-16 20:26 - 00000000 ____D () C:\ProgramData\HaNaSoftware
2015-01-16 20:18 - 2015-01-16 20:18 - 22386176 _____ (Microsoft Corporation) C:\Users\bfzn\Downloads\Install_Beihilfe_1.5.0.0.EXE
2015-01-13 23:25 - 2015-01-13 23:34 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\Mp3tag
2015-01-13 23:25 - 2015-01-13 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-01-13 23:25 - 2015-01-13 23:25 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2015-01-13 23:24 - 2015-01-13 23:24 - 02707360 _____ () C:\Users\bfzn\Downloads\mp3tagv266setup.exe
2015-01-13 21:42 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-13 21:42 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-13 21:42 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-13 21:42 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-13 21:42 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-13 21:42 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-13 21:42 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-13 21:42 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-13 21:42 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-13 21:42 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-13 21:42 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-13 21:42 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-13 21:42 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-13 11:16 - 2015-01-13 11:17 - 00000000 ____D () C:\Users\bfzn\Documents\Sony PMB
2015-01-12 19:07 - 2015-01-12 19:07 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2015-01-12 19:07 - 2015-01-12 19:07 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-01-11 18:38 - 2015-01-11 18:38 - 00002103 _____ () C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
2015-01-11 18:38 - 2015-01-11 18:38 - 00001319 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2015-01-11 18:38 - 2015-01-11 18:38 - 00001307 _____ () C:\Users\Public\Desktop\PlayMemories Home.lnk
2015-01-11 18:38 - 2015-01-11 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2015-01-11 18:34 - 2015-01-11 18:34 - 00000394 _____ () C:\windows\DirectX.log
2015-01-11 18:34 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2015-01-11 18:34 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2015-01-11 18:34 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll
2015-01-11 18:34 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_30.dll
2015-01-10 12:23 - 2015-01-10 12:23 - 00000000 ____D () C:\Users\bfzn\Documents\ArcSoft
2015-01-10 12:22 - 2015-01-10 12:23 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\ArcSoft
2015-01-09 05:35 - 2015-01-09 05:35 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-01-08 00:39 - 2015-01-08 00:43 - 00000000 ____D () C:\Program Files (x86)\SonyEditor
2015-01-08 00:39 - 2015-01-08 00:39 - 00001035 _____ () C:\Users\bfzn\Desktop\SonyEditor.lnk
2015-01-08 00:39 - 2015-01-08 00:39 - 00001035 _____ () C:\Users\bfzadm\Desktop\SonyEditor.lnk
2015-01-08 00:39 - 2015-01-08 00:39 - 00000000 ____D () C:\Users\bfzadm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SonyEditor
2015-01-08 00:39 - 2015-01-08 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SonyEditor
2015-01-05 19:02 - 2015-01-05 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung YH-925
2015-01-05 19:00 - 2015-01-05 19:01 - 00000000 ____D () C:\Users\bfzn\Downloads\neu
2015-01-05 18:55 - 2015-01-05 18:57 - 08808960 _____ () C:\Users\bfzn\Downloads\20051010100207250_YH-925_Utility_Program.exe
2015-01-05 18:53 - 2015-01-05 19:02 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-05 18:53 - 2015-01-05 18:53 - 00001133 _____ () C:\Users\bfzn\Desktop\Multimedia Studio.lnk
2015-01-05 18:53 - 2015-01-05 18:53 - 00001133 _____ () C:\Users\bfzadm\Desktop\Multimedia Studio.lnk
2015-01-05 18:53 - 2015-01-05 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-05 18:51 - 2015-01-05 18:53 - 13437996 _____ (Samsung ) C:\Users\bfzn\Downloads\20050617180246421_MMSSetup.exe
2015-01-05 18:49 - 2015-01-05 18:49 - 00009993 _____ () C:\Users\bfzn\Downloads\20041229084503828_YH-925_Driver.zip
2015-01-04 22:57 - 2015-01-04 22:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-04 22:56 - 2015-01-04 22:56 - 00000000 ____D () C:\windows\PCHEALTH
2015-01-04 22:53 - 2015-01-04 22:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-04 22:51 - 2015-01-04 22:51 - 00000000 __RHD () C:\MSOCache
2015-01-04 22:35 - 2015-01-04 22:48 - 1025493776 _____ (Microsoft Corporation) C:\Users\bfzn\Downloads\MicrosoftInstaller.exe
2015-01-04 21:21 - 2015-01-04 21:22 - 00000000 ____D () C:\Program Files (x86)\MeineBeihilfe2009
2015-01-04 21:21 - 2015-01-04 21:21 - 00001832 _____ () C:\Users\Public\Desktop\MeineBeihilfe 2009.lnk
2015-01-04 21:21 - 2015-01-04 21:21 - 00000000 ____D () C:\Users\Public\Documents\MeineBeihilfe2009
2015-01-04 21:21 - 2015-01-04 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MeineBeihilfe2009
2015-01-04 21:11 - 2015-01-04 23:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 19:40 - 2009-07-14 05:45 - 00022480 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-02 19:40 - 2009-07-14 05:45 - 00022480 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-02 19:36 - 2014-11-29 20:50 - 01312963 _____ () C:\windows\WindowsUpdate.log
2015-02-02 19:33 - 2014-11-29 22:00 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 19:33 - 2010-12-07 13:05 - 00000000 ____D () C:\ProgramData\HPQLOG
2015-02-02 19:32 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-02 19:32 - 2009-07-14 05:51 - 00108878 _____ () C:\windows\setupact.log
2015-02-02 19:25 - 2014-12-04 23:44 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 19:10 - 2014-11-29 22:00 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 19:09 - 2014-11-29 21:18 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-02 19:04 - 2014-11-29 21:43 - 00325964 _____ () C:\windows\PFRO.log
2015-02-01 21:21 - 2014-12-18 20:54 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\XnView
2015-01-31 15:00 - 2010-12-07 13:06 - 00699340 _____ () C:\windows\system32\perfh007.dat
2015-01-31 15:00 - 2010-12-07 13:06 - 00149448 _____ () C:\windows\system32\perfc007.dat
2015-01-31 15:00 - 2009-07-14 06:13 - 01619272 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-31 12:48 - 2014-12-09 00:47 - 00002251 _____ () C:\Users\bfzadm\Desktop\Google Chrome.lnk
2015-01-31 12:48 - 2014-11-29 21:12 - 00001425 _____ () C:\Users\bfzadm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-31 11:19 - 2010-12-07 13:05 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-28 22:34 - 2014-11-29 21:32 - 00000000 ____D () C:\Users\bfzn\AppData\Local\PDFC
2015-01-28 22:20 - 2014-11-29 20:52 - 00000000 ____D () C:\Users\bfzadm
2015-01-28 21:21 - 2014-12-04 05:16 - 00024932 _____ () C:\windows\IE11_main.log
2015-01-26 19:07 - 2014-12-30 21:59 - 00000000 ____D () C:\Users\bfzn\AppData\Local\Microsoft Help
2015-01-25 21:25 - 2014-12-04 23:44 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 21:25 - 2014-12-04 23:44 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 21:25 - 2014-12-04 23:44 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 14:19 - 2014-11-29 21:21 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-25 14:17 - 2014-11-29 21:21 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-25 14:17 - 2014-11-29 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-16 20:26 - 2014-11-30 01:15 - 00000000 ____D () C:\Users\bfzn\AppData\Local\CrashDumps
2015-01-11 18:38 - 2014-12-15 21:18 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\Sony Corporation
2015-01-11 18:34 - 2014-12-15 20:27 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-01-11 18:31 - 2014-12-15 20:27 - 00002358 _____ () C:\Users\Public\Desktop\Image Data Converter Ver. 4.lnk
2015-01-10 12:23 - 2014-11-29 21:04 - 00000000 ___HD () C:\ProgramData\ArcSoft
2015-01-08 00:37 - 2014-11-29 21:10 - 00088016 _____ () C:\Users\bfzadm\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-07 19:17 - 2014-12-10 21:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-05 19:02 - 2010-12-07 13:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-05 18:30 - 2014-11-29 21:32 - 00088016 _____ () C:\Users\bfzn\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-05 18:27 - 2009-07-14 05:45 - 00422224 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-04 22:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-04 22:53 - 2014-12-10 21:13 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-04 22:53 - 2009-07-27 15:26 - 00000000 ____D () C:\windows\ShellNew
2015-01-04 21:12 - 2014-11-29 23:00 - 00000400 _____ () C:\windows\ODBC.INI
2015-01-04 21:07 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system
2015-01-04 20:56 - 2009-07-14 03:34 - 00000438 _____ () C:\windows\win.ini
2015-01-04 20:23 - 2014-11-29 23:33 - 00000000 ____D () C:\_Daten

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 00:55

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2015
Ran by bfzadm at 2015-02-02 19:41:24
Running from C:\Users\bfzn\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 1.0.23.26 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.43.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 1.0.0.26 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{E534C3AC-6D49-4EAC-8993-C1F0FF545B67}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5646 - AVG Technologies)
AVG 2015 (Version: 15.0.4273 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5646 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
ccc-core-static (x32 Version: 2010.0805.358.5180 - ATI) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.75.0.2014 - Georgy Berdyshev)
Corel Home Office - CS Templates (x32 Version: 5.6 - 公司名称) Hidden
Corel Home Office - CT Templates (x32 Version: 5.6 - 您的公司名稱) Hidden
Corel Home Office - IPM (x32 Version: 5.6 - Corel Corporation) Hidden
Corel Home Office - JP Templates (x32 Version: 5.6 - 会社名) Hidden
Corel Home Office - KR Templates (x32 Version: 5.6 - 회사명) Hidden
Corel Home Office - Launcher (x32 Version: 5.6 - Corel Corporation) Hidden
Corel Home Office - Templates RU (x32 Version: 5.6 - Название организации) Hidden
Corel Home Office - Templates1 (x32 Version: 5.6 - Your Company Name) Hidden
Corel Home Office (HKLM-x32\...\_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}) (Version: 5.0.85.588 - Corel Corporation)
Corel Home Office (x32 Version: 5.6 - Corel Corporation) Hidden
CUEcards 2000 (HKLM-x32\...\CUEcards 2000) (Version:  - Marcus Humann Software-Technik)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 5.0.1.5 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (HKLM-x32\...\Drive Encryption) (Version: 5.0.4.0 - Hewlett-Packard)
Drive Encryption for HP ProtectTools (Version: 5.0.4.0 - Hewlett-Packard) Hidden
Elements 11 Organizer (x32 Version: 11.0 - Ihr Firmenname) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX525WD Series Handbuch (HKLM-x32\...\EPSON SX525WD Series Manual) (Version:  - )
EPSON SX525WD Series Netzwerk-Handbuch (HKLM-x32\...\EPSON SX525WD Series Network Guide) (Version:  - )
EPSON SX525WD Series Printer Uninstall (HKLM\...\EPSON SX525WD Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3a - SEIKO EPSON CORPORATION)
Face Recognition for HP ProtectTools (HKLM\...\{E793990C-90BE-4B69-AC29-BF5E8FD4ED54}) (Version: 2.02.4007 - Hewlett-Packard)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 5.0.1.2 - Hewlett-Packard)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Heizkosten (HKLM-x32\...\{373F123D-878C-4B89-B2D4-218C29273B98}) (Version: 6.5.0 - KV Software)
HP 3D DriveGuard (HKLM\...\{67C090D6-109A-47D7-8DED-4160C4D96F32}) (Version: 4.0.4.1 - Hewlett-Packard)
HP Documentation (HKLM-x32\...\{D21160A2-8B5F-409C-99C8-03582F5324B7}) (Version: 1.7.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{D9989A13-B173-4048-B8A5-93C204DCB1B3}) (Version: 1.1.6.1 - Hewlett-Packard Company)
HP HotKey Support (HKLM\...\{4BBA5224-C5B1-4B8C-AAA4-68DA6654B9C1}) (Version: 3.5.15.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{32C278B2-BC1F-4018-8FB4-2012A40D9FC1}) (Version: 1.0.9.0 - Hewlett-Packard Company)
HP Power Data (HKLM\...\{F2177395-FD90-44B0-AFB8-2E0566855E5C}) (Version: 1.0.31.182 - Hewlett-Packard)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 5.03.637 - Hewlett-Packard)
HP QuickLook (HKLM\...\{E6BEE2A9-04CF-42FF-B95B-BB70FAD2DC3E}) (Version: 3.3.1.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{7861911B-4270-498A-8F7A-FCF0570F487D}) (Version: 1.0.1.63 - DeviceVM, Inc.)
HP Setup (HKLM-x32\...\{E7C34ED4-BBB6-4C57-9FBD-B29CA5878051}) (Version: 8.5.4371.3505 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{2DA697D7-FED3-4DE2-A174-92A2A12F9688}) (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}) (Version: 4.0.39.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{04801E42-B1A6-4C52-9F3D-CADB5A050433}) (Version: 7.0.1.9 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}) (Version: 5.0.14.2 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50016.0 - Sonix)
HP Wireless Assistant (HKLM\...\{EC720706-3F19-4B7F-BDDD-E31D9B3921D2}) (Version: 4.0.6.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6275.0 - IDT)
Image Data Converter (HKLM-x32\...\{87998E4E-6D9C-411B-AAE9-B8523FFE357D}) (Version: 4.2.00.07270 - Sony Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Isovar 2015 Version 1.3.7.0 (HKLM-x32\...\{79E7FC4B-F866-48A0-85AA-0A44DFB3E208}_is1) (Version: 1.3.7.0 - ascendere IT-Systeme)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MeineBeihilfe2009 (HKLM-x32\...\{AE926A81-E487-4D5D-9031-1EDB3242F943}) (Version: 10.54.0.0 - ComputerService)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Access Runtime (German) 2007 (HKLM-x32\...\{90120000-001C-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mp3tag v2.66 (HKLM-x32\...\Mp3tag) (Version: v2.66 - Florian Heidenreich)
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
No23 Recorder (x32 Version: 2.1.0.3 - No23) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.20.0 - Symantec)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.112 - PDF Complete, Inc)
PlayMemories Home (HKLM-x32\...\{8EB84CEC-6819-4E51-9E32-C756835637B0}) (Version: 6.3.03.08201 - Sony Corporation)
Pre-Boot Security for HP ProtectTools (Version: 5.0.7.1 - Hewlett-Packard) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{04255D34-6C6D-4F63-A218-EE8FD2D13AF0}) (Version: 5.10.796 - Hewlett-Packard)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30109 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.2.43 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 3.2.43 - Saal Digital Fotoservice GmbH) Hidden
Samsung Multimedia Studio 1.0 (HKLM-x32\...\Samsung Multimedia Studio_is1) (Version:  - Samsung)
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1700}) (Version: 12.23.0.15 - APN, LLC) <==== ATTENTION
SecurityUtility (HKLM-x32\...\SecurityUtility) (Version: 1.0.0.1919 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SonyEditor (remove only) (HKLM-x32\...\SonyEditor) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Theft Recovery (HKLM-x32\...\InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}) (Version: 5.1.0.18 - Hewlett-Packard)
Theft Recovery (x32 Version: 5.1.0.18 - Hewlett-Packard) Hidden
Validity Fingerprint Driver (HKLM\...\{516DA517-73A0-40F8-8CD9-E5ED4EC383E5}) (Version: 4.0.10.0 - Validity Sensors, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WDR RadioRecorder (HKLM-x32\...\Tobit Radio.fx Server 1) (Version:  - Tobit.Software)
Windows 7 Default Setting (HKLM-x32\...\{5BF8E079-D6E2-4323-B794-75152371122A}) (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
XnView 2.25 (HKLM-x32\...\XnView_is1) (Version: 2.25 - Gougelet Pierre-e)
YH-925 Driver & Utilities (HKLM-x32\...\{5C0BFEB4-4A1B-439C-91AC-9AED106DA213}) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

14-01-2015 17:47:58 Windows Update
16-01-2015 20:20:40 Beihilfe wird installiert
16-01-2015 23:43:56 Beihilfe wird entfernt
23-01-2015 21:04:10 No23 Recorder wird installiert
25-01-2015 14:15:40 Installed AVG 2015
27-01-2015 21:38:27 Heizkosten wird installiert
31-01-2015 12:57:57 Revo Uninstaller's restore point - Vosteran

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02F6F5CC-CAC2-4BE6-88EC-62F7099CE190} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-29] (Google Inc.)
Task: {417AB1ED-8EBA-42AF-845C-2C9132BDEABF} - System32\Tasks\AdobeAAMUpdater-1.0-SEVENUP-bfzn => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {4753D026-8E22-4FD3-B113-1F6B025E4117} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-07-01] (Hewlett-Packard Company)
Task: {4D226E32-9183-470E-8397-4012691F9E0B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B0B2142C-01B3-40B5-847F-103794439AD1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-29] (Google Inc.)
Task: {CB66F620-6DAE-4565-98C2-1420E5883D67} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-07-01] (Hewlett-Packard Company)
Task: {D12B18D2-4469-41B0-892E-287E678A2AAE} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D25C78D7-9D75-402B-9EEA-8F4002FF99DC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-02-11 22:50 - 2010-02-11 22:50 - 00746256 _____ () C:\windows\system32\SUPSDK.dll
2009-11-23 18:24 - 2009-11-23 18:24 - 01412608 ____R () C:\windows\system32\LIBEAY32.dll
2009-10-29 02:57 - 2009-10-29 02:57 - 00100864 _____ () c:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2014-12-06 00:56 - 2011-11-18 14:51 - 03673944 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2010-06-19 01:25 - 2010-06-19 01:25 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll
2010-06-19 01:25 - 2010-06-19 01:25 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll
2010-06-19 01:25 - 2010-06-19 01:25 - 00055864 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll
2010-06-08 23:55 - 2010-06-08 23:55 - 00173856 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-06-22 02:54 - 2010-06-22 02:54 - 00098304 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-08-05 12:57 - 2010-08-05 12:57 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-04-05 20:11 - 2010-04-05 20:11 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-04-05 20:12 - 2010-04-05 20:12 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 20:40 - 2009-06-17 20:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2014-12-04 18:48 - 2014-12-04 18:48 - 00170496 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2010-12-07 13:00 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2226251454-2989245828-1209764460-500 - Administrator - Disabled)
bfzadm (S-1-5-21-2226251454-2989245828-1209764460-1001 - Administrator - Enabled) => C:\Users\bfzadm
bfzn (S-1-5-21-2226251454-2989245828-1209764460-1004 - Limited - Enabled) => C:\Users\bfzn
DoKo (S-1-5-21-2226251454-2989245828-1209764460-1006 - Limited - Enabled) => C:\Users\DoKo
Gast (S-1-5-21-2226251454-2989245828-1209764460-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2226251454-2989245828-1209764460-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/02/2015 05:44:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/02/2015 01:51:31 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "1, 2, 0, 17" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/01/2015 10:55:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/01/2015 10:55:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/01/2015 06:40:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm lightroom.exe, Version 5.7.0.10 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 32dc

Startzeit: 01d03e46074a7ae2

Endzeit: 46

Anwendungspfad: C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\lightroom.exe

Berichts-ID: 5a57a86a-aa39-11e4-9155-e02a829ab71c

Error: (02/01/2015 00:26:54 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "1, 2, 0, 17" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (01/31/2015 02:59:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/31/2015 02:59:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/31/2015 02:59:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/31/2015 02:59:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/02/2015 07:31:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (02/02/2015 07:31:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (02/02/2015 07:31:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\windows\System32\bcmihvsrv64.dll

Error: (02/02/2015 07:27:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (02/02/2015 07:26:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/02/2015 07:26:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/02/2015 07:26:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ArcCapture" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/02/2015 07:26:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP ProtectTools Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 4000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/02/2015 07:26:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Biometric Authentication Service (Biometrischer Authentifizierungsservice)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (02/02/2015 07:26:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Wireless Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (02/02/2015 05:44:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (02/02/2015 01:51:31 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversion1, 2, 0, 17c:\Program Files (x86)\Arcsoft\TotalMedia Suite\TotalMedia Studio MV\CaptureModule.exe.Manifestc:\Program Files (x86)\Arcsoft\TotalMedia Suite\TotalMedia Studio MV\CaptureModule.exe.Manifest3

Error: (02/01/2015 10:55:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bfzn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RRM2JF02\esetsmartinstaller_deu.exe

Error: (02/01/2015 10:55:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bfzn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RRM2JF02\esetsmartinstaller_deu.exe

Error: (02/01/2015 06:40:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: lightroom.exe5.7.0.1032dc01d03e46074a7ae246C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\lightroom.exe5a57a86a-aa39-11e4-9155-e02a829ab71c

Error: (02/01/2015 00:26:54 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversion1, 2, 0, 17c:\Program Files (x86)\Arcsoft\TotalMedia Suite\TotalMedia Studio MV\CaptureModule.exe.Manifestc:\Program Files (x86)\Arcsoft\TotalMedia Suite\TotalMedia Studio MV\CaptureModule.exe.Manifest3

Error: (01/31/2015 02:59:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bfzn\Downloads\esetsmartinstaller_deu.exe

Error: (01/31/2015 02:59:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bfzn\Downloads\esetsmartinstaller_deu.exe

Error: (01/31/2015 02:59:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bfzn\Downloads\esetsmartinstaller_deu.exe

Error: (01/31/2015 02:59:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bfzn\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 480 @ 2.67GHz
Percentage of memory in use: 51%
Total physical RAM: 3951.43 MB
Available physical RAM: 1908.11 MB
Total Pagefile: 7901.04 MB
Available Pagefile: 4739.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:448.47 GB) (Free:188.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.48 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EC9CDE1C)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)

==================== End Of Log ============================
         
__________________


Alt 02.02.2015, 20:46   #18
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Meldung in Win7: Der Proxyserver reagiert nicht - Standard

Meldung in Win7: Der Proxyserver reagiert nicht



Da haste Dir schon wieder Adware eingefangen...

Bitte deinstallieren: Search App by Ask


Schritt 1
  • Schließe alle offenen Programme und Browser.
  • Starte bitte Adwarecleaner.
  • Akzeptiere die Nutzungsbedingungen.
  • Klicke auf Suchen und warte, bis der Suchlauf abgeschlossen ist.
  • Klicke nun auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
    Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Sx].txt. (x = fortlaufende Nummer).

Schritt 2



Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.
__________________
__________________

Alt 02.02.2015, 21:24   #19
BerndFranzen
 
Meldung in Win7: Der Proxyserver reagiert nicht - Standard

Meldung in Win7: Der Proxyserver reagiert nicht



Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 02/02/2015 um 21:01:36
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-02-02.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : bfzadm - SEVENUP
# Gestartet von : C:\Users\bfzn\Desktop\AdwCleaner_4.109.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\ProgramData\apn

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Google Chrome v40.0.2214.93


*************************

AdwCleaner[R0].txt - [9360 octets] - [31/01/2015 13:07:09]
AdwCleaner[R1].txt - [733 octets] - [02/02/2015 21:01:36]
AdwCleaner[S0].txt - [7522 octets] - [31/01/2015 13:10:35]

########## EOF - \AdwCleaner\AdwCleaner[R1].txt - [852 octets] ##########
         
Code:
ATTFilter
# AdwCleaner v4.109 - Bericht erstellt am 02/02/2015 um 21:03:44
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-02-02.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : bfzadm - SEVENUP
# Gestartet von : C:\Users\bfzn\Desktop\AdwCleaner_4.109.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Google Chrome v40.0.2214.93


*************************

AdwCleaner[R0].txt - [9360 octets] - [31/01/2015 13:07:09]
AdwCleaner[R1].txt - [929 octets] - [02/02/2015 21:01:36]
AdwCleaner[S0].txt - [7522 octets] - [31/01/2015 13:10:35]
AdwCleaner[S1].txt - [853 octets] - [02/02/2015 21:03:44]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [912 octets] ##########
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by bfzadm (administrator) on SEVENUP on 02-02-2015 21:22:36
Running from C:\Users\bfzn\Desktop
Loaded Profiles: bfzadm & bfzn (Available profiles: bfzadm & bfzn & DoKo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Development Company, L.P) C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(ArcSoft, Inc.) C:\Windows\system\uArcCapture.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_16_0_0_296_ActiveX.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [1691192 2010-06-19] (Hewlett-Packard Company)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-03-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [563736 2009-10-23] (PDF Complete Inc)
HKLM-x32\...\Run: [File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [11265536 2009-12-12] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-08-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [518656 2009-11-18] (ArcSoft Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [600936 2009-06-29] (Symantec Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3674576 2015-01-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-08-20] (Sony Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S1].txt [989 2015-02-02] ()
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\...\Run: [Epson Stylus SX525WD(Netzwerk)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2014-12-02] (Microsoft Corporation)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\bfzadm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\134E09AA1.lnk
ShortcutTarget: 134E09AA1.lnk -> C:\PROGRA~3\1AA90E431.cpp (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52515;https=127.0.0.1:52515
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/de-de/?ocid=U218DHP&pc=U218
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11DEDE/WOL_WCP
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/10
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {AA5CC064-C92C-4050-82FD-3CA90F36F4FF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> {71883CF6-4AA3-44C6-A4AE-3678C8AFAA97} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^DE&gct=&itbv=12.23.0.15&apn_uid=DCAFEAF3-9DFA-4EE9-98FE-A94FD35FB539&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^DE&apn_dbr=ie_11.0.9600.17496&doi=2015-02-01&trgb=IE&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> {AF0C3425-2B00-44B5-A39D-C644774ADC84} URL = https://www.google.com/search?q={searchTerms}
BHO: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: HP ProtectTools Security Manager Extension -> {395610AE-C624-4f58-B89E-23733EA00F9A} -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2226251454-2989245828-1209764460-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2010-12-07]

Chrome: 
=======
CHR Profile: C:\Users\bfzadm\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AESTFilters; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3440080 2015-01-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-01-06] (AVG Technologies CZ, s.r.o.)
R3 DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512 2009-12-16] (McAfee, Inc.) [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [462088 2009-11-25] (DigitalPersona, Inc.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [362040 2009-11-17] (Hewlett-Packard Ltd)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-07-01] (Hewlett-Packard Company) [File not signed]
R2 HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864 2009-11-19] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112 2010-05-10] (Hewlett-Packard Company) [File not signed]
R2 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192 2009-12-16] (McAfee, Inc.)
R2 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984 2009-12-12] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [264248 2010-03-01] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-23] (PDF Complete Inc)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-08-20] (Sony Corporation)
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 STacSV; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe [244736 2010-03-17] (IDT, Inc.)
R2 uArcCapture; C:\windows\system\uArcCapture.exe [506472 2009-12-04] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32640 2009-12-04] (ArcSoft, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [40760 2009-10-21] (Hewlett-Packard Development Company L.P.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [129752 2015-01-31] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R1 RsvLock; C:\Windows\System32\Drivers\RsvLock.sys [58184 2009-12-16] (McAfee, Inc.)
R1 RsvLock; C:\Windows\SysWow64\Drivers\RsvLock.sys [40088 2009-12-16] (McAfee, Inc.)
R0 SafeBoot; C:\Windows\System32\Drivers\SafeBoot.sys [56648 2009-12-16] ()
R0 SafeBoot; C:\Windows\SysWow64\Drivers\SafeBoot.sys [110520 2009-12-16] (McAfee, Inc.)
R0 SbAlg; C:\Windows\System32\Drivers\SbAlg.sys [60160 2009-06-04] (McAfee, Inc.)
R0 SbAlg; C:\Windows\SysWow64\Drivers\SbAlg.sys [51800 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\System32\Drivers\SbFsLock.sys [15688 2009-12-16] (McAfee, Inc.)
R0 SbFsLock; C:\Windows\SysWow64\Drivers\SbFsLock.sys [13256 2009-12-16] (McAfee, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2010-10-13] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 19:41 - 2015-02-02 19:42 - 00038500 _____ () C:\Users\bfzn\Desktop\Addition.txt
2015-02-02 19:40 - 2015-02-02 21:22 - 00025018 _____ () C:\Users\bfzn\Desktop\FRST.txt
2015-02-02 19:38 - 2015-02-02 19:38 - 00002748 _____ () C:\Users\bfzn\Desktop\FSS.txt
2015-02-02 19:37 - 2015-02-02 19:37 - 00415232 _____ (Farbar) C:\Users\bfzn\Desktop\FSS.exe
2015-02-02 19:24 - 2015-02-02 19:24 - 02131456 _____ (Farbar) C:\Users\bfzn\Desktop\FRST64.exe
2015-02-01 22:19 - 2015-02-01 22:19 - 00000000 ____D () C:\ProgramData\Sun
2015-02-01 22:19 - 2015-02-01 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-01 22:19 - 2015-02-01 22:18 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-01 22:18 - 2015-02-01 22:20 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-01 22:18 - 2015-02-01 22:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-31 15:38 - 2015-01-31 15:38 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\ATI
2015-01-31 15:38 - 2015-01-31 15:38 - 00000000 ____D () C:\Users\DoKo\AppData\Local\ATI
2015-01-31 15:37 - 2015-01-31 15:37 - 00088016 _____ () C:\Users\DoKo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\Documents\Bluetooth-Exchange-Ordner
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Intel Corporation
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Epson
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\AVG2015
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Apple Computer
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Local\PDFC
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Broadcom
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Avg2015
2015-01-31 15:37 - 2015-01-31 15:37 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Adobe
2015-01-31 15:36 - 2015-01-31 15:36 - 00002251 _____ () C:\Users\DoKo\Desktop\Google Chrome.lnk
2015-01-31 15:36 - 2015-01-31 15:36 - 00001425 _____ () C:\Users\DoKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Vorlagen
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Startmenü
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Netzwerkumgebung
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Lokale Einstellungen
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Eigene Dateien
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Druckumgebung
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Documents\Eigene Musik
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Documents\Eigene Bilder
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\AppData\Local\Verlauf
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\AppData\Local\Anwendungsdaten
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 _SHDL () C:\Users\DoKo\Anwendungsdaten
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\DigitalPersona
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Adobe
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Local\VirtualStore
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Google
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo\AppData\Local\DigitalPersona
2015-01-31 15:36 - 2015-01-31 15:36 - 00000000 ____D () C:\Users\DoKo
2015-01-31 15:36 - 2015-01-12 19:07 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\TuneUp Software
2015-01-31 15:36 - 2014-12-11 01:36 - 00000000 ____D () C:\Users\DoKo\AppData\Local\Microsoft Help
2015-01-31 15:36 - 2014-12-05 22:48 - 00000000 ____D () C:\Users\DoKo\AppData\Roaming\Macromedia
2015-01-31 15:36 - 2009-07-27 15:09 - 00000020 ___SH () C:\Users\DoKo\ntuser.ini
2015-01-31 15:36 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\DoKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-31 15:36 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\DoKo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-31 14:59 - 2015-01-31 14:59 - 02347384 _____ (ESET) C:\Users\bfzn\Downloads\esetsmartinstaller_deu.exe
2015-01-31 13:26 - 2015-01-31 13:27 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-31 13:25 - 2015-01-31 13:25 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-31 13:25 - 2015-01-31 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-31 13:25 - 2015-01-31 13:25 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-31 13:25 - 2015-01-31 13:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-31 13:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-01-31 13:25 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-01-31 13:25 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-01-31 13:06 - 2015-01-31 13:06 - 02194432 _____ () C:\Users\bfzn\Desktop\AdwCleaner_4.109.exe
2015-01-31 13:02 - 2015-02-02 21:03 - 00000000 ____D () C:\AdwCleaner
2015-01-31 12:55 - 2015-01-31 12:55 - 00000000 ____D () C:\Users\bfzn\Desktop\RevoUninstallerPortable
2015-01-30 20:46 - 2015-01-30 20:48 - 00035837 _____ () C:\Users\bfzadm\Downloads\Addition.txt
2015-01-30 20:44 - 2015-01-30 20:48 - 00049395 _____ () C:\Users\bfzadm\Downloads\FRST.txt
2015-01-30 20:43 - 2015-01-30 20:44 - 02130432 _____ (Farbar) C:\Users\bfzadm\Downloads\FRST64.exe
2015-01-28 23:02 - 2015-01-28 23:03 - 00020928 _____ () C:\Users\bfzn\Desktop\Result.txt
2015-01-28 22:32 - 2015-01-28 22:32 - 00000000 ____D () C:\Users\bfzadm\AppData\Local\CrashDumps
2015-01-28 22:22 - 2015-02-02 21:22 - 00000000 ____D () C:\FRST
2015-01-28 22:20 - 2015-01-28 22:20 - 00000474 _____ () C:\Users\bfzn\Desktop\defogger_disable.log
2015-01-28 22:20 - 2015-01-28 22:20 - 00000000 _____ () C:\Users\bfzadm\defogger_reenable
2015-01-28 21:21 - 2015-01-28 21:21 - 00000000 ___HD () C:\windows\msdownld.tmp
2015-01-28 21:20 - 2015-01-28 21:20 - 65495720 _____ (Microsoft Corporation) C:\Users\bfzadm\Downloads\EIE11_DE-DE_WOL_WIN764.EXE
2015-01-28 19:19 - 2015-01-28 19:19 - 00000000 ____D () C:\Users\bfzadm\AppData\Roaming\Apple Computer
2015-01-27 21:39 - 2015-01-27 21:39 - 00002607 _____ () C:\Users\Public\Desktop\HNK für Excel.lnk
2015-01-27 21:39 - 2015-01-27 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heiz- und Nebenkosten
2015-01-27 21:39 - 2015-01-27 21:39 - 00000000 ____D () C:\Program Files (x86)\KV Software
2015-01-27 21:19 - 2015-01-27 21:19 - 00000000 __SHD () C:\Users\bfzadm\AppData\Local\EmieUserList
2015-01-27 21:19 - 2015-01-27 21:19 - 00000000 __SHD () C:\Users\bfzadm\AppData\Local\EmieSiteList
2015-01-27 21:19 - 2015-01-27 21:19 - 00000000 __SHD () C:\Users\bfzadm\AppData\Local\EmieBrowserModeList
2015-01-27 21:17 - 2015-01-27 21:17 - 00000000 ____D () C:\Temp
2015-01-26 18:33 - 2015-01-26 18:33 - 480951400 _____ () C:\windows\MEMORY.DMP
2015-01-26 18:33 - 2015-01-26 18:33 - 00344552 _____ () C:\windows\Minidump\012615-38563-01.dmp
2015-01-26 18:33 - 2015-01-26 18:33 - 00000000 ____D () C:\windows\Minidump
2015-01-23 21:04 - 2015-01-23 21:18 - 00000000 ____D () C:\Program Files (x86)\No23 Recorder
2015-01-23 21:04 - 2015-01-23 21:04 - 00001061 _____ () C:\Users\Public\Desktop\No23 Recorder.lnk
2015-01-23 21:04 - 2015-01-23 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\No23 Recorder
2015-01-23 21:04 - 2015-01-23 21:04 - 00000000 ____D () C:\ProgramData\Caphyon
2015-01-23 21:03 - 2015-01-23 21:03 - 04144094 _____ (No23) C:\Users\bfzn\Downloads\No23Recorder.exe
2015-01-22 00:03 - 2015-01-22 00:03 - 00000000 ____D () C:\Users\bfzn\AppData\Local\Apple
2015-01-19 21:12 - 2015-01-19 21:12 - 00101691 _____ () C:\Users\bfzn\Downloads\ComparePlugin.v1.5.6.2.bin.zip
2015-01-16 21:36 - 2015-01-16 21:36 - 00000000 ____D () C:\Users\bfzn\AppData\Local\ascendere_IT_Systeme
2015-01-16 20:50 - 2015-01-20 21:04 - 00000000 ____D () C:\Program Files (x86)\Isovar 2015
2015-01-16 20:50 - 2015-01-16 20:50 - 00001047 _____ () C:\Users\Public\Desktop\Isovar 2015.lnk
2015-01-16 20:50 - 2015-01-16 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Isovar 2015
2015-01-16 20:49 - 2015-01-16 20:49 - 07572386 _____ (ascendere IT-Systeme ) C:\Users\bfzn\Downloads\Isovar2015_Setup.exe
2015-01-16 20:44 - 2015-01-16 20:44 - 00000000 ____D () C:\Datensicherung_Beihilfe_V1_1
2015-01-16 20:36 - 2015-01-16 20:36 - 00000000 ____D () C:\Datensicherung_Beihilfe_V1_2
2015-01-16 20:25 - 2015-01-16 20:26 - 00000000 ____D () C:\ProgramData\HaNaSoftware
2015-01-16 20:18 - 2015-01-16 20:18 - 22386176 _____ (Microsoft Corporation) C:\Users\bfzn\Downloads\Install_Beihilfe_1.5.0.0.EXE
2015-01-13 23:25 - 2015-01-13 23:34 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\Mp3tag
2015-01-13 23:25 - 2015-01-13 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-01-13 23:25 - 2015-01-13 23:25 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2015-01-13 23:24 - 2015-01-13 23:24 - 02707360 _____ () C:\Users\bfzn\Downloads\mp3tagv266setup.exe
2015-01-13 21:42 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2015-01-13 21:42 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2015-01-13 21:42 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-01-13 21:42 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-01-13 21:42 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-01-13 21:42 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-01-13 21:42 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-01-13 21:42 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-01-13 21:42 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-01-13 21:42 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-01-13 21:42 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
2015-01-13 21:42 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
2015-01-13 21:42 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
2015-01-13 11:16 - 2015-01-13 11:17 - 00000000 ____D () C:\Users\bfzn\Documents\Sony PMB
2015-01-12 19:07 - 2015-01-12 19:07 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2015-01-12 19:07 - 2015-01-12 19:07 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-01-11 18:38 - 2015-01-11 18:38 - 00002103 _____ () C:\Users\Public\Desktop\PlayMemories Home-Hilfe.lnk
2015-01-11 18:38 - 2015-01-11 18:38 - 00001319 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk
2015-01-11 18:38 - 2015-01-11 18:38 - 00001307 _____ () C:\Users\Public\Desktop\PlayMemories Home.lnk
2015-01-11 18:38 - 2015-01-11 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2015-01-11 18:34 - 2015-01-11 18:34 - 00000394 _____ () C:\windows\DirectX.log
2015-01-11 18:34 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_35.dll
2015-01-11 18:34 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_35.dll
2015-01-11 18:34 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\windows\system32\d3dx9_30.dll
2015-01-11 18:34 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3dx9_30.dll
2015-01-10 12:23 - 2015-01-10 12:23 - 00000000 ____D () C:\Users\bfzn\Documents\ArcSoft
2015-01-10 12:22 - 2015-01-10 12:23 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\ArcSoft
2015-01-09 05:35 - 2015-01-09 05:35 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2015-01-08 00:39 - 2015-01-08 00:43 - 00000000 ____D () C:\Program Files (x86)\SonyEditor
2015-01-08 00:39 - 2015-01-08 00:39 - 00001035 _____ () C:\Users\bfzn\Desktop\SonyEditor.lnk
2015-01-08 00:39 - 2015-01-08 00:39 - 00001035 _____ () C:\Users\bfzadm\Desktop\SonyEditor.lnk
2015-01-08 00:39 - 2015-01-08 00:39 - 00000000 ____D () C:\Users\bfzadm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SonyEditor
2015-01-08 00:39 - 2015-01-08 00:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SonyEditor
2015-01-05 19:02 - 2015-01-05 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung YH-925
2015-01-05 19:00 - 2015-01-05 19:01 - 00000000 ____D () C:\Users\bfzn\Downloads\neu
2015-01-05 18:55 - 2015-01-05 18:57 - 08808960 _____ () C:\Users\bfzn\Downloads\20051010100207250_YH-925_Utility_Program.exe
2015-01-05 18:53 - 2015-01-05 19:02 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-01-05 18:53 - 2015-01-05 18:53 - 00001133 _____ () C:\Users\bfzn\Desktop\Multimedia Studio.lnk
2015-01-05 18:53 - 2015-01-05 18:53 - 00001133 _____ () C:\Users\bfzadm\Desktop\Multimedia Studio.lnk
2015-01-05 18:53 - 2015-01-05 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-01-05 18:51 - 2015-01-05 18:53 - 13437996 _____ (Samsung ) C:\Users\bfzn\Downloads\20050617180246421_MMSSetup.exe
2015-01-05 18:49 - 2015-01-05 18:49 - 00009993 _____ () C:\Users\bfzn\Downloads\20041229084503828_YH-925_Driver.zip
2015-01-04 22:57 - 2015-01-04 22:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-01-04 22:56 - 2015-01-04 22:56 - 00000000 ____D () C:\windows\PCHEALTH
2015-01-04 22:53 - 2015-01-04 22:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-04 22:51 - 2015-01-04 22:51 - 00000000 __RHD () C:\MSOCache
2015-01-04 22:35 - 2015-01-04 22:48 - 1025493776 _____ (Microsoft Corporation) C:\Users\bfzn\Downloads\MicrosoftInstaller.exe
2015-01-04 21:21 - 2015-01-04 21:22 - 00000000 ____D () C:\Program Files (x86)\MeineBeihilfe2009
2015-01-04 21:21 - 2015-01-04 21:21 - 00001832 _____ () C:\Users\Public\Desktop\MeineBeihilfe 2009.lnk
2015-01-04 21:21 - 2015-01-04 21:21 - 00000000 ____D () C:\Users\Public\Documents\MeineBeihilfe2009
2015-01-04 21:21 - 2015-01-04 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MeineBeihilfe2009
2015-01-04 21:11 - 2015-01-04 23:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 21:13 - 2009-07-14 05:45 - 00022480 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-02 21:13 - 2009-07-14 05:45 - 00022480 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-02 21:10 - 2014-11-29 22:00 - 00001110 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 21:07 - 2014-11-29 22:00 - 00001106 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 21:07 - 2010-12-07 13:05 - 00000000 ____D () C:\ProgramData\HPQLOG
2015-02-02 21:05 - 2014-11-29 21:43 - 00326270 _____ () C:\windows\PFRO.log
2015-02-02 21:05 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-02-02 21:05 - 2009-07-14 05:51 - 00108934 _____ () C:\windows\setupact.log
2015-02-02 21:04 - 2014-11-29 20:50 - 01324929 _____ () C:\windows\WindowsUpdate.log
2015-02-02 20:25 - 2014-12-04 23:44 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-02 19:09 - 2014-11-29 21:18 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-01 21:21 - 2014-12-18 20:54 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\XnView
2015-01-31 15:00 - 2010-12-07 13:06 - 00699340 _____ () C:\windows\system32\perfh007.dat
2015-01-31 15:00 - 2010-12-07 13:06 - 00149448 _____ () C:\windows\system32\perfc007.dat
2015-01-31 15:00 - 2009-07-14 06:13 - 01619272 _____ () C:\windows\system32\PerfStringBackup.INI
2015-01-31 12:48 - 2014-12-09 00:47 - 00002251 _____ () C:\Users\bfzadm\Desktop\Google Chrome.lnk
2015-01-31 12:48 - 2014-11-29 21:12 - 00001425 _____ () C:\Users\bfzadm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-31 11:19 - 2010-12-07 13:05 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-28 22:34 - 2014-11-29 21:32 - 00000000 ____D () C:\Users\bfzn\AppData\Local\PDFC
2015-01-28 22:20 - 2014-11-29 20:52 - 00000000 ____D () C:\Users\bfzadm
2015-01-28 21:21 - 2014-12-04 05:16 - 00024932 _____ () C:\windows\IE11_main.log
2015-01-26 19:07 - 2014-12-30 21:59 - 00000000 ____D () C:\Users\bfzn\AppData\Local\Microsoft Help
2015-01-25 21:25 - 2014-12-04 23:44 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 21:25 - 2014-12-04 23:44 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 21:25 - 2014-12-04 23:44 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 14:19 - 2014-11-29 21:21 - 00000000 ____D () C:\ProgramData\AVG2015
2015-01-25 14:17 - 2014-11-29 21:21 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-01-25 14:17 - 2014-11-29 21:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-01-16 20:26 - 2014-11-30 01:15 - 00000000 ____D () C:\Users\bfzn\AppData\Local\CrashDumps
2015-01-11 18:38 - 2014-12-15 21:18 - 00000000 ____D () C:\Users\bfzn\AppData\Roaming\Sony Corporation
2015-01-11 18:34 - 2014-12-15 20:27 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-01-11 18:31 - 2014-12-15 20:27 - 00002358 _____ () C:\Users\Public\Desktop\Image Data Converter Ver. 4.lnk
2015-01-10 12:23 - 2014-11-29 21:04 - 00000000 ___HD () C:\ProgramData\ArcSoft
2015-01-08 00:37 - 2014-11-29 21:10 - 00088016 _____ () C:\Users\bfzadm\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-07 19:17 - 2014-12-10 21:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-05 19:02 - 2010-12-07 13:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-05 18:30 - 2014-11-29 21:32 - 00088016 _____ () C:\Users\bfzn\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-05 18:27 - 2009-07-14 05:45 - 00422224 _____ () C:\windows\system32\FNTCACHE.DAT
2015-01-04 22:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-04 22:53 - 2014-12-10 21:13 - 00000000 ____D () C:\Program Files\Microsoft Office
2015-01-04 22:53 - 2009-07-27 15:26 - 00000000 ____D () C:\windows\ShellNew
2015-01-04 21:12 - 2014-11-29 23:00 - 00000400 _____ () C:\windows\ODBC.INI
2015-01-04 21:07 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system
2015-01-04 20:56 - 2009-07-14 03:34 - 00000438 _____ () C:\windows\win.ini
2015-01-04 20:23 - 2014-11-29 23:33 - 00000000 ____D () C:\_Daten

Some content of TEMP:
====================
C:\Users\bfzadm\AppData\Local\Temp\Quarantine.exe
C:\Users\bfzadm\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-24 00:55

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 02.02.2015, 21:58   #20
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Meldung in Win7: Der Proxyserver reagiert nicht - Standard

Meldung in Win7: Der Proxyserver reagiert nicht



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> {71883CF6-4AA3-44C6-A4AE-3678C8AFAA97} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=
Toolbar: HKU\S-1-5-21-2226251454-2989245828-1209764460-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.




Falls Combofix verwendet wurde:
Combofix-Deinstallation.
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.






Alle Logs gepostet? Ja! Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.




>>clean<<
Wir haben es geschafft!
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Wie kann ich mich in Zukunft besser schützen?

Tipps, Dos & Don'ts

Updates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.



Firewall, Antivirus & Co.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. (Updatefunktion aktivieren!)
    Meine Empfehlungen:
    Kaspersky Antivirus
    Emsisoft Anti-Malware
    avast Free Antivirus
  • Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

    Optional:
  • NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.


Cracks, Downloads & Co.


Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.
Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
  • Auch virustotal.com ist Dein Freund! Lade dubiose oder unbekannte Dateien hoch, bevor Du diese startest oder installierst.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe daher mit Vorsicht und klicke mit Verstand.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von Dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo Deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst Du von einem Deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und Du solltest nicht denselben Fehler machen.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
  • Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.02.2015, 22:36   #21
BerndFranzen
 
Meldung in Win7: Der Proxyserver reagiert nicht - Standard

Meldung in Win7: Der Proxyserver reagiert nicht



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by bfzadm at 2015-02-02 22:35:23 Run:2
Running from C:\Users\bfzn\Desktop
Loaded Profiles: bfzadm & bfzn (Available profiles: bfzadm & bfzn & DoKo)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2226251454-2989245828-1209764460-1004 -> {71883CF6-4AA3-44C6-A4AE-3678C8AFAA97} URL = hxxp://www.search.ask.com/web?tpid=ORJ-SPE&o=
Toolbar: HKU\S-1-5-21-2226251454-2989245828-1209764460-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
         
*****************

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-2226251454-2989245828-1209764460-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{71883CF6-4AA3-44C6-A4AE-3678C8AFAA97}" => Key deleted successfully.
HKCR\CLSID\{71883CF6-4AA3-44C6-A4AE-3678C8AFAA97} => Key not found. 
HKU\S-1-5-21-2226251454-2989245828-1209764460-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. 

==== End of Fixlog 22:35:23 ====
         

Alt 02.02.2015, 22:40   #22
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Meldung in Win7: Der Proxyserver reagiert nicht - Standard

Meldung in Win7: Der Proxyserver reagiert nicht



OK...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.02.2015, 22:46   #23
BerndFranzen
 
Meldung in Win7: Der Proxyserver reagiert nicht - Standard

Meldung in Win7: Der Proxyserver reagiert nicht



Ich hab "Cleanup" und "Combofix" schon gelöscht, jedenfalls finde ich sie nicht mehr.
Soll ich zuerst wieder installieren und dann nochmal nach Anleitung deinstallieren oder kann das so bleiben?

Alt 02.02.2015, 22:51   #24
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Meldung in Win7: Der Proxyserver reagiert nicht - Standard

Meldung in Win7: Der Proxyserver reagiert nicht



Cleanup? Defogger und Combofix falls verwendet! Defogger wurde verwendet. Wie gesagt Re-enable klicken. Dann Delfix.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Meldung in Win7: Der Proxyserver reagiert nicht
andere, aufruf, aufrufe, erhalte, erscheine, erscheinen, genannt, laufe, laufen, lästige, meldung, proxyserver, reagiert, reagiert nicht, seite, seiten, tagen, tools, vermehrt, win, win7, windows7 proxyserver



Ähnliche Themen: Meldung in Win7: Der Proxyserver reagiert nicht


  1. Proxyserver ließ sich nicht abschalten / durch Malewarebyte behoben / System wieder Clean?
    Log-Analyse und Auswertung - 23.04.2015 (22)
  2. Win7-Laptop von ASUS reagiert stark verzögert und hängt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 14.04.2015 (11)
  3. Proxyserver reagiert nicht ...
    Plagegeister aller Art und deren Bekämpfung - 29.03.2015 (4)
  4. Win7 neu aufgesetzt - Windows reagiert verzögert, Browser laden Seiten extrem langsam, Downloads brechen ab oder dauern ewig
    Alles rund um Windows - 23.12.2014 (10)
  5. Win7 Rechner nach 5-10 festgefahren, kein Programm reagiert mehr
    Log-Analyse und Auswertung - 30.11.2014 (17)
  6. Win7 .dll meldung
    Plagegeister aller Art und deren Bekämpfung - 23.11.2014 (25)
  7. Win7_Rechner hängt/Internet langsam/ständig Meldung: Plug-in (Shockwave Flash / oder Flash Player) hängt oder reagiert nicht
    Plagegeister aller Art und deren Bekämpfung - 15.11.2014 (19)
  8. Win7 pro 64bit GUV virus mit Fedpol Meldung
    Log-Analyse und Auswertung - 03.11.2014 (1)
  9. WIN7: Internet reagiert kaum
    Plagegeister aller Art und deren Bekämpfung - 20.10.2014 (6)
  10. Packard Bell EasyNote Ts, Win7:Touchpad reagiert nicht mehr und MP3, den erkannt, aber nicht eingelesen
    Plagegeister aller Art und deren Bekämpfung - 07.09.2014 (18)
  11. proxyserver reagiert nicht nach trojaner-befall
    Log-Analyse und Auswertung - 07.06.2014 (5)
  12. Win7 64Bit; IE 11 reagiert nicht
    Log-Analyse und Auswertung - 24.03.2014 (3)
  13. System (Win7) reagiert stetig langsamer & fehlerhafter
    Log-Analyse und Auswertung - 07.03.2014 (19)
  14. Taskmanager öffnet nicht, Browser reagiert nicht, XP kann nicht herunter gefahren werden.
    Plagegeister aller Art und deren Bekämpfung - 18.02.2014 (3)
  15. Win7 - Avira Meldung im Bericht - Die Datei existiert nicht! AVARKT.DLL
    Log-Analyse und Auswertung - 08.12.2013 (13)
  16. Beim Runterfahren Meldung: "Programm reagiert nicht m" ein Virus?
    Log-Analyse und Auswertung - 02.06.2012 (7)
  17. Win7 herunterfahren Button reagiert nicht, strg+alt+entf geht nicht mehr & cmd.exe geht nicht auf
    Plagegeister aller Art und deren Bekämpfung - 15.12.2011 (25)

Zum Thema Meldung in Win7: Der Proxyserver reagiert nicht - Das ESET-Log sieht OK aus weil alles in den Temps oder in der Quarantäne steckt. Schritt 1 Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster. - Meldung in Win7: Der Proxyserver reagiert nicht...
Archiv
Du betrachtest: Meldung in Win7: Der Proxyserver reagiert nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.