Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.02.2015, 13:06   #1
phinka
 
Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL - Standard

Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL



Hallo,
hier wurde mir und meinem Rechner schon einmal so wunderbar geholfen, dass ich das jetzt wieder hoffe.

Wenn ich kurze Zeit mit google chrome im Internet bin, rein über WLAN, dann kommt ein blauer Bildschirm, der mir sagt, das " a problem has been detected and windows has been shut down to prevent damage to your computer"
Dann kommt der o.g. Code und Empfehlungen. Ist jetzt zweimal passiert.
Ich habe gestern mit Malwarebytes einige Dinge entfernt, u.a. einen Trojaner und heute trat dieser Fehler mehrfach auf. Jetzt bin ich mir unsicher, ob es sich wirklich um ein Hardwareproblem handelt?
Das Einzige, was mir sonst an ungewöhnlichem aufgefallen ist, war, dass ich heute in einem anderen wlan als sonst bin und das wlan Zeichen nicht mehr in der Leiste unten rechts angezeigt wurde sondern das Zeichen für LAN und das durchgestrichen war. Ich benutze so gut wie nie LAN.
Wenn das bei meinem Rechner passiert, fliegen alle anderen aus dem WLAN und es dauert einige Sekunden bis sich das wieder aufbaut.
Kann mir jemand weiterhelfen?
Vielen Dank!!
phinka

Alt 06.02.2015, 13:14   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL - Standard

Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 06.02.2015, 15:45   #3
phinka
 
Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL - Standard

Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL



Mist, ich komme gar nicht erst soweit mit dem Rechner. Internet Explorer sagt immer "Programm schließen" und bei google chrome kann ich auf diese Seite gehen und 10 sec später kommt der blaue Bildschirm...

Kann ich das irgendwie im abgesicherten Modus oder so machen? Oder mir einen USb Stick kaufen und das, was Du schreibst, erst mit einem anderen Rechner runterladen?

Hallo,
bevor ich das jetzt mache, eine Ergänzung: ich bin ja hier in ein mir fremdes WLAN eingeloggt, das über einen mobilen WLAN Router funktioniert. Alle anderen Geräte (Laptops und Handys meiner Familie) haben damit kein Problem. Jetzt hab ich mit meinem Handy einen WLAN Hotspot gemacht, den ich schon öfter genutzt habe und siehe da, derRechner stürzt nicht mehr ab. Scheint also ein Kommunikationsproblem mit diesem anderen WLAn zu sein?
Was meinst Du, soll ich abwarten, ob das dann zuhause auch nochmal auftritt oder lieber jetzt schon irgendwas machen?
Vielen Dank für Deine Hilfe!
__________________

Alt 07.02.2015, 10:30   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL - Standard

Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL



Poste auf jeden Fall die FRST Logs. Zur NOt von einem andern Rechner laden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.02.2015, 16:41   #5
phinka
 
Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL - Standard

Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL



FRST:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015
Ran by Eltern (ATTENTION: The logged in user is not administrator) on ELTERN-LAPTOP on 09-02-2015 16:34:56
Running from C:\Users\Eltern\Downloads
Loaded Profiles: Eltern & admin (Available profiles: Eltern & admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> svchost.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> NvXDSync.exe
Failed to access process -> nvvsvc.exe
Failed to access process -> AvastSvc.exe
Failed to access process -> wlanext.exe
Failed to access process -> conhost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> armsvc.exe
Failed to access process -> AppleMobileDeviceService.exe
Failed to access process -> devmonsrv.exe
Failed to access process -> mDNSResponder.exe
Failed to access process -> svchost.exe
Failed to access process -> officeclicktorun.exe
Failed to access process -> EvtEng.exe
Failed to access process -> svchost.exe
Failed to access process -> HerculesDJControlMP3.EXE
Failed to access process -> ijplmsvc.exe
Failed to access process -> mbamscheduler.exe
Failed to access process -> mbamservice.exe
Failed to access process -> PFNService.exe
Failed to access process -> svchost.exe
Failed to access process -> PSUService.exe
Failed to access process -> RegSrvc.exe
Failed to access process -> sftvsa.exe
Failed to access process -> SmdmFService.exe
Failed to access process -> TeamViewer_Service.exe
Failed to access process -> SmdmFService.exe
Failed to access process -> WLIDSVC.EXE
Failed to access process -> obexsrv.exe
Failed to access process -> WLIDSVCM.EXE
Failed to access process -> sftlist.exe
Failed to access process -> unsecapp.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> CVHSVC.EXE
Failed to access process -> ngservice.exe
Failed to access process -> mscorsvw.exe
Failed to access process -> LMS.exe
Failed to access process -> wmpnetwk.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> svchost.exe
Failed to access process -> UNS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
Failed to access process -> mediasrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Citrix Systems, Inc.) C:\Users\Eltern\AppData\Local\Citrix\ICA Client\concentr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\old_chrome.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Citrix Systems, Inc.) C:\Users\Eltern\AppData\Local\Citrix\ICA Client\wfcrun32.exe
(Fujitsu Technology Solutions) C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\AirPort\APAgent.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
Failed to access process -> VSSVC.exe
Failed to access process -> iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
Failed to access process -> svchost.exe
Failed to access process -> smdmfu.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
Failed to access process -> AvastVBoxSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> SearchFilterHost.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> sppsvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1886504 2009-11-19] (Synaptics Incorporated)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [199528 2010-11-13] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] => C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6311424 2010-10-07] (FUJITSU LIMITED)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11663464 2010-12-07] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [162416 2010-07-16] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [21616 2010-07-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [DeskUpdateNotifier] => c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe [102528 2012-09-25] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Hercules DJ Series] => C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe [1675048 2011-04-26] (Hercules®)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-27] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AirPort Base Station Agent] => C:\Program Files (x86)\AirPort\APAgent.exe [771360 2009-11-11] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1691136 2012-05-31] (Wondershare)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\970262e3-1e0c-4f4e-adbe-91de3ec72024.exe [183232 2015-01-12] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\...\Run: [Smart PC Cleaner] => C:\Program Files (x86)\Smart PC Cleaner\SPCLauncher.exe
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\...\Run: [DriverScanner] => "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000 
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\...\Run: [ConnectionCenter] => C:\Users\Eltern\AppData\Local\Citrix\ICA Client\concentr.exe [103768 2009-09-12] (Citrix Systems, Inc.)
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\...\Run: [6DAAC6C454D885ED72250BD5B844006BEAA8E461._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-04] (Google Inc.)
AppInit_DLLs: C:\Users\admin\AppData\Local\Linkey\IEEXTE~1\iedll64.dll => C:\Users\admin\AppData\Local\Linkey\IEEXTE~1\iedll64.dll File Not Found
AppInit_DLLs-x32: C:\Users\admin\AppData\Local\Linkey\IEEXTE~1\iedll.dll => "C:\Users\admin\AppData\Local\Linkey\IEEXTE~1\iedll.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk
ShortcutTarget: LaunchCenter.lnk -> C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\newreminderdialog.lnk
ShortcutTarget: newreminderdialog.lnk -> C:\Program Files\Fujitsu\FujitsuRecovery\NewReminderDialog.exe (Fujitsu Technology Solutions)
Startup: C:\Users\Eltern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll [488464 2014-09-02] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll [662032 2014-09-02] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Fujitsu CEMEA&I
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Google
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true
HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland ? jetzt mit dem Hotmail Nachfolger Outlook und dem Messenger Nachfolger Skype
URLSearchHook: HKU\S-1-5-21-1137129110-1800203016-1165673377-1001 - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: [S-1-5-21-1137129110-1800203016-1165673377-1004] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=101&itype=n&ver=13898&tm=462&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=101&itype=n&ver=13898&tm=462&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1137129110-1800203016-1165673377-1001 -> {154d339e-ccaa-49a5-9b38-6878ad4220bc} URL = hxxp://www.searchamong.com/searchview.php?query={searchTerms}&cat=webs&bar=true
SearchScopes: HKU\S-1-5-21-1137129110-1800203016-1165673377-1001 -> {27411759-B300-4F5A-98E4-E07E69153B21} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_NL&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^NL&apn_uid=17DA459C-8E09-47EE-AC59-629FDF1DAE13&apn_sauid=5C01AC05-7B74-4559-A37C-0D6977E0192E
SearchScopes: HKU\S-1-5-21-1137129110-1800203016-1165673377-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=101&itype=n&ver=13898&tm=462&src=ds&p={searchTerms}
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\admin\AppData\Local\Linkey\IEExtension\iedll64.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Adblock Plus)
BHO-x32: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\admin\AppData\Local\Linkey\IEEXTE~1\iedll.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKU\S-1-5-21-1137129110-1800203016-1165673377-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1137129110-1800203016-1165673377-1001 -> No Name - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  No File
Toolbar: HKU\S-1-5-21-1137129110-1800203016-1165673377-1001 -> No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} -  No File
Toolbar: HKU\S-1-5-21-1137129110-1800203016-1165673377-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin64.dll (Skype)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @Skype Technologies S.A..com/Skype Web Plugin -> C:\Program Files (x86)\SkypeWebPlugin\3.1.15602.22612\npSkypeWebPlugin.dll (Skype)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1137129110-1800203016-1165673377-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Eltern\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1137129110-1800203016-1165673377-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Eltern\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-29]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Profile: C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-03]
CHR Extension: (Google Drive) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (FreeHDSport.TV) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok [2013-02-22]
CHR Extension: (YouTube) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-03]
CHR Extension: (Adblock Plus) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-26]
CHR Extension: (Google Search) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-03]
CHR Extension: (AdBlock) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-13]
CHR Extension: (Avast Online Security) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-02]
CHR Extension: (WEB.DE MailCheck) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo [2015-01-17]
CHR Extension: (Skype Click to Call) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-11-01]
CHR Extension: (Google Wallet) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]
CHR Extension: (Gmail) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-03]
CHR Extension: (Nation Toolbar) - C:\Users\Eltern\AppData\Local\Google\Chrome\User Data\Default\Extensions\poodchbjlediohlnballdehklfnmaogp [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [bgnnidmnbdkmhfkjgdnngciimpdgohok] - C:\Program Files (x86)\FirstRowSportApp.com\stv12.crx [2013-02-19]
CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\admin\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-02]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AISConnect; C:\Program Files (x86)\Fujitsu\AIS Connect\bin\qsaMain.exe [32768 2009-01-26] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-02] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-02] (Avast Software)
R2 Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [897088 2010-11-03] (Intel Corporation) [File not signed]
R3 Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [1298496 2010-11-03] (Intel Corporation) [File not signed]
R2 Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [983104 2010-11-03] (Intel Corporation) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-11] (Microsoft Corporation)
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [20480 2011-06-07] () [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 lmhosts; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [21504 2011-03-01] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 NlaSvc; C:\Windows\System32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [21504 2011-03-01] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [21504 2011-03-01] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-10-27] (The OpenVPN Project)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [331776 2010-10-07] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2010-06-17] (FUJITSU LIMITED)
R2 SmdmFService; C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe [3572240 2014-09-02] (Aztec Media Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-02] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-07-22] ()
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [192000 2011-04-28] (© Guillemot R&D, 2010. All rights reserved.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2011-07-29] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14216 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2011-07-29] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [8456 2011-07-29] () [File not signed]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg [41872 2014-09-02] (Aztec Media Inc)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 HDJAsioK; C:\Windows\System32\Drivers\HDJAsioK.sys [263168 2011-04-28] (© Guillemot R&D, 2010. All rights reserved.)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [240640 2011-04-28] (© Guillemot R&D, 2011. All rights reserved.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-07-22] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1801216 2010-10-09] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-02] (Avast Software)
S3 catchme; \??\C:\6774884_Setup\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-09 16:34 - 2015-02-09 16:36 - 00036052 _____ () C:\Users\Eltern\Downloads\FRST.txt
2015-02-09 16:34 - 2015-02-09 16:35 - 00000000 ____D () C:\FRST
2015-02-09 16:34 - 2015-02-09 16:34 - 02132992 _____ (Farbar) C:\Users\Eltern\Downloads\FRST64 (1).exe
2015-02-09 16:33 - 2015-02-09 16:34 - 02132992 _____ (Farbar) C:\Users\Eltern\Downloads\FRST64.exe
2015-02-09 10:10 - 2015-02-09 10:10 - 00000247 _____ () C:\Windows\system32\2015-02-09-10-10-38.067-aswFe.exe-1552.log
2015-02-09 10:02 - 2015-02-09 10:10 - 00000247 _____ () C:\Windows\system32\2015-02-09-10-02-22.020-aswFe.exe-6164.log
2015-02-09 10:02 - 2015-02-09 10:02 - 00000197 _____ () C:\Windows\system32\2015-02-09-10-02-11.065-AvastVBoxSVC.exe-7272.log
2015-02-09 09:16 - 2015-02-09 09:16 - 00000197 _____ () C:\Windows\system32\2015-02-09-09-16-39.032-AvastVBoxSVC.exe-1316.log
2015-02-09 08:35 - 2015-02-09 08:35 - 00000197 _____ () C:\Windows\system32\2015-02-09-08-35-37.038-AvastVBoxSVC.exe-1872.log
2015-02-06 13:52 - 2015-02-06 13:52 - 00000197 _____ () C:\Windows\system32\2015-02-06-13-52-12.052-AvastVBoxSVC.exe-3836.log
2015-02-06 12:07 - 2015-02-06 12:07 - 00000165 ____H () C:\Users\Eltern\Downloads\~$Klientenliste_04.02.2015.xlsx
2015-02-04 12:20 - 2015-02-04 12:21 - 03252731 _____ () C:\Users\Eltern\Downloads\(boox.bz)-GreenJohn-7891.zip
2015-02-02 12:34 - 2015-02-02 12:38 - 11314021 _____ () C:\Users\Eltern\Downloads\NSDLdS.rar
2015-02-02 07:47 - 2015-02-02 07:52 - 14619603 _____ () C:\Users\Eltern\Downloads\MJDTP.rar
2015-01-29 07:09 - 2015-01-29 07:09 - 00000197 _____ () C:\Windows\system32\2015-01-29-07-09-07.016-AvastVBoxSVC.exe-4160.log
2015-01-23 22:27 - 2015-01-23 22:27 - 00000197 _____ () C:\Windows\system32\2015-01-23-22-27-05.052-AvastVBoxSVC.exe-7324.log
2015-01-21 07:47 - 2015-01-21 07:47 - 00000197 _____ () C:\Windows\system32\2015-01-21-07-47-07.033-AvastVBoxSVC.exe-2136.log
2015-01-19 12:50 - 2015-01-19 12:50 - 00000000 ____D () C:\Users\Eltern\AppData\Local\{F86A2549-705C-4C9A-9398-799841DA3963}
2015-01-18 03:21 - 2015-01-18 03:21 - 00000197 _____ () C:\Windows\system32\2015-01-18-03-21-29.008-AvastVBoxSVC.exe-3420.log
2015-01-17 16:31 - 2015-01-17 16:31 - 00000197 _____ () C:\Windows\system32\2015-01-17-16-31-03.026-AvastVBoxSVC.exe-5364.log
2015-01-16 07:07 - 2014-12-12 05:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 07:07 - 2014-12-12 05:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-16 07:07 - 2014-12-12 05:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-16 07:07 - 2014-12-12 05:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-16 07:07 - 2014-12-12 05:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-16 07:07 - 2014-12-12 05:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-16 07:07 - 2014-12-12 05:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-15 13:11 - 2015-01-15 13:12 - 00000197 _____ () C:\Windows\system32\2015-01-15-13-11-58.068-AvastVBoxSVC.exe-4064.log
2015-01-15 11:44 - 2015-01-15 11:44 - 00288689 _____ () C:\Users\Eltern\Downloads\Klientenliste_14.01.2015 (1).xlsx
2015-01-15 11:42 - 2015-01-15 13:03 - 00269110 _____ () C:\Users\Eltern\Downloads\Klientenliste_13.01.2015.xlsx
2015-01-15 10:12 - 2015-01-15 10:14 - 85533129 _____ () C:\Users\Eltern\Downloads\Urlaubsvertretung Till 01_2015.zip
2015-01-15 03:56 - 2015-01-15 03:56 - 00000197 _____ () C:\Windows\system32\2015-01-15-03-56-34.047-AvastVBoxSVC.exe-3280.log
2015-01-14 18:40 - 2015-01-14 18:41 - 00000000 ____D () C:\Users\Eltern\AppData\Local\{C47B58EC-9492-41FD-82FB-B4C232F89A00}
2015-01-14 16:45 - 2015-01-20 14:45 - 00356352 _____ () C:\Users\Eltern\Documents\Datenbank4.accdb
2015-01-14 16:27 - 2015-01-15 07:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-01-14 13:37 - 2015-01-14 13:41 - 11216644 _____ () C:\Users\Eltern\Downloads\MAUdeT.rar
2015-01-14 09:25 - 2015-01-14 09:25 - 00024285 _____ () C:\Users\Eltern\Downloads\TS102807928.dotx
2015-01-14 07:16 - 2014-12-19 03:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 07:16 - 2014-12-19 01:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 07:16 - 2014-12-11 17:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 07:16 - 2014-12-06 04:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 07:16 - 2014-12-06 03:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 07:16 - 2014-12-06 03:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 20:37 - 2015-01-13 20:40 - 11214460 _____ () C:\Users\Eltern\Downloads\RLDE.rar
2015-01-13 19:15 - 2015-01-16 18:35 - 00192033 _____ () C:\Users\Eltern\Downloads\Therapeutenliste_Stand_30.12.2014_CoachID.xlsx
2015-01-13 08:49 - 2015-01-15 11:43 - 00267947 _____ () C:\Users\Eltern\Downloads\Klientenliste_12.01.2015 (1).xlsx
2015-01-12 18:32 - 2015-01-12 18:32 - 00284621 _____ () C:\Users\Eltern\Downloads\Klientenliste_12.01.2015.xlsx
2015-01-12 08:41 - 2015-01-12 08:41 - 00000000 ____D () C:\Users\Eltern\AppData\Local\{F55ADB88-D418-4526-A85D-49393D7419DC}
2015-01-12 08:39 - 2015-01-12 08:39 - 03181547 _____ () C:\Users\Eltern\Downloads\VKKD_Sept 2013_GF (1).pptx
2015-01-11 18:34 - 2015-01-13 11:04 - 00034117 _____ () C:\Users\Eltern\Downloads\20150111-209189-umsatz (1).CSV
2015-01-11 18:28 - 2015-01-13 11:04 - 00056776 _____ () C:\Users\Eltern\Downloads\20150111-209189-umsatz.CSV
2015-01-11 17:48 - 2015-01-11 17:51 - 00071477 _____ () C:\Users\Eltern\Downloads\Abrechnung_Q4_2014_06.01.14.xlsx
2015-01-10 22:52 - 2015-01-10 22:52 - 00000000 ____D () C:\Users\Eltern\AppData\Local\{5070E6B6-5A4F-4F26-9D81-E37440959D94}
2015-01-10 20:09 - 2015-01-10 20:11 - 03967155 _____ () C:\Users\Eltern\Downloads\Dillon.7z
2015-01-10 19:56 - 2015-01-10 20:00 - 10787467 _____ () C:\Users\Eltern\Downloads\SNZW.rar
2015-01-10 16:02 - 2015-01-10 16:03 - 00000197 _____ () C:\Windows\system32\2015-01-10-16-02-55.034-AvastVBoxSVC.exe-3340.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-09 16:35 - 2014-09-06 12:58 - 00000000 ____D () C:\ProgramData\smdmf
2015-02-09 16:35 - 2011-10-31 18:10 - 00000000 ____D () C:\Users\Eltern\AppData\Roaming\Skype
2015-02-09 16:11 - 2011-08-28 04:22 - 01786698 _____ () C:\Windows\WindowsUpdate.log
2015-02-09 15:42 - 2011-12-19 17:06 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-09 09:56 - 2011-12-19 17:06 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-09 09:21 - 2009-07-14 04:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-09 09:21 - 2009-07-14 04:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-09 09:13 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-09 09:13 - 2009-07-14 04:51 - 00168444 _____ () C:\Windows\setupact.log
2015-02-09 08:51 - 2013-06-29 16:40 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-09 08:46 - 2011-05-07 17:16 - 01594718 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-09 08:46 - 2011-04-11 17:26 - 00699666 _____ () C:\Windows\system32\perfh007.dat
2015-02-09 08:46 - 2011-04-11 17:26 - 00149774 _____ () C:\Windows\system32\perfc007.dat
2015-02-09 08:46 - 2009-07-14 05:13 - 01594718 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-07 17:44 - 2009-07-14 05:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-07 17:41 - 2013-06-23 15:54 - 00000000 ____D () C:\Windows\Minidump
2015-02-07 17:41 - 2013-06-23 15:53 - 719132114 _____ () C:\Windows\MEMORY.DMP
2015-02-06 13:25 - 2011-08-28 06:39 - 00000000 ____D () C:\Users\Eltern\AppData\Local\CrashDumps
2015-02-05 16:35 - 2014-08-31 07:51 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2015-02-05 14:05 - 2012-12-29 09:00 - 00000000 ____D () C:\Users\admin
2015-02-05 08:54 - 2013-08-04 15:34 - 00544768 ___SH () C:\Users\Eltern\Downloads\Thumbs.db
2015-01-27 20:08 - 2011-09-20 06:13 - 00000000 ____D () C:\Users\Eltern\Documents\Inken Arbeit
2015-01-15 13:06 - 2014-09-01 09:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-15 03:01 - 2013-07-20 12:06 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 03:01 - 2011-10-08 09:00 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 11:28 - 2014-12-13 18:34 - 00000000 ____D () C:\Users\Eltern\Documents\temp
2015-01-14 07:10 - 2014-08-16 07:50 - 00000000 ____D () C:\Users\Eltern\Documents\Portugal
2015-01-13 19:14 - 2014-12-08 07:48 - 00188642 _____ () C:\Users\Eltern\Downloads\Therapeutenliste_Stand_05.12.2014_CoachID.xlsx

==================== Files in the root of some directories =======

2011-01-19 11:30 - 2011-01-19 11:30 - 142700671 _____ () C:\Program Files\openofficeorg1.cab
2011-01-19 11:34 - 2011-01-19 11:34 - 3003392 _____ () C:\Program Files\openofficeorg33.msi
2011-01-19 11:33 - 2011-01-19 11:33 - 0475016 _____ () C:\Program Files\setup.exe
2011-01-19 10:15 - 2011-01-19 10:15 - 0000290 _____ () C:\Program Files\setup.ini
2012-11-08 12:43 - 2012-11-08 12:48 - 0000077 _____ () C:\Users\Eltern\AppData\Roaming\Rim.Desktop.Exception.log
2012-11-08 12:41 - 2012-11-08 12:42 - 0001153 _____ () C:\Users\Eltern\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-11-08 12:43 - 2012-11-08 12:48 - 0000077 _____ () C:\Users\Eltern\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-10-07 14:56 - 2012-10-07 15:01 - 6312677 _____ (VIO                                                         ) C:\Users\Eltern\AppData\Roaming\vio_clean.exe
2011-09-15 15:01 - 2012-08-25 16:55 - 0001188 _____ () C:\Users\Eltern\AppData\Local\crc32list11.txt
2011-08-27 19:41 - 2011-08-27 19:41 - 0013952 _____ () C:\Users\Eltern\AppData\Local\IWDAudHelper.20110827.214114.txt
2011-08-27 19:41 - 2011-08-27 19:41 - 0000661 _____ () C:\Users\Eltern\AppData\Local\PDLSetup.20110827.214106.txt
2011-08-27 19:41 - 2011-08-27 19:41 - 0001579 _____ () C:\Users\Eltern\AppData\Local\PDLSetup.20110827.214107.txt
2011-08-27 19:41 - 2011-08-27 19:41 - 0001227 _____ () C:\Users\Eltern\AppData\Local\PDLSetup.20110827.214109.txt
2012-07-18 09:53 - 2012-07-18 09:53 - 0007597 _____ () C:\Users\Eltern\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Eltern\AppData\Local\temp\MSETUP4.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
         
--- --- ---
Addition:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015
Ran by Eltern at 2015-02-09 16:37:27
Running from C:\Users\Eltern\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1&1 SmartFax (HKLM-x32\...\1&1 SmartFax) (Version: 2.00.231 - 1&1 Internet AG)
4TOPS Compare Spreadsheets using Excel 3.2.0.1 (HKLM-x32\...\xlcompare_is1) (Version: 3.2.0.1 - AGORA Software BV)
7-PDF Split & Merge Version 2.4.0 (Build 168) (HKLM-x32\...\7-PDF Split & Merge_is1) (Version: 7-PDF Split & Merge - Version 2.4.0 (Build 168) - 7-PDF, Germany - Thorsten Hodes)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{C23EE7CE-C1A3-4F94-A8F0-9E0AC9C6DE6E}) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
AIS Connect (HKLM-x32\...\AIS Connect) (Version: 1.1.1.6 - Fujitsu Technology Solutions GmbH)
AIS Connect (x32 Version: 1.1.1.6 - Fujitsu Technology Solutions GmbH) Hidden
Anytime USB Charge Utility (HKLM-x32\...\{549BF60D-FDDA-4E4C-ABE3-9E897BC09E79}) (Version: 1.00.00.001 - FUJITSU LIMITED)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.32 - Research in Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.32 - Research in Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
BrainSpeeder 3.2.105 (HKLM-x32\...\BrainSpeeder) (Version: 3.2.105 - Gehirnjogging Denkspiele kostenlos | Sudoku Denksport Brain Games)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG5500 series Benutzerregistrierung (HKLM-x32\...\Canon MG5500 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.01 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MX890 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX890_series) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Citrix Online Plug-in - Web (HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\...\CitrixOnlinePluginPackWeb) (Version: 11.2.0.31560 - Citrix Systems, Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1908.7636 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.13.0116 - Fujitsu Technology Solutions)
EASEUS Partition Master 9.1.1 Home Edition (HKLM-x32\...\EASEUS Partition Master Home Edition_is1) (Version: - EASEUS)
eBay (HKLM-x32\...\{9983CD31-473F-4808-8317-5346119F0187}) (Version: 1.0.1 - eBay Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.52016.0 - Sonix)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - Free PDF to Word Doc Converter - easy and powerful pdf converter software.)
Free YouTube to MP3 Converter version 3.12.2.426 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.426 - DVDVideoSoft Ltd.)
Fujitsu Display Manager (HKLM-x32\...\InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}) (Version: - )
Fujitsu Display Manager (Version: 7.01.20.212 - FUJITSU LIMITED) Hidden
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{C8E4B31D-337C-483D-822D-16F11441669B}) (Version: 3.70.0.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.70.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 3.01.00.001 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.001 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.3.0.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.3.0.0 - FUJITSU LIMITED) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hercules DJ Products Series drivers (HKLM-x32\...\{33999F1F-EA46-4E55-A239-1BA803235396}) (Version: 3.HDJS.2011 - Hercules)
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version: - )
HMA! Pro VPN 2.8.11.2 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.11.2 - Privax Ltd)
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
ImageJ 1.47v (HKLM-x32\...\ImageJ_is1) (Version: - NIH)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2372 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}) (Version: 1.0.0.0454 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{25680C01-6753-4FE9-A891-7857F26457C1}) (Version: 2.1.35.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 3.5.0 - Kobo Inc.)
LibreOffice 4.1.2.3 (HKLM-x32\...\{DD3CB916-F91A-41B9-B276-CAC090E91021}) (Version: 4.1.2.3 - The Document Foundation)
LifeBook Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.2.1.0 - FUJITSU LIMITED)
LifeBook Application Panel (Version: 8.2.1.0 - FUJITSU LIMITED) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Med7 (HKLM-x32\...\{15DD8459-6E1B-4E21-A5AA-FE393E8EC543}) (Version: 7.82.0002 - Bitron GmbH)
Med7 (HKLM-x32\...\{C09D663B-A9ED-4EEE-8CC3-2C7A3DB63514}) (Version: 7.85.0014 - Bitron GmbH)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft MapPoint Europa 2011 (HKLM-x32\...\{C82185E8-C27B-4EF4-2011-2222BC2C2B6D}) (Version: 18.0.29.1200 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.8 - Ubisoft)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
NVIDIA Graphics Driver 265.77 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 265.77 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 5.4.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 5.4.001 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\{49A588CF-5FD4-4774-BFBF-0764287DE82B}) (Version: 32.01.10.009 - FUJITSU LIMITED)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6263 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30120 - Realtek Semiconductor Corp.)
Settings Manager (HKLM-x32\...\Settings Manager) (Version: 5.0.0.13898 - Aztec Media Inc) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.7.8524 - Skype Technologies S.A.)
Skype Web Plugin (HKLM-x32\...\{69F300CB-D6BF-41DD-B7CC-983BAFF4EE15}) (Version: 3.1.15602.22612 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Snagit 10.0.2 (HKLM-x32\...\{92D194E7-AEF9-4A9E-8620-8F3AE712E3F7}) (Version: 10.0.2 - TechSmith Corporation)
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - SopCast - Free P2P internet TV | live football, NBA, cricket)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.16.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
VIO Player version 1.0.1 (HKLM-x32\...\{C8A17598-7F89-41EA-9876-0F89DA0B24F1}_is1) (Version: 1.0.1 - VIO)
VirtualDJ LE (DJ4Set) (HKLM-x32\...\{787EAD29-5498-4BDB-BDF4-670A86F28DFB}) (Version: 7.0.5 - Atomix Productions)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.09.7121 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.03.7334 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.08.8317 - Buhl Data Service GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{843C3DDB-993A-4DBA-87AE-32F00D1235CE}) (Version: 21.08.8679 - Buhl Data Service GmbH)
Wondershare PDF to Word (Build 4.0.1) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)
xlCompare (HKLM-x32\...\{30296F6A-A302-402E-8D9B-83FAB945BE72}) (Version: 3.3.6 - Spreadsheet Tools)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

ATTENTION: System Restore is disabled.
Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2013-06-28 17:04 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?

==================== Loaded Modules (whitelisted) ==============

2014-09-06 12:58 - 2014-09-02 08:21 - 00662032 _____ () C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll
2011-05-02 00:21 - 2011-04-15 01:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-01-05 19:53 - 2011-01-05 19:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2014-07-29 07:02 - 2014-07-02 08:13 - 01427736 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2014\mshaktuell.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1137129110-1800203016-1165673377-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eltern\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: AIS_MessageForYou => "C:\Program Files (x86)\Fujitsu\AIS Connect\bin\AISMessageForYou.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LoadFUJ02E3 => C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: snp2uvc => C:\Windows\vsnp2uvc.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
MSCONFIG\startupreg: YouCam Mirror Tray icon => "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s

==================== Accounts: =============================

admin (S-1-5-21-1137129110-1800203016-1165673377-1004 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-1137129110-1800203016-1165673377-500 - Administrator - Disabled)
Eltern (S-1-5-21-1137129110-1800203016-1165673377-1001 - Limited - Enabled) => C:\Users\Eltern
Gast (S-1-5-21-1137129110-1800203016-1165673377-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1137129110-1800203016-1165673377-1021 - Limited - Enabled)
UpdatusUser (S-1-5-21-1137129110-1800203016-1165673377-1000 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/09/2015 01:07:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/09/2015 00:59:16 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (02/09/2015 09:57:06 AM) (Source: MsiInstaller) (EventID: 1024) (User: Eltern-Laptop)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011010}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (02/09/2015 09:14:29 AM) (Source: Application Virtualization Client) (EventID: 3134) (User: )
Description: {tid=F28}
Fehler beim Initialisieren des PerfMon-Anbieters für Application Virtualization Client (Fehler 0x80070002).

Error: (02/09/2015 09:14:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2015 08:36:44 AM) (Source: MsiInstaller) (EventID: 1024) (User: Eltern-Laptop)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011010}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (02/09/2015 08:34:13 AM) (Source: Application Virtualization Client) (EventID: 3134) (User: )
Description: {tid=169C}
Fehler beim Initialisieren des PerfMon-Anbieters für Application Virtualization Client (Fehler 0x80070002).

Error: (02/09/2015 08:33:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2015 08:33:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: qsaMain.exe, Version: 0.0.0.0, Zeitstempel: 0x497e2fe7
Name des fehlerhaften Moduls: wbemprox.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdb2f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000333b
ID des fehlerhaften Prozesses: 0x5f0
Startzeit der fehlerhaften Anwendung: 0xqsaMain.exe0
Pfad der fehlerhaften Anwendung: qsaMain.exe1
Pfad des fehlerhaften Moduls: qsaMain.exe2
Berichtskennung: qsaMain.exe3

Error: (02/07/2015 05:44:23 PM) (Source: Application Virtualization Client) (EventID: 3134) (User: )
Description: {tid=1420}
Fehler beim Initialisieren des PerfMon-Anbieters für Application Virtualization Client (Fehler 0x80070002).


System errors:
=============
Error: (02/09/2015 09:56:24 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E579AB5F-1CC4-44B4-BED9-DE0991FF0623}

Error: (02/09/2015 09:16:40 AM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (02/09/2015 09:16:40 AM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/

Error: (02/09/2015 09:16:40 AM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (02/09/2015 09:16:40 AM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/

Error: (02/09/2015 08:36:24 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (02/09/2015 08:34:59 AM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (02/09/2015 08:34:59 AM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/

Error: (02/09/2015 08:34:59 AM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (02/09/2015 08:34:59 AM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/2811996591/


Microsoft Office Sessions:
=========================
Error: (02/09/2015 01:07:22 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files\microsoft office 15\root\office15\lync.exe.Manifestc:\program files\microsoft office 15\root\office15\UccApi.DLL1

Error: (02/09/2015 00:59:16 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe1

Error: (02/09/2015 09:57:06 AM) (Source: MsiInstaller) (EventID: 1024) (User: Eltern-Laptop)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011010}1625(NULL)(NULL)(NULL)

Error: (02/09/2015 09:14:29 AM) (Source: Application Virtualization Client) (EventID: 3134) (User: )
Description: {tid=F28}
0x80070002

Error: (02/09/2015 09:14:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2015 08:36:44 AM) (Source: MsiInstaller) (EventID: 1024) (User: Eltern-Laptop)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011010}1625(NULL)(NULL)(NULL)

Error: (02/09/2015 08:34:13 AM) (Source: Application Virtualization Client) (EventID: 3134) (User: )
Description: {tid=169C}
0x80070002

Error: (02/09/2015 08:33:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/09/2015 08:33:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: qsaMain.exe0.0.0.0497e2fe7wbemprox.dll6.1.7600.163854a5bdb2fc00000050000333b5f001d04442e57a6ec3C:\Program Files (x86)\Fujitsu\AIS Connect\bin\qsaMain.exeC:\Windows\system32\wbem\wbemprox.dll59ce7dd5-b036-11e4-b2ff-bc773732091e

Error: (02/07/2015 05:44:23 PM) (Source: Application Virtualization Client) (EventID: 3134) (User: )
Description: {tid=1420}
0x80070002


CodeIntegrity Errors:
===================================
Date: 2013-06-28 18:03:46.677
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\6774884_Setup\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-06-28 18:03:46.584
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\6774884_Setup\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-06-27 16:38:23.975
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\207415855_Setup\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-06-27 16:38:23.865
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\207415855_Setup\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2012-10-07 16:33:23.284
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-10-07 16:33:21.213
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-10-07 16:33:19.229
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-10-07 16:33:17.370
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-10-07 16:33:12.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-10-07 16:33:10.939
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\nvoptimusmft.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 37%
Total physical RAM: 8104.62 MB
Available physical RAM: 5047.47 MB
Total Pagefile: 16207.43 MB
Available Pagefile: 12767.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:147.66 GB) (Free:33.01 GB) NTFS
Drive d: (Daten) (Fixed) (Total:530.34 GB) (Free:392.57 GB) NTFS

==================== MBR & Partition Table ==================

Danke!


Alt 09.02.2015, 19:14   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL - Standard

Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL



FRST bitte nochmal, unsere Tools brauchen immer ADminrechte.
__________________
--> Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL

Antwort

Themen zu Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL
anderen, aufbau, bildschirm, blauer, blauer bildschirm, code, computer, detected, down, entfernt, fehler, fehlercode, google, internet, kurze, malwarebytes, nicht mehr, problem, rechner, sekunden, trojaner, windows, wirklich, wlan, zeichen



Ähnliche Themen: Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL


  1. Windows 8.1 Fehlermeldung IRQL not less or equal
    Log-Analyse und Auswertung - 03.02.2015 (23)
  2. Blauer Bildschirm, Bluescreen !
    Log-Analyse und Auswertung - 29.12.2014 (7)
  3. Blauer Bildschirm mit Fehlermeldung
    Log-Analyse und Auswertung - 31.10.2014 (9)
  4. Bluescreen "IRQL not less or equal" auf zwei PCs (Win Vista, 8.1)
    Alles rund um Windows - 10.08.2014 (4)
  5. notebook blauer bildschirm
    Plagegeister aller Art und deren Bekämpfung - 11.05.2014 (24)
  6. Blauer Bildschirm
    Alles rund um Windows - 21.12.2013 (2)
  7. Spy Eyes und blauer Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 29.10.2013 (28)
  8. Blauer Bildschirm beim booten von USB (Bekämpfung d."Weißer Bildschirm-please wait")
    Log-Analyse und Auswertung - 08.07.2012 (6)
  9. Blauer Bildschirm von Windows
    Alles rund um Windows - 14.02.2012 (17)
  10. Bootsektorvirus BOO/TDss / Bluescreen IRQL NOT OR LESS EQUAL
    Log-Analyse und Auswertung - 05.07.2011 (4)
  11. PC stürzt ab - Blauer Bildschirm
    Netzwerk und Hardware - 11.10.2010 (4)
  12. Irql Not less or equal
    Alles rund um Windows - 23.10.2009 (13)
  13. Meldung: IRQL Not less or equal
    Netzwerk und Hardware - 22.10.2009 (3)
  14. PC stürzt ab. Blauer Bildschirm.
    Netzwerk und Hardware - 11.07.2009 (5)
  15. Driver Irql Not less or equal
    Plagegeister aller Art und deren Bekämpfung - 09.04.2009 (15)
  16. Blauer Bildschirm(Hardwarefehler)
    Netzwerk und Hardware - 17.12.2007 (4)
  17. "IRQL not less or equal" nach Speichererweiterung
    Netzwerk und Hardware - 03.01.2007 (1)

Zum Thema Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL - Hallo, hier wurde mir und meinem Rechner schon einmal so wunderbar geholfen, dass ich das jetzt wieder hoffe. Wenn ich kurze Zeit mit google chrome im Internet bin, rein über - Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL...
Archiv
Du betrachtest: Blauer Bildschirm, wenn ich im Internet bin, mit Fehlercode DRIVER-IRQL-NOT-LESS-OR-EQUAL auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.