Trojaner-Board - Hab ich Spyware geladen? Advance System Protector, Disc Speedup, Registery Clean pro

Ich habe gestern Registery Clean Pro und Disc Speedup gekauft, heute noch auf meinen Laptop geladen. Dabei installierte sich Advants System Protector. Nun las ich, dass es gefährliche Programme sind. Ich habe Combofix runtergeladen und auf beiden Rechnern durchlaufen lassen, erst hinterher gelesen, dass man es nicht selbständig machen soll. Ich sende beide log-Dateien:
PC:Combofix Logfile:

Code:

ComboFix 14-01-21.03 - Adelheid 21.01.2014  21:26:38.2.4 - x86

Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2047.1197 [GMT 1:00]

ausgeführt von:: c:\dokumente und einstellungen\Adelheid\Desktop\ComboFix.exe

AV: Avira Desktop *Enabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-12-21 bis 2014-01-21  ))))))))))))))))))))))))))))))

.

.

2014-01-18 11:13 . 2014-01-18 11:19        2502        ----a-w-        c:\windows\system32\ASOROSet.bin

2014-01-17 16:07 . 2014-01-17 16:07        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Systweak

2014-01-17 16:07 . 2014-01-17 16:13        --------        d-----w-        c:\programme\Disk Speedup

2014-01-17 13:56 . 2014-01-17 16:07        --------        d-----w-        c:\dokumente und einstellungen\Adelheid\Anwendungsdaten\Systweak

2014-01-17 13:56 . 2014-01-17 16:05        --------        d-----w-        c:\programme\RegClean Pro

2014-01-17 13:54 . 2014-01-17 13:54        --------        d-----w-        c:\programme\Gemeinsame Dateien\Java

2014-01-17 13:54 . 2014-01-17 13:54        145408        ----a-w-        c:\windows\system32\javacpl.cpl

2014-01-17 13:54 . 2014-01-17 13:54        94632        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll

2014-01-13 16:30 . 2014-01-13 16:30        --------        d-----w-        c:\dokumente und einstellungen\Adelheid\Anwendungsdaten\Search Settings

2014-01-13 16:30 . 2014-01-13 16:30        --------        d-----w-        c:\programme\Application Updater

2014-01-13 16:30 . 2014-01-13 16:30        --------        d-----w-        c:\programme\pdfforge Toolbar

2014-01-13 16:30 . 2014-01-13 16:30        --------        d-----w-        c:\programme\Gemeinsame Dateien\Spigot

2013-12-29 20:15 . 2013-12-29 20:15        --------        d-----w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-12-17 11:15 . 2012-11-03 12:03        135648        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2013-12-17 11:15 . 2012-11-03 12:03        90400        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2013-12-16 22:20 . 2013-08-16 19:11        5496        ----a-w-        c:\windows\system32\PerfStringBackup.TMP

2013-12-11 07:55 . 2012-04-02 08:37        692616        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2013-12-11 07:55 . 2011-08-07 14:04        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2013-11-27 20:21 . 2004-08-10 12:00        40960        ----a-w-        c:\windows\system32\drivers\ndproxy.sys

2013-11-27 10:51 . 2012-11-03 12:03        37352        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2013-11-13 02:59 . 2004-08-10 12:00        150528        ----a-w-        c:\windows\system32\imagehlp.dll

2013-11-07 05:38 . 2004-08-10 12:00        591360        ----a-w-        c:\windows\system32\rpcrt4.dll

2013-11-06 01:36 . 2008-05-05 05:25        8192        ----a-w-        c:\windows\system32\xpsp4res.dll

2013-10-30 02:51 . 2004-08-10 12:00        1879168        ----a-w-        c:\windows\system32\win32k.sys

2013-10-29 07:57 . 2006-03-04 03:34        920064        ----a-w-        c:\windows\system32\wininet.dll

2013-10-29 07:57 . 2004-08-10 12:00        43520        ----a-w-        c:\windows\system32\licmgr10.dll

2013-10-29 07:57 . 2004-08-10 12:00        1469440        ----a-w-        c:\windows\system32\inetcpl.cpl

2013-10-29 07:57 . 2004-08-10 12:00        18944        ----a-w-        c:\windows\system32\corpol.dll

2013-10-29 00:45 . 2004-08-10 12:00        385024        ----a-w-        c:\windows\system32\html.iec

2013-10-23 23:45 . 2004-08-10 12:00        172032        ----a-w-        c:\windows\system32\scrrun.dll

2010-09-19 09:39 . 2010-09-19 09:38        19657194        ----a-w-        c:\programme\vlc-1.1.4-win32.exe

2009-11-26 21:04 . 2009-11-23 12:52        28243334        ----a-w-        c:\programme\FreeStudio.exe

2009-11-23 13:07 . 2009-11-23 13:06        7663192        ----a-w-        c:\programme\FreeYouTubeToiPodConverter.exe

2009-11-23 12:40 . 2009-11-23 12:40        14702386        ----a-w-        c:\programme\AudioBookConverter_018_Setup.exe

2009-11-23 12:38 . 2009-11-23 12:38        338624        ----a-w-        c:\programme\switchsetup.exe

2009-11-23 12:32 . 2009-11-23 12:29        19816758        ----a-w-        c:\programme\videora-ipod-503-setup.exe

2009-11-16 13:15 . 2009-11-16 13:15        93074728        ----a-w-        c:\programme\iTunesSetup.exe

2009-11-14 15:28 . 2009-11-14 15:27        7919008        ----a-w-        c:\programme\Firefox Setup 3.5.5.exe

2009-11-14 15:15 . 2009-11-14 15:15        7595863        ----a-w-        c:\programme\FreeYouTubeDownload.exe

2009-07-17 17:15 . 2009-05-25 16:00        32467048        ----a-w-        c:\programme\avira_antivir_personal_de.exe

2009-06-15 16:01 . 2009-06-15 16:01        4909440        ----a-w-        c:\programme\Silverlight.2.0.exe

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{9FD6379A-EF46-4193-BC64-99F59DF1334F}]

2010-07-15 21:00        269824        ----a-w-        c:\dokumente und einstellungen\Adelheid\Anwendungsdaten\AdblockPlus\IE\AdblockPlus.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]

2013-11-06 11:59        226592        ----a-w-        c:\programme\WiseConvert\prxtbWis0.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}"= "c:\programme\WiseConvert\prxtbWis0.dll" [2013-11-06 226592]

.

[HKEY_CLASSES_ROOT\clsid\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}"= "c:\programme\WiseConvert\prxtbWis0.dll" [2013-11-06 226592]

.

[HKEY_CLASSES_ROOT\clsid\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\dokumente und einstellungen\Adelheid\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\dokumente und einstellungen\Adelheid\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\dokumente und einstellungen\Adelheid\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\dokumente und einstellungen\Adelheid\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"H/PC Connection Agent"="c:\programme\Microsoft ActiveSync\WCESCOMM.EXE" [2004-02-09 401491]

"PC Suite Tray"="d:\programme\NokiaSuite\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]

"NBCore"="c:\programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBCore.exe" [2008-09-24 1561896]

"Skype"="c:\programme\Skype\Phone\Skype.exe" [2013-07-25 20684656]

"AOL Fast Start"="c:\programme\AOL 9.0 VR\AOL.EXE" [2007-06-21 50480]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"avgnt"="c:\programme\Avira\AntiVir Desktop\avgnt.exe" [2013-12-17 684600]

"APSDaemon"="c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]

"vspdfprsrv.exe"="c:\programme\Avanquest\PDF Experte 7 Professional\vspdfprsrv.exe" [2011-06-23 4252160]

"Babylon Client"="h:\programme\Babylon\Babylon-Pro\Babylon.exe" [2013-02-26 3589712]

"Reader Application Helper"="h:\programme\appHelper\ReaderAppHelper.exe" [2013-03-18 899400]

"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2013-03-26 703888]

"PMBVolumeWatcher"="c:\programme\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2013-04-24 740888]

"TkBellExe"="c:\programme\real\realplayer\update\realsched.exe" [2013-09-15 295512]

"SearchSettings"="c:\programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe" [2013-12-27 1383232]

"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2013-07-02 254336]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\

Belkin Wireless USB Utility.lnk - c:\programme\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe -T [2005-10-28 1404928]

VPN Client.lnk - c:\windows\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico -user_logon [2013-7-29 6144]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programme\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Adelheid^Startmenü^Programme^Autostart^OpenOffice.org 3.2.lnk]

path=c:\dokumente und einstellungen\Adelheid\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk

backup=c:\windows\pss\OpenOffice.org 3.2.lnkStartup

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Adelheid^Startmenü^Programme^Autostart^Picture Motion Browser Medien-Prüfung.lnk]

path=c:\dokumente und einstellungen\Adelheid\Startmenü\Programme\Autostart\Picture Motion Browser Medien-Prüfung.lnk

backup=c:\windows\pss\Picture Motion Browser Medien-Prüfung.lnkStartup

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^Adelheid^Startmenü^Programme^Autostart^StarOffice 7.lnk]

path=c:\dokumente und einstellungen\Adelheid\Startmenü\Programme\Autostart\StarOffice 7.lnk

backup=c:\windows\pss\StarOffice 7.lnkStartup

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^McAfee Security Scan Plus.lnk]

path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk

backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Nikon Monitor.lnk]

path=c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\Nikon Monitor.lnk

backup=c:\windows\pss\Nikon Monitor.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]

2008-04-09 18:14        136472        ----a-w-        c:\programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]

2008-04-09 18:23        909208        ----a-w-        c:\programme\Acronis\TrueImageHome\TimounterMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2013-11-21 16:57        959904        ----a-w-        c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

2010-04-30 16:22        64032        ----a-w-        c:\windows\ALCMTR.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyConnect SMC]

2013-03-26 15:43        703888        ----a-w-        c:\programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]

2007-06-21 12:42        70952        ----a-r-        c:\programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]

2011-07-27 20:41        397992        ----a-w-        c:\programme\Ask.com\Updater\Updater.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2013-04-21 19:43        59720        ----a-w-        c:\programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]

2010-05-04 15:05        311296        ----a-r-        c:\programme\ATI\ATICustomerCare\ATICustomerCare.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]

2009-09-04 11:16        75048        ------w-        c:\programme\CyberLink\Shared Files\brs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BiosNotice]

2010-06-15 13:57        994304        ----a-w-        c:\programme\BIOSTAR\BiosNotice\BiosNotice.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]

2010-03-25 01:50        2516296        ----a-w-        c:\programme\Canon\MyPrinter\BJMYPRT.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]

2007-05-15 01:01        644696        ----a-w-        c:\programme\Canon\SolutionMenu\CNSLMAIN.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

2008-04-14 02:22        15360        ----a-w-        c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2011-07-28 23:08        1259376        ----a-w-        c:\programme\DivX\DivX Update\DivXUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]

2006-06-13 03:20        127036        ----a-w-        c:\windows\system32\DLA\DLACTRLW.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]

2009-12-17 17:50        976832        ----a-w-        c:\programme\Epson Software\Event Manager\EEventManager.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

2005-08-05 12:34        64512        ----a-w-        c:\windows\ehome\ehtray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreePDF Assistant]

2009-09-05 15:29        385024        ----a-w-        c:\programme\FreePDF_XP\fpassist.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]

2004-02-09 09:32        401491        ----a-w-        c:\programme\Microsoft ActiveSync\wcescomm.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

2006-09-26 00:52        50736        ----a-w-        c:\programme\Gemeinsame Dateien\aol\1229768934\ee\aolsoftware.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]

2007-11-26 12:54        1057064        ----a-w-        c:\programme\Nero\Nero 7\InCD\InCD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2013-02-20 11:35        152392        ----a-w-        c:\programme\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]

2009-04-16 17:56        62760        ----a-w-        c:\programme\CyberLink\PowerDVD\Language\Language.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LifeCam]

2007-05-17 21:45        279912        ----a-w-        c:\programme\Microsoft LifeCam\LifeExp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 02:22        1695232        ----a-w-        c:\programme\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBCore]

2008-09-24 12:57        1561896        ----a-w-        c:\programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBCore.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]

2008-09-24 12:57        2254120        ----a-w-        c:\programme\Nero\Nero BackItUp 4\NBKeyScan.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2007-03-01 12:57        153136        ----a-w-        c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]

2012-06-26 11:10        1516632        ----a-w-        d:\programme\NokiaSuite\Nokia PC Suite 7\PCSuite.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]

2013-04-24 03:26        740888        ----a-w-        c:\programme\Sony\PlayMemories Home\PMBVolumeWatcher.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerDVD]

2009-09-10 21:57        1328424        ------w-        c:\programme\CyberLink\PowerDVD\PowerDVD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-10-24 13:28        421888        ----a-w-        c:\programme\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

2013-09-15 20:37        501328        ----a-w-        c:\programme\real\realplayer\realplay.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

2009-04-16 17:54        87336        ------w-        c:\programme\CyberLink\PowerDVD\PDVDServ.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2010-04-30 16:22        19523616        ----a-w-        c:\windows\RTHDCPL.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]

2013-12-27 16:04        1383232        ----a-w-        c:\programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SecurDisc]

2007-11-26 12:54        1629480        ----a-w-        c:\programme\Nero\Nero 7\InCD\NBHGui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]

2013-07-25 06:58        20684656        ----a-r-        c:\programme\Skype\Phone\Skype.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

2011-01-26 16:30        98304        ----a-w-        c:\programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2013-07-02 08:16        254336        ----a-w-        c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TBPanel]

2008-08-06 12:29        2281472        ----a-w-        c:\programme\Vtune ATI\TBPANEL.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

2013-09-15 20:37        295512        ----a-w-        c:\programme\real\realplayer\Update\realsched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]

2008-04-09 18:11        2595792        ----a-w-        c:\programme\Acronis\TrueImageHome\TrueImageMonitor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VX1000]

2007-04-10 21:46        709992        ----a-r-        c:\windows\vVX1000.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Spindown Utility]

2004-08-09 14:15        278528        ----a-w-        c:\programme\Western Digital Technologies\Spindown\ExSpinDn.exe

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"ctfmon.exe"=c:\windows\system32\ctfmon.exe

"PC Suite Tray"="d:\programme\NokiaSuite\Nokia PC Suite 7\PCSuite.exe" -onlytray

"H/PC Connection Agent"="c:\programme\Microsoft ActiveSync\WCESCOMM.EXE"

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"QuickTime Task"="c:\programme\QuickTime\qttask.exe" -atboottime

"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe"

"CanonMyPrinter"=c:\programme\Canon\MyPrinter\BJMyPrt.exe /logon

"CanonSolutionMenuEx"=c:\programme\Canon\Solution Menu EX\CNSEMAIN.EXE /logon

"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized

"DLA"=c:\windows\System32\DLA\DLACTRLW.EXE

"VX1000"=c:\windows\vVX1000.exe

"NSU_agent"="c:\programme\Nokia\Nokia Software Updater\nsu3ui_agent.exe"

"TkBellExe"="c:\programme\real\realplayer\update\realsched.exe"  -osboot

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Programme\\Messenger\\msmsgs.exe"=

"c:\\Programme\\CyberLink\\PowerDVD\\PowerDVD.exe"=

"c:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe"=

"c:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe"=

"c:\\Programme\\Gemeinsame Dateien\\aol\\1229768934\\ee\\aolsoftware.exe"=

"c:\\Programme\\Microsoft LifeCam\\LifeCam.exe"=

"c:\\Programme\\Microsoft LifeCam\\LifeExp.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Programme\\AOL 9.0 VR\\waol.exe"=

"c:\\Programme\\Gemeinsame Dateien\\aol\\TopSpeed\\3.0\\aoltpsd3.exe"=

"c:\\Programme\\Gemeinsame Dateien\\aol\\Loader\\aolload.exe"=

"c:\\Programme\\Gemeinsame Dateien\\aol\\System Information\\sinf.exe"=

"c:\\Programme\\Real\\RealPlayer\\realplay.exe"=

"c:\\Programme\\Microsoft ActiveSync\\WCESMgr.exe"=

"c:\\Programme\\Microsoft ActiveSync\\wcescomm.exe"=

"c:\\Programme\\Epson Software\\Event Manager\\EEventManager.exe"=

"c:\\Programme\\Bonjour\\mDNSResponder.exe"=

"c:\\Programme\\Java\\jre7\\bin\\javaw.exe"=

"c:\\Programme\\Windows Live\\Messenger\\wlcsdk.exe"=

"d:\\Programme\\IBM\\SPSS\\Statistics\\21\\WinWrapIDE.exe"=

"d:\\Programme\\IBM\\SPSS\\Statistics\\21\\stats.com"=

"d:\\Programme\\IBM\\SPSS\\Statistics\\21\\stats.exe"=

"d:\\Programme\\IBM\\SPSS\\Statistics\\21\\JRE\\bin\\javaw.exe"=

"c:\\Programme\\Gemeinsame Dateien\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Programme\\iTunes\\iTunes.exe"=

"c:\\Dokumente und Einstellungen\\Adelheid\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=

"c:\\Programme\\Skype\\Phone\\Skype.exe"=

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [03.11.2012 13:03 37352]

R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [19.12.2008 19:07 13696]

R1 BS_I2cIo;BS_I2cIo;c:\windows\system32\drivers\BS_I2cIo.sys [19.12.2008 20:52 6272]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14.05.2009 16:07 759048]

R2 AntiVirSchedulerService;Avira Planer;c:\programme\Avira\AntiVir Desktop\sched.exe [03.11.2012 13:03 440376]

R2 AntiVirWebService;Avira Browser-Schutz;c:\programme\Avira\AntiVir Desktop\avwebgrd.exe [03.11.2012 13:03 1011768]

R2 Application Updater;Application Updater;c:\programme\Application Updater\ApplicationUpdater.exe [27.12.2013 17:00 807800]

R2 DeviceFinderService;DeviceFinderService;c:\programme\Sony\PlayMemories Home\dfs.exe [24.04.2013 04:31 149528]

R2 DSUDiskOptimizer;DSUDiskOptimizer;c:\programme\Disk Speedup\DSUDefragSrv.exe [17.01.2014 17:07 669480]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\programme\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [24.04.2013 04:30 483864]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\programme\RealNetworks\RealDownloader\rndlresolversvc.exe [14.08.2013 14:19 39056]

R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [08.12.2011 19:31 1527104]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [07.10.2010 11:34 10064]

S2 SkypeUpdate;Skype Updater;c:\programme\Skype\Updater\Updater.exe [25.07.2013 07:52 162672]

S3 acsint;acsint;c:\windows\system32\drivers\acsint.sys [04.04.2013 18:08 39888]

S3 acsmux;acsmux;c:\windows\system32\drivers\acsmux.sys [04.04.2013 18:08 58320]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [19.12.2008 20:15 1691480]

S3 BS_Flash;BS_Flash;\??\c:\programme\BIOS Update\Award\BS_Flash.sys --> c:\programme\BIOS Update\Award\BS_Flash.sys [?]

S3 cpuz130;cpuz130;\??\c:\dokume~1\Adelheid\LOKALE~1\Temp\cpuz130\cpuz_x32.sys --> c:\dokume~1\Adelheid\LOKALE~1\Temp\cpuz130\cpuz_x32.sys [?]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\programme\McAfee Security Scan\3.0.318\McCHSvc.exe [05.02.2013 16:48 235216]

S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [25.10.2012 08:37 137600]

S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [25.10.2012 08:37 8576]

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - NTMSSVC

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs

UxTuneUp

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-01-14 18:38        1211672        ----a-w-        c:\programme\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe

.

Inhalt des "geplante Tasks" Ordners

.

2014-01-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 07:55]

.

2014-01-17 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\programme\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2014-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-25 19:54]

.

2014-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\programme\Google\Update\GoogleUpdate.exe [2010-02-25 19:54]

.

2014-01-21 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2014-01-21 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1004.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2014-01-17 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2013-12-30 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1004.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2014-01-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2014-01-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1004.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2014-01-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1005.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2014-01-19 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1003.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2014-01-04 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1004.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2013-12-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1005.job

- c:\programme\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13]

.

2014-01-20 c:\windows\Tasks\RegClean Prosch.job

- c:\programme\RegClean Pro\RegCleanPro.exe [2014-01-17 17:36]

.

2014-01-20 c:\windows\Tasks\RegClean Pro_DEFAULT.job

- c:\programme\RegClean Pro\RegCleanPro.exe [2014-01-17 17:36]

.

2014-01-17 c:\windows\Tasks\RegClean Pro_UPDATES.job

- c:\programme\RegClean Pro\RegCleanPro.exe [2014-01-17 17:36]

.

2013-04-10 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job

- c:\programme\Ask.com\UpdateTask.exe [2011-07-27 20:41]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = https://www.google.de/

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: &Citavi Picker... - file://c:\dokumente und einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html

IE: Translate this web page with Babylon - h:\programme\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm

IE: Translate with Babylon - h:\programme\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm

Trusted Zone: fernuni-hagen.de

Trusted Zone: fernuni-hagen.de\feuweb

Trusted Zone: fernuni-hagen.de\webvpn

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{2E6D1503-DFA6-42CC-BE5B-CD53FCEB3FBB}: NameServer = 62.109.121.2 62.109.121.1

DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} - hxxps://webvpn.fernuni-hagen.de/+CSCOL+/csvrloader32.cab

DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://webvpn.fernuni-hagen.de/CACHE/stc/1/binaries/vpnweb.cab

FF - ProfilePath - c:\dokumente und einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/

FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p=

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

FF - user.js: extensions.BabylonToolbar.autoRvrt - false

FF - user.js: extensions.BabylonToolbar_i.newTab - false

FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=115284&tt=270912_ctrl2_3912_3

FF - user.js: extensions.BabylonToolbar_i.babExt - 

FF - user.js: extensions.BabylonToolbar_i.srcExt - ss

user_pref('extensions.dealply.partner', 'vita');

user_pref('extensions.dealply.channel', 'vitaeazel');

user_pref('extensions.dealply.installId', 'v24300296412477390934662012101623025821');

user_pref('extensions.dealply.installIdSource', 'inst');

user_pref('extensions.dealply.sampleGroup', '1');

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=e8e5915600000000000000173ffe44fa&q=

FF - user.js: extensions.BabylonToolbar.id - e8e5915600000000000000173ffe44fa

FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay - 15629

FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8

FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.823:04

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - base

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

FF - user.js: extensions.delta.tlbrSrchUrl - 

FF - user.js: extensions.delta.id - e8e5915600000000000000173ffe44fa

FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

FF - user.js: extensions.delta.instlDay - 15748

FF - user.js: extensions.delta.vrsn - 1.8.10.0

FF - user.js: extensions.delta.vrsni - 1.8.10.0

FF - user.js: extensions.delta.vrsnTs - 1.8.10.020:16

FF - user.js: extensions.delta.prtnrId - delta

FF - user.js: extensions.delta.prdct - delta

FF - user.js: extensions.delta.aflt - babsst

FF - user.js: extensions.delta.smplGrp - none

FF - user.js: extensions.delta.tlbrId - base

FF - user.js: extensions.delta.instlRef - sst

FF - user.js: extensions.delta.dfltLng - en

FF - user.js: extensions.delta.excTlbr - false

FF - user.js: extensions.delta.admin - false

FF - user.js: extensions.delta.autoRvrt - false

FF - user.js: extensions.delta.rvrt - false

FF - user.js: extensions.delta.newTab - false

FF - user.js: network.http.max-connections-per-server - 6

FF - user.js: network.http.max-persistent-connections-per-server - 3

FF - user.js: extensions.searchgol.tlbrSrchUrl - 

FF - user.js: extensions.searchgol.id - e8e5915600000000000000059a3c7a00

FF - user.js: extensions.searchgol.appId - {4277F7CF-0000-46CF-BA49-D624465C4BAB}

FF - user.js: extensions.searchgol.instlDay - 15806

FF - user.js: extensions.searchgol.vrsn - 1.8.16.19

FF - user.js: extensions.searchgol.vrsni - 1.8.16.19

FF - user.js: extensions.searchgol.vrsnTs - 1.8.16.1916:48

FF - user.js: extensions.searchgol.prtnrId - searchgol

FF - user.js: extensions.searchgol.prdct - searchgol

FF - user.js: extensions.searchgol.aflt - babsst

FF - user.js: extensions.searchgol.smplGrp - none

FF - user.js: extensions.searchgol.tlbrId - base

FF - user.js: extensions.searchgol.instlRef - 

FF - user.js: extensions.searchgol.dfltLng - de

FF - user.js: extensions.searchgol.excTlbr - false

FF - user.js: extensions.searchgol.ffxUnstlRst - false

FF - user.js: extensions.searchgol.admin - false

FF - user.js: extensions.searchgol.autoRvrt - false

FF - user.js: extensions.searchgol.rvrt - false

FF - user.js: extensions.searchgol.newTab - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2014-01-21 21:33

Windows 5.1.2600 Service Pack 3 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]

"ImagePath"="\??\c:\programme\CyberLink\PowerDVD\000.fcl"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,96,38,f6,2a,e8,3b,f0,4d,bd,53,f2,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,96,38,f6,2a,e8,3b,f0,4d,bd,53,f2,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]

"7040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

.

- - - - - - - > 'winlogon.exe'(1008)

c:\windows\system32\Ati2evxx.dll

c:\windows\system32\atiadlxx.dll

.

- - - - - - - > 'lsass.exe'(1296)

c:\windows\system32\relog_ap.dll

.

- - - - - - - > 'explorer.exe'(4448)

h:\programme\Babylon\Babylon-Pro\Captlib.dll

c:\dokumente und einstellungen\Adelheid\Anwendungsdaten\Dropbox\bin\DropboxExt.22.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Zeit der Fertigstellung: 2014-01-21  21:35:13

ComboFix-quarantined-files.txt  2014-01-21 20:35

ComboFix2.txt  2014-01-21 20:09

.

Vor Suchlauf: 19 Verzeichnis(se), 23.717.548.032 Bytes frei

Nach Suchlauf: 20 Verzeichnis(se), 23.694.704.640 Bytes frei

.

- - End Of File - - 0750BA32C8598EC261087B738FC32054

--- --- ---
72B8CE41AF0DE751C946802B3ED844B4

vom Laptop:Combofix Logfile:

Code:

ComboFix 14-01-21.03 - Adele 21.01.2014  22:24:59.1.1 - x86

Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1033.18.1015.669 [GMT 1:00]

ausgeführt von:: c:\documents and settings\Adele\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Adele\Application Data\PriceGong

c:\documents and settings\Adele\Application Data\PriceGong\Data\1.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\2229.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\4489.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\8044.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\a.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\b.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\c.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\d.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\e.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\f.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\g.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\h.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\i.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\j.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\k.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\l.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\m.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\Adele\Application Data\PriceGong\Data\n.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\o.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\p.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\q.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\r.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\s.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\t.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\u.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\v.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\w.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\wlu.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\x.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\y.txt

c:\documents and settings\Adele\Application Data\PriceGong\Data\z.txt

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\All Users\Application Data\TEMP\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe

c:\documents and settings\All Users\Application Data\TEMP\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\PostBuild.exe

c:\documents and settings\All Users\Application Data\TEMP\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe

c:\program files\avira_free_antivirus_2890de.exe

c:\windows\system32\SET3C.tmp

c:\windows\system32\SET41.tmp

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-12-21 bis 2014-01-21  ))))))))))))))))))))))))))))))

.

.

2014-01-21 21:09 . 2014-01-21 21:09        20080        ----a-w-        c:\program files\Mozilla Firefox\updated\AccessibleMarshal.dll

2014-01-21 21:09 . 2014-01-21 21:09        2106216        ----a-w-        c:\program files\Mozilla Firefox\updated\D3DCompiler_43.dll

2014-01-21 21:09 . 2014-01-21 21:09        75376        ----a-w-        c:\program files\Mozilla Firefox\updated\breakpadinjector.dll

2014-01-21 21:09 . 2014-01-21 21:09        272496        ----a-w-        c:\program files\Mozilla Firefox\updated\browser\components\browsercomps.dll

2014-01-21 19:35 . 2014-01-21 20:01        --------        d-----w-        c:\documents and settings\All Users\Application Data\Allmyapps

2014-01-21 19:33 . 2014-01-21 19:57        --------        d-----w-        c:\program files\Systweak Support Dock

2014-01-21 16:21 . 2014-01-21 16:28        3084        ----a-w-        c:\windows\system32\ASOROSet.bin

2014-01-21 15:22 . 2014-01-21 20:34        --------        d-----w-        c:\documents and settings\All Users\Application Data\Systweak

2013-12-29 12:31 . 2013-12-29 12:31        --------        d-----w-        c:\program files\Dropbox

2013-12-29 12:29 . 2014-01-21 19:55        --------        d-----w-        c:\documents and settings\Adele\Application Data\Dropbox

2013-12-24 07:50 . 2013-12-24 07:50        --------        d-----w-        c:\documents and settings\NetworkService\Local Settings\Application Data\WiseConvert_1.3

2013-12-24 07:50 . 2013-12-24 07:50        --------        d-----w-        c:\documents and settings\NetworkService\Local Settings\Application Data\FileConverter_1.3

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-12-18 16:51 . 2012-06-21 20:17        692616        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2013-12-18 16:51 . 2012-06-21 20:17        71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2013-12-18 15:40 . 2013-01-10 17:23        90400        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2013-12-18 15:40 . 2013-01-10 17:23        135648        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2013-12-05 20:55 . 2013-01-10 17:23        37352        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2013-11-27 20:21 . 2008-08-01 16:37        40960        ------w-        c:\windows\system32\drivers\ndproxy.sys

2013-11-13 02:59 . 2008-08-01 16:37        150528        ------w-        c:\windows\system32\imagehlp.dll

2013-11-07 05:38 . 2008-08-01 16:37        591360        ----a-w-        c:\windows\system32\rpcrt4.dll

2013-11-06 01:03 . 2009-11-11 10:02        7168        ----a-w-        c:\windows\system32\xpsp4res.dll

2013-10-30 02:26 . 2008-08-01 16:37        1879040        ------w-        c:\windows\system32\win32k.sys

2013-10-25 11:24 . 2008-08-01 16:37        841216        ----a-w-        c:\windows\system32\wininet.dll

2013-10-25 11:24 . 2008-08-01 16:37        78336        ------w-        c:\windows\system32\ieencode.dll

2013-10-25 11:24 . 2008-08-01 16:37        1830912        ------w-        c:\windows\system32\inetcpl.cpl

2013-10-25 11:24 . 2008-08-01 16:37        17408        ------w-        c:\windows\system32\corpol.dll

2013-10-23 23:45 . 2008-08-01 16:37        172032        ------w-        c:\windows\system32\scrrun.dll

2013-04-22 22:40 . 2013-04-22 22:20        2619253594        ----a-w-        c:\program files\SPSSStatistics_21_Windows.exe

2013-04-17 10:54 . 2013-04-17 10:39        22936040        ----a-w-        c:\program files\Mendeley-Desktop-1.8.4-win32.exe

2009-12-12 18:09 . 2009-12-12 18:09        119760212        ------w-        c:\program files\OOo_2.4.1_Win32Intel_install_de.exe

2009-09-25 18:14 . 2009-09-25 18:14        34119048        ------w-        c:\program files\avira_antivir_personal408_de.exe

2008-05-07 08:34 . 2009-03-08 06:49        15523560        ------w-        c:\program files\U1 Setup.exe

2013-04-10 06:57 . 2013-04-25 11:17        263064        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{78e516ef-11de-47a1-8364-a99b917ec5ee}"= "c:\program files\FileConverter_1.3\prxtbFil2.dll" [2013-05-20 231712]

"{213c8ed6-1d78-4d8f-8729-25006aa86a76}"= "c:\program files\WiseConvert_1.3\prxtbWis2.dll" [2013-05-20 231712]

.

[HKEY_CLASSES_ROOT\clsid\{78e516ef-11de-47a1-8364-a99b917ec5ee}]

.

[HKEY_CLASSES_ROOT\clsid\{213c8ed6-1d78-4d8f-8729-25006aa86a76}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{213c8ed6-1d78-4d8f-8729-25006aa86a76}]

2013-05-20 09:21        231712        ----a-w-        c:\program files\WiseConvert_1.3\prxtbWis2.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{78e516ef-11de-47a1-8364-a99b917ec5ee}]

2013-05-20 09:21        231712        ----a-w-        c:\program files\FileConverter_1.3\prxtbFil2.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{78e516ef-11de-47a1-8364-a99b917ec5ee}"= "c:\program files\FileConverter_1.3\prxtbFil2.dll" [2013-05-20 231712]

"{213c8ed6-1d78-4d8f-8729-25006aa86a76}"= "c:\program files\WiseConvert_1.3\prxtbWis2.dll" [2013-05-20 231712]

.

[HKEY_CLASSES_ROOT\clsid\{78e516ef-11de-47a1-8364-a99b917ec5ee}]

.

[HKEY_CLASSES_ROOT\clsid\{213c8ed6-1d78-4d8f-8729-25006aa86a76}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{78E516EF-11DE-47A1-8364-A99B917EC5EE}"= "c:\program files\FileConverter_1.3\prxtbFil2.dll" [2013-05-20 231712]

"{213C8ED6-1D78-4D8F-8729-25006AA86A76}"= "c:\program files\WiseConvert_1.3\prxtbWis2.dll" [2013-05-20 231712]

.

[HKEY_CLASSES_ROOT\clsid\{78e516ef-11de-47a1-8364-a99b917ec5ee}]

.

[HKEY_CLASSES_ROOT\clsid\{213c8ed6-1d78-4d8f-8729-25006aa86a76}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\documents and settings\Adele\Application Data\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\documents and settings\Adele\Application Data\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\documents and settings\Adele\Application Data\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\documents and settings\Adele\Application Data\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2012-09-24 3129184]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-09-24 104984]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-09-24 121368]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-09-24 100888]

"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]

"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]

"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]

"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]

"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-01-23 416768]

"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]

"LGODDFU"="c:\program files\lg_fwupdate\lgfw.exe" [2012-08-03 27760]

"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-05-07 210216]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2013-12-18 684600]

"RTHDCPL"="RTHDCPL.EXE" [2008-03-06 16858112]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-09-28 69632]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]

"NBKeyScan"="c:\program files\Nero\Nero BackItUp 4\NBKeyScan.exe" [2008-09-24 2254120]

"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-10-11 62760]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]

"HostManager"="c:\program files\Common Files\AOL\1273586992\ee\AOLSoftware.exe" [2006-09-26 50736]

"AsusTray"="c:\program files\EeePC\ACPI\AsTray.exe" [2008-12-04 114688]

"AsusEPCMonitor"="c:\program files\EeePC\ACPI\AsEPCMon.exe" [2008-05-21 94208]

"AsusACPIServer"="c:\program files\EeePC\ACPI\AsAcpiSvr.exe" [2008-12-18 622592]

"AOLDialer"="c:\program files\Common Files\AOL\ACS\AOLDial.exe" [2007-06-21 70952]

"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-07-21 295512]

"PCSUITE BACKUP"="c:\program files\MARKEMENT\PCSUITE BACKUP\bin\backupClient-pcsb.exe" [2013-10-22 112504]

.

c:\documents and settings\Adele\Start Menu\Programs\Startup\

Dropbox.lnk - c:\documents and settings\Adele\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

AOL 9.0 Tray-Symbol.lnk - c:\program files\AOL 9.0\aoltray.exe -check [2010-2-21 156784]

Asus Power Management Utility.lnk - c:\program files\ASUS\EeePC\Asus Power Management Utility\Asus Power Management Utility.exe [2009-3-8 294912]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2013-04-04 21:06        958576        ----a-w-        c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Common Files\\aol\\ACS\\AOLacsd.exe"=

"c:\\Program Files\\Common Files\\aol\\ACS\\AOLDial.exe"=

"c:\\Program Files\\AOL 9.0\\waol.exe"=

"c:\\Program Files\\Common Files\\aol\\1273586992\\ee\\aolsoftware.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Documents and Settings\\Adele\\Application Data\\Dropbox\\bin\\Dropbox.exe"=

.

R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [10.01.2013 18:23 37352]

R1 Ndisprot;GreenPacket NDIS Protocol Driver;c:\windows\system32\drivers\Ndisprot.sys [01.06.2010 09:14 21504]

R2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [10.01.2013 18:23 440376]

R2 pcsuite_backup;PCSUITE BACKUP;c:\program files\MARKEMENT\PCSUITE BACKUP\bin\backupService-pcsb.exe [22.10.2013 18:54 20856]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [16.04.2013 02:07 39056]

R3 RRNetCapMP;RRNetCapMP;c:\windows\system32\drivers\rrnetcap.sys [20.12.2011 11:49 31848]

S2 DSUDiskOptimizer;DSUDiskOptimizer;c:\program files\Disk Speedup\DSUDefragSrv.exe --> c:\program files\Disk Speedup\DSUDefragSrv.exe [?]

S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [13.07.2012 12:28 160944]

S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys --> c:\windows\system32\drivers\massfilter.sys [?]

S3 RRNetCap;RRNetCap Service;c:\windows\system32\drivers\rrnetcap.sys [20.12.2011 11:49 31848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-01-21 15:24        1211672        ----a-w-        c:\program files\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe

.

Inhalt des "geplante Tasks" Ordners

.

2014-01-21 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-21 16:51]

.

2013-12-24 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

.

2014-01-21 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 15:20]

.

2014-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-22 17:37]

.

2014-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2012-06-22 17:37]

.

2014-01-21 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-461096270-683511245-1749226496-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-04-16 10:45]

.

2013-11-10 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-461096270-683511245-1749226496-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-04-16 10:45]

.

2014-01-21 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-461096270-683511245-1749226496-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-04-16 10:45]

.

2013-08-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-461096270-683511245-1749226496-1006.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-04-16 10:45]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT3242337

uInternet Connection Wizard,ShellNext = hxxp://eeepc.asus.com/global

uInternet Settings,ProxyOverride = *.local

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\documents and settings\Adele\Application Data\Mozilla\Firefox\Profiles\kgink2wc.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - about:home

FF - ExtSQL: !HIDDEN! 2012-01-14 19:20; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

HKCU-Run-RDReminder - d:\regclean pro\RegCleanPro.exe

MSConfigStartUp-ApnUpdater - c:\program files\Ask.com\Updater\Updater.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2014-01-21 22:37

Windows 5.1.2600 Service Pack 3 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]

"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*]

"7040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

Zeit der Fertigstellung: 2014-01-21  22:41:29

ComboFix-quarantined-files.txt  2014-01-21 21:41

.

Vor Suchlauf: 23.996.112.896 bytes free

Nach Suchlauf: 24.749.031.424 bytes free

.

WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 562D875213F48CA54E54A3E75E8B4F59

--- --- ---
6D589CFCE97527CE5D3B291F4D2D54CB
Wie groß ist die Infektionsgefahr über Word dateien? Ich bin gerade mitten in einer Abschlussarbeit. Wie kann ich die Daten sichern? Was muss ich löschen?
Muss der PC völlig neu aufgebaut werden?
Mit freundlichen Grüßen
Adele

Ich sende meine Antwort noch einmal, da ich seit 1 Woche keine Antwort bekommen habe. Vielleicht habe ich etwas falsch gemacht.

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-01-2014

Ran by Adelheid (administrator) on KINGARTHUR on 22-01-2014 08:49:13

Running from Z:\

Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: German Standard

Internet Explorer Version 8

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) ===================
 

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe

(ABBYY) C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

(Acronis) C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe

(AOL LLC) C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe

(Spigot, Inc.) C:\Programme\Application Updater\ApplicationUpdater.exe

(Cisco Systems, Inc.) C:\Programme\Cisco Systems\VPN Client\cvpnd.exe

() C:\Programme\Sony\PlayMemories Home\dfs.exe

(Systweak Software., (www.systweak.com)) C:\Programme\Disk Speedup\DSUDefragSrv.exe

(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe

(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe

(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe

(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe

(Microsoft Corporation) C:\Programme\Microsoft LifeCam\MSCamS32.exe

(Nero AG) C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe

(Prolific Technology Inc.) C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe

(Sony Corporation) C:\Programme\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

() C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe

() C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe

(TuneUp Software) C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe

(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe

(TuneUp Software) C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe

(Visagesoft) C:\Programme\Avanquest\PDF Experte 7 Professional\vspdfprsrv.exe

(Babylon Ltd.) H:\Programme\Babylon\Babylon-Pro\Babylon.exe

(Sony Corporation) H:\Programme\appHelper\ReaderAppHelper.exe

(Sony Corporation) C:\Programme\Sony\PlayMemories Home\PMBVolumeWatcher.exe

(RealNetworks, Inc.) C:\Programme\real\realplayer\Update\realsched.exe

(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Programme\Microsoft ActiveSync\wcescomm.exe

(Nokia) D:\Programme\NokiaSuite\Nokia PC Suite 7\PCSuite.exe

(Nero AG) C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBCore.exe

(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\ipmgui.exe

(Skype Technologies S.A.) C:\Programme\Skype\Phone\Skype.exe

(Nokia) C:\Programme\PC Connectivity Solution\ServiceLayer.exe

(Nokia) C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe

(Nokia) C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe

(Belkin) C:\Programme\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe

(America Online, Inc.) C:\Programme\Gemeinsame Dateien\aol\1229768934\ee\aolsoftware.exe

(Mozilla Corporation) C:\Programme\Mozilla Firefox\firefox.exe

(AOL, LLC.) C:\Programme\AOL 9.0 VR\waol.exe

(AOL, LLC.) C:\Programme\AOL 9.0 VR\shellmon.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [APSDaemon] - C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM\...\Run: [vspdfprsrv.exe] - C:\Programme\Avanquest\PDF Experte 7 Professional\vspdfprsrv.exe [4252160 2011-06-23] (Visagesoft)

HKLM\...\Run: [Babylon Client] - H:\Programme\Babylon\Babylon-Pro\Babylon.exe [3589712 2013-02-26] (Babylon Ltd.)

HKLM\...\Run: [Reader Application Helper] - H:\Programme\appHelper\ReaderAppHelper.exe [899400 2013-03-18] (Sony Corporation)

HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Programme\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-03-26] (Cisco Systems, Inc.)

HKLM\...\Run: [PMBVolumeWatcher] - C:\Programme\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740888 2013-04-24] (Sony Corporation)

HKLM\...\Run: [TkBellExe] - C:\programme\real\realplayer\update\realsched.exe [295512 2013-09-15] (RealNetworks, Inc.)

HKLM\...\Run: [SearchSettings] - C:\Programme\Gemeinsame Dateien\Spigot\Search Settings\SearchSettings.exe [1383232 2013-12-27] (Spigot, Inc.)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)

HKLM\...\Policies\Explorer: [NoCDBurning] 0

HKCU\...\Run: [H/PC Connection Agent] - C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE [401491 2004-02-09] (Microsoft Corporation)

HKCU\...\Run: [PC Suite Tray] - D:\Programme\NokiaSuite\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)

HKCU\...\Run: [NBCore] - C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBCore.exe [1561896 2008-09-24] (Nero AG)

HKCU\...\Run: [Skype] - C:\Programme\Skype\Phone\Skype.exe [20684656 2013-07-25] (Skype Technologies S.A.)

HKCU\...\Run: [AOL Fast Start] - C:\Programme\AOL 9.0 VR\AOL.EXE [50480 2007-06-21] (AOL, LLC.)

HKU\Christian\...\Run: [H/PC Connection Agent] - C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE [ 2004-02-09] (Microsoft Corporation)

HKU\Felicitas\...\Run: [H/PC Connection Agent] - C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE [ 2004-02-09] (Microsoft Corporation)

HKU\Maria\...\Run: [H/PC Connection Agent] - C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE [ 2004-02-09] (Microsoft Corporation)

HKU\Maria\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin

Lsa: [Authentication Packages] msv1_0 relog_ap

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Belkin Wireless USB Utility.lnk

ShortcutTarget: Belkin Wireless USB Utility.lnk -> C:\Programme\Belkin\USB F5D7050\Wireless Utility\Belkinwcui.exe (Belkin)

Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VPN Client.lnk

ShortcutTarget: VPN Client.lnk -> C:\WINDOWS\Installer\{B0BF7057-6869-4E4B-920C-EA2A58DA07F0}\Icon3E5562ED7.ico ()

Startup: C:\Dokumente und Einstellungen\Maria\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk

ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe (No File)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 

SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716

SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&affID=119776&babsrc=SP_def&mntrId=E8E500059A3C7A00

SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF-DL&o=16596&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=1A&apn_dtid=YYYYYYYYDE&apn_uid=9459920D-BEA8-49E4-8BFB-EC768EBCE09B&apn_sauid=551F9421-67A1-4F16-8F5D-849EDACCA34F

SearchScopes: HKCU - {ABD84654-22F2-4FE6-8B8C-7A2B16BDBDFF} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}

SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3196716

BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll (Babylon BHO)

BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)

BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL (Sonic Solutions)

BHO: SwissAcademic.Citavi.Picker.IEPicker - {609D670F-B735-4da7-AC6D-F3BD358E325E} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)

BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} -  No File

BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - H:\Programme\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)

BHO: AdblockPlus - {9FD6379A-EF46-4193-BC64-99F59DF1334F} - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\AdblockPlus\IE\AdblockPlus.dll (Wladimir Palant)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWis0.dll (Conduit Ltd.)

Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)

Toolbar: HKLM - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll (Babylon Ltd.)

Toolbar: HKLM - WiseConvert Toolbar - {ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} - C:\Programme\WiseConvert\prxtbWis0.dll (Conduit Ltd.)

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\system32\browseui.dll (Microsoft Corporation)

Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)

Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)

Toolbar: HKCU - WiseConvert Toolbar - {EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} - C:\Programme\WiseConvert\prxtbWis0.dll (Conduit Ltd.)

DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} https://webvpn.fernuni-hagen.de/+CSCOL+/csvrloader32.cab

DPF: {538793D5-659C-4639-A56C-A179AD87ED44} https://webvpn.fernuni-hagen.de/CACHE/stc/1/binaries/vpnweb.cab

DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://de.myalbum.com/v3/skinsrc/core/system/5.5.6/ImageUploader5.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File

Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File

Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Programme\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)

ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)

Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{2E6D1503-DFA6-42CC-BE5B-CD53FCEB3FBB}: [NameServer]62.109.121.1 62.109.121.2
 

FireFox:

========

FF ProfilePath: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default

FF user.js: detected! => C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\user.js

FF NewTab: hxxp://www.searchgol.com/?affID=119776&babsrc=NT_def

FF Homepage: https://www.google.de/

FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=302398&p=

FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @canon.com/EPPEX - C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Programme\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Programme\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Programme\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\programme\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\programme\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

FF Plugin: @sony.com/ReaderDesktop - H:\Programme\npreaderdetectmoz.dll (Sony Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @viewpoint.com/VMP - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF Plugin: Adobe Reader - D:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\npqtplugin8.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Programme\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)

FF SearchPlugin: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\searchplugins\askcom.xml

FF SearchPlugin: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\searchplugins\askcomsearch.xml

FF SearchPlugin: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\searchplugins\BabylonMngr.xml

FF SearchPlugin: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\searchplugins\browsemngr.xml

FF SearchPlugin: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\searchplugins\BrowserProtect.xml

FF SearchPlugin: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\searchplugins\delta.xml

FF SearchPlugin: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\searchplugins\forestle-de.xml

FF SearchPlugin: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\searchplugins\imdb.xml

FF SearchPlugin: C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\searchplugins\searchgol.xml

FF SearchPlugin: C:\Programme\mozilla firefox\searchplugins\babylon.xml

FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Programme\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Browser Companion Helper - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\bbrs_002@blabbers.com [2012-10-16]

FF Extension: AdblockPlus - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\block@adblockplus.org [2013-01-10]

FF Extension: Delta Toolbar - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\ffxtlbr@delta.com [2013-02-12]

FF Extension: SearchGol - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\ffxtlbr@searchgol.com [2013-04-11]

FF Extension: Move Media Player - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\moveplayer@movenetworks.com [2009-05-01]

FF Extension: DownloadHelper - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013-08-29]

FF Extension: Webmail Ad Blocker - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\gmailnoads@mywebber.com.xpi [2012-10-19]

FF Extension: Nokia Drop - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\jid1-uzLUl48X4QaYDA@jetpack.xpi [2013-04-29]

FF Extension: Movie2kDownloader - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]

FF Extension: Address Bar Search - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi [2013-10-28]

FF Extension: Adblock Plus - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Mozilla\Firefox\Profiles\klux6hai.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-10-19]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-15]

FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-04-01]

FF HKLM\...\Firefox\Extensions: [ocr@babylon.com] - H:\Programme\Babylon\Babylon-Pro\Utils\ocr@babylon.com

FF Extension: Babylon Translation Activation - H:\Programme\Babylon\Babylon-Pro\Utils\ocr@babylon.com [2013-04-11]

FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\

FF Extension: RealDownloader - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

FF HKLM\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox

FF Extension: Citavi Picker - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox [2013-12-05]
 

Chrome: 

=======

CHR HomePage: hxxp://www.searchgol.com/home?affID=119776

CHR RestoreOnStartup: "hxxp://google.de/"

CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll No File

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\31.0.1650.63\pdf.dll ()

CHR Plugin: (Application Manager) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll No File

CHR Plugin: (Babylon ToolBar) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.8_0\BabylonChromeToolBar.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)

CHR Plugin: (Microsoft Office 2003) - C:\Programme\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Programme\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Download Plugin) - C:\Programme\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)

CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Programme\Mozilla Firefox\plugins\npqtplugin8.dll (Apple Inc.)

CHR Plugin: (RealJukebox NS Plugin) - C:\Programme\Mozilla Firefox\plugins\nprjplug.dll No File

CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

CHR Plugin: (DivX VOD Helper Plug-in) - C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

CHR Plugin: (DivX Plus Web Player) - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File

CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\WINDOWS\system32\npDeployJava1.dll No File

CHR Plugin: (Silverlight Plug-In) - C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File

CHR Plugin: (Reader Application Detector) - C:\Programme\Sony\ReaderDesktop\npreaderdetectmoz.dll No File

CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Extension: (Google Drive) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-09]

CHR Extension: (Browser Companion Helper) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf [2012-10-22]

CHR Extension: (Babylon Toolbar) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2012-10-16]

CHR Extension: (DealPly) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje [2012-10-22]

CHR Extension: (RealDownloader) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-16]

CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]

CHR Extension: (Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-10-16]

CHR Extension: (AdblockPlus) - C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\oajhdafmlgdbnceanjdnahnblimohpdc [2013-04-11]

CHR HKLM\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Programme\Movie2KDownloader.com\Movie2KDownloader10.crx [2013-04-11]

CHR HKLM\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Programme\BrowserCompanion\blabbers-ch.crx [2013-04-11]

CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - H:\Programme\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2013-04-11]

CHR HKLM\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Programme\DealPly\DealPly.crx [2013-04-11]

CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Programme\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

CHR HKLM\...\Chrome\Extension: [oajhdafmlgdbnceanjdnahnblimohpdc] - C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\AdblockPlus\CHROME\AdblockPlus.crx [2010-07-15]

CHR HKCU\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Programme\DealPly\DealPly.crx [2010-07-15]
 

========================== Services (Whitelisted) =================
 

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Programme\Gemeinsame Dateien\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)

R2 AcrSch2Svc; C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe [431384 2008-04-09] (Acronis)

R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-27] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-17] (Avira Operations GmbH & Co. KG)

R2 AOL ACS; C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe [46640 2006-10-23] (AOL LLC)

S4 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008 2012-12-21] (Apple Inc.)

R2 Application Updater; C:\Programme\Application Updater\ApplicationUpdater.exe [807800 2013-12-27] (Spigot, Inc.)

S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2008-09-10] ()

S4 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)

R2 CVPND; C:\Programme\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)

R2 DeviceFinderService; C:\Programme\Sony\PlayMemories Home\dfs.exe [149528 2013-04-24] ()

R2 DSUDiskOptimizer; C:\Programme\Disk Speedup\DSUDefragSrv.exe [669480 2014-01-10] (Systweak Software., (www.systweak.com))

S2 gupdate; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-25] (Google Inc.)

S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [135664 2010-02-25] (Google Inc.)

S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation)

S4 IJPLMSVC; C:\Programme\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()

R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)

S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [553288 2013-02-20] (Apple Inc.)

R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182696 2014-01-17] (Oracle Corporation)

S3 McComponentHostService; C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)

S2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)

S3 MozillaMaintenance; C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe [119408 2013-12-20] (Mozilla Foundation)

R2 MSCamSvc; C:\Programme\Microsoft LifeCam\MSCamS32.exe [271720 2007-05-17] (Microsoft Corporation)

S3 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)

R2 Nero BackItUp Scheduler 4.0; C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe [935208 2008-09-24] (Nero AG)

S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)

S4 NMSAccessU; F:\Programme\CDBurnerXP\NMSAccessU.exe [71096 2008-10-20] ()

S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)

R2 PLFlash DeviceIoControl Service; C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe [81920 2008-09-24] (Prolific Technology Inc.)

R2 PMBDeviceInfoProvider; C:\Programme\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation)

R2 RealNetworks Downloader Resolver Service; C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

R3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [724376 2012-06-11] (Nokia)

S2 SkypeUpdate; C:\Programme\Skype\Updater\Updater.exe [162672 2013-07-25] (Skype Technologies)

S3 Sony SCSI Helper Service; C:\Programme\Gemeinsame Dateien\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-02-15] (Sony Corporation)

R2 TryAndDecideService; C:\Programme\Gemeinsame Dateien\Acronis\Fomatik\TrueImageTryStartService.exe [492896 2008-04-09] ()

R2 TuneUp.UtilitiesSvc; C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [1527104 2011-12-08] (TuneUp Software)

R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [49152 2005-01-31] (Ulead Systems, Inc.)

R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.)

S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)

S3 ACDaemon; C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe [x]
 

==================== Drivers (Whitelisted) ====================
 

S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [39888 2013-03-26] (Cisco Systems, Inc.)

S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [58320 2013-03-26] (Cisco Systems, Inc.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)

S3 Ambfilt; C:\Windows\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-27] (Avira Operations GmbH & Co. KG)

R1 BIOS; C:\WINDOWS\system32\drivers\BIOS.sys [13696 2005-03-16] (BIOSTAR Group)

R3 BLKWGU(Belkin); C:\Windows\System32\DRIVERS\BLKWGU.sys [402944 2005-11-10] (Belkin Corporation)

R1 BS_I2cIo; C:\WINDOWS\system32\drivers\BS_I2cIo.sys [6272 2008-06-16] (BIOSTAR Group)

S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)

R1 Cdr4_xp; C:\Windows\System32\Drivers\Cdr4_xp.sys [2432 2006-11-07] (Sonic Solutions)

R1 Cdralw2k; C:\Windows\System32\Drivers\Cdralw2k.sys [2560 2006-11-07] (Sonic Solutions)

S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)

R2 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [308859 2010-03-23] (Cisco Systems, Inc.)

R2 DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [25724 2006-06-13] (Sonic Solutions)

R1 DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [5660 2006-03-17] (Sonic Solutions)

R2 DLADResN; C:\Windows\System32\DLA\DLADResN.SYS [2496 2006-06-13] (Sonic Solutions)

R2 DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [86844 2006-06-13] (Sonic Solutions)

R2 DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [14716 2006-06-13] (Sonic Solutions)

R2 DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [6364 2006-06-13] (Sonic Solutions)

R1 DLARTL_N; C:\Windows\System32\Drivers\DLARTL_N.SYS [22684 2006-03-17] (Sonic Solutions)

R2 DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [94460 2006-06-13] (Sonic Solutions)

R2 DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [88476 2006-06-13] (Sonic Solutions)

R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)

R2 DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [40544 2006-03-17] (Sonic Solutions)

R4 InCDfs; C:\Windows\System32\drivers\InCDFs.sys [118952 2007-11-26] (Nero AG)

R1 InCDPass; C:\Windows\System32\drivers\InCDPass.sys [36776 2007-11-26] (Nero AG)

U1 InCDrec; C:\Windows\System32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)

R1 incdrm; C:\Windows\System32\drivers\InCDRm.sys [38440 2007-11-26] (Nero AG)

S3 Monfilt; C:\Windows\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)

S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)

S3 NVHDA; C:\Windows\System32\drivers\nvhda32.sys [26272 2007-07-16] (NVIDIA Corporation)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)

R0 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [368480 2009-04-08] (Acronis)

R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [44384 2009-04-08] (Acronis)

R3 TuneUpUtilitiesDrv; C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [10064 2010-10-07] (TuneUp Software)

R3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1966312 2007-04-10] (Microsoft Corporation)

R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)

S3 wceusbsh; C:\Windows\System32\DRIVERS\wceusbsh.sys [104064 2003-12-22] (Microsoft Corporation)

R3 ZDPSp50; C:\Windows\System32\Drivers\ZDPSp50.sys [17664 2004-10-25] (Printing Communications Assoc., Inc. (PCAUSA))

R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; C:\Programme\CyberLink\PowerDVD\000.fcl [87536 2009-09-04] (CyberLink Corp.)

S3 BS_Flash; \??\C:\Programme\BIOS Update\Award\BS_Flash.sys [x]

R3 catchme; \??\C:\ComboFix\catchme.sys [x]

S3 cpuz130; \??\C:\DOKUME~1\Adelheid\LOKALE~1\Temp\cpuz130\cpuz_x32.sys [x]

S4 IntelIde; No ImagePath

U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

U3 mbr; \??\C:\ComboFix\mbr.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
 

==================== One Month Created Files and Folders ========
 

2014-01-22 08:39 - 2014-01-22 08:39 - 00000000 ____D C:\FRST

2014-01-21 21:35 - 2014-01-21 21:35 - 00036216 _____ C:\ComboFix.txt

2014-01-21 21:25 - 2014-01-21 21:35 - 00000000 ____D C:\ComboFix

2014-01-21 21:14 - 2014-01-21 23:44 - 00000000 ____D C:\WINDOWS\system32\NtmsData

2014-01-21 20:54 - 2014-01-21 20:54 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG

2014-01-21 20:54 - 2014-01-21 20:54 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG

2014-01-21 20:54 - 2014-01-21 20:54 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG

2014-01-21 20:54 - 2014-01-21 20:54 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG

2014-01-21 20:54 - 2014-01-21 20:54 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG

2014-01-21 20:43 - 2014-01-21 20:43 - 00000000 _RSHD C:\cmdcons

2014-01-21 20:43 - 2013-04-04 23:30 - 00000209 _____ C:\Boot.bak

2014-01-21 20:43 - 2004-08-03 23:00 - 00262448 __RSH C:\cmldr

2014-01-21 20:40 - 2014-01-21 21:35 - 00000000 ____D C:\Qoobox

2014-01-21 20:40 - 2011-06-26 07:45 - 00256000 _____ C:\WINDOWS\PEV.exe

2014-01-21 20:40 - 2010-11-07 18:20 - 00208896 _____ C:\WINDOWS\MBR.exe

2014-01-21 20:40 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe

2014-01-21 20:40 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe

2014-01-21 20:40 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe

2014-01-21 20:40 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe

2014-01-21 20:40 - 2000-08-31 01:00 - 00098816 _____ C:\WINDOWS\sed.exe

2014-01-21 20:40 - 2000-08-31 01:00 - 00080412 _____ C:\WINDOWS\grep.exe

2014-01-21 20:40 - 2000-08-31 01:00 - 00068096 _____ C:\WINDOWS\zip.exe

2014-01-21 20:39 - 2014-01-21 21:08 - 00000000 ____D C:\WINDOWS\erdnt

2014-01-21 20:37 - 2014-01-21 20:38 - 05172786 ____R (Swearware) C:\Dokumente und Einstellungen\Adelheid\Desktop\ComboFix.exe

2014-01-21 20:22 - 2014-01-21 20:24 - 05172786 _____ (Swearware) C:\Dokumente und Einstellungen\Maria\Desktop\ComboFix.exe

2014-01-20 12:05 - 2014-01-21 21:04 - 00001118 _____ C:\WINDOWS\setupapi.log

2014-01-18 14:23 - 2014-01-21 00:34 - 00000254 _____ C:\WINDOWS\Tasks\RegClean Prosch.job

2014-01-18 12:18 - 2014-01-18 12:18 - 00000000 ____H C:\WINDOWS\system32\config\system.sav.LOG

2014-01-18 12:18 - 2014-01-18 12:18 - 00000000 ____H C:\WINDOWS\system32\config\software.sav.LOG

2014-01-18 12:16 - 2014-01-18 12:16 - 00000000 ____H C:\WINDOWS\system32\config\SECURITY.sav.LOG

2014-01-18 12:16 - 2014-01-18 12:16 - 00000000 ____H C:\WINDOWS\system32\config\SAM.sav.LOG

2014-01-18 12:13 - 2014-01-18 12:19 - 00002502 _____ C:\WINDOWS\system32\ASOROSet.bin

2014-01-18 12:11 - 2014-01-18 12:13 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup

2014-01-17 17:17 - 2014-01-17 17:17 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\CIMG6937

2014-01-17 17:07 - 2014-01-17 17:13 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Disk Speedup.lnk

2014-01-17 17:07 - 2014-01-17 17:13 - 00000000 ____D C:\Programme\Disk Speedup

2014-01-17 17:07 - 2014-01-17 17:13 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Disk Speedup

2014-01-17 17:07 - 2014-01-17 17:07 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Systweak

2014-01-17 14:56 - 2014-01-20 15:01 - 00000262 _____ C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job

2014-01-17 14:56 - 2014-01-17 17:07 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Systweak

2014-01-17 14:56 - 2014-01-17 17:06 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RegClean Pro

2014-01-17 14:56 - 2014-01-17 17:05 - 00000707 _____ C:\Dokumente und Einstellungen\All Users\Desktop\RegClean Pro.lnk

2014-01-17 14:56 - 2014-01-17 17:05 - 00000000 ____D C:\Programme\RegClean Pro

2014-01-17 14:56 - 2014-01-17 14:56 - 00000270 _____ C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job

2014-01-17 14:54 - 2014-01-17 14:54 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe

2014-01-17 14:54 - 2014-01-17 14:54 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe

2014-01-17 14:54 - 2014-01-17 14:54 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe

2014-01-17 14:54 - 2014-01-17 14:54 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl

2014-01-17 14:54 - 2014-01-17 14:54 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll

2014-01-17 14:54 - 2014-01-17 14:54 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Java

2014-01-17 14:54 - 2014-01-17 14:54 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java

2014-01-15 13:25 - 2014-01-15 13:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$

2014-01-13 17:30 - 2014-01-13 17:30 - 00000000 ____D C:\Programme\pdfforge Toolbar

2014-01-13 17:30 - 2014-01-13 17:30 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Spigot

2014-01-13 17:30 - 2014-01-13 17:30 - 00000000 ____D C:\Programme\Application Updater

2014-01-13 17:30 - 2014-01-13 17:30 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Search Settings

2014-01-06 21:02 - 2014-01-06 21:02 - 00000269 _____ C:\Dokumente und Einstellungen\Adelheid\Desktop\2014-01-06 603.txt

2013-12-29 23:38 - 2013-12-29 23:39 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\Testkonstruktion

2013-12-29 23:33 - 2013-12-29 23:33 - 50286352 _____ () C:\Dokumente und Einstellungen\Maria\Desktop\NokiaSoftwareUpdaterSetup_DE.exe

2013-12-29 21:32 - 2013-12-29 21:32 - 00000273 _____ C:\Dokumente und Einstellungen\Adelheid\Desktop\2013-12-29 603.txt

2013-12-29 21:15 - 2013-12-29 21:15 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache

2013-12-29 20:29 - 2013-12-29 20:31 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\Adelheid

2013-12-24 13:31 - 2013-12-24 13:31 - 00000000 ____D C:\Dokumente und Einstellungen\Felicitas\Eigene Dateien\2013 Fotos Maria bei den Großeltern

2013-12-23 17:39 - 2013-12-23 17:39 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\W1LSE9
 

==================== One Month Modified Files and Folders =======
 

2014-01-22 08:48 - 2004-08-10 13:00 - 00000885 _____ C:\WINDOWS\WIN.INI

2014-01-22 08:39 - 2014-01-22 08:39 - 00000000 ____D C:\FRST

2014-01-22 08:37 - 2012-06-21 06:11 - 00002422 _____ C:\WINDOWS\system32\wpa.dbl

2014-01-22 08:37 - 2010-02-25 20:54 - 00001090 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-01-22 08:33 - 2008-12-19 18:44 - 01287669 _____ C:\WINDOWS\WindowsUpdate.log

2014-01-22 08:05 - 2012-09-29 17:58 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon

2014-01-22 07:54 - 2012-04-02 09:37 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2014-01-21 23:44 - 2014-01-21 21:14 - 00000000 ____D C:\WINDOWS\system32\NtmsData

2014-01-21 21:35 - 2014-01-21 21:35 - 00036216 _____ C:\ComboFix.txt

2014-01-21 21:35 - 2014-01-21 21:25 - 00000000 ____D C:\ComboFix

2014-01-21 21:35 - 2014-01-21 20:40 - 00000000 ____D C:\Qoobox

2014-01-21 21:35 - 2008-12-19 18:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2014-01-21 21:33 - 2004-08-10 13:00 - 00000227 _____ C:\WINDOWS\system.ini

2014-01-21 21:25 - 2008-12-19 18:49 - 00032432 _____ C:\WINDOWS\SchedLgU.Txt

2014-01-21 21:09 - 2008-12-19 18:48 - 00000000 __SHD C:\Dokumente und Einstellungen\NetworkService

2014-01-21 21:08 - 2014-01-21 20:39 - 00000000 ____D C:\WINDOWS\erdnt

2014-01-21 21:04 - 2014-01-20 12:05 - 00001118 _____ C:\WINDOWS\setupapi.log

2014-01-21 21:02 - 2013-10-14 10:09 - 00000278 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1004.job

2014-01-21 21:02 - 2013-06-16 12:09 - 00000276 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1003.job

2014-01-21 21:02 - 2013-04-03 11:01 - 00000276 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1003.job

2014-01-21 21:02 - 2011-09-04 16:24 - 00000278 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1004.job

2014-01-21 21:02 - 2011-05-28 20:41 - 00000270 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1005.job

2014-01-21 21:02 - 2010-02-25 20:54 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-01-21 20:57 - 2013-04-13 14:38 - 00000050 _____ C:\WINDOWS\wiaservc.log

2014-01-21 20:57 - 2008-12-19 18:42 - 00000000 ____D C:\WINDOWS\Registration

2014-01-21 20:57 - 2008-12-19 18:18 - 00000159 _____ C:\WINDOWS\wiadebug.log

2014-01-21 20:55 - 2013-04-10 13:52 - 00131072 _____ C:\WINDOWS\system32\config\TuneUp.evt

2014-01-21 20:55 - 2012-09-17 10:58 - 03997696 _____ C:\WINDOWS\system32\config\ACVPN.evt

2014-01-21 20:55 - 2008-12-19 19:14 - 51118080 _____ C:\WINDOWS\system32\config\software.bak

2014-01-21 20:55 - 2008-12-19 19:14 - 09699328 _____ C:\WINDOWS\system32\config\system.bak

2014-01-21 20:55 - 2008-12-19 19:14 - 01048576 _____ C:\WINDOWS\system32\config\default.bak

2014-01-21 20:55 - 2008-12-19 18:51 - 00000300 ___SH C:\Dokumente und Einstellungen\Adelheid\ntuser.ini

2014-01-21 20:55 - 2008-12-19 18:15 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak

2014-01-21 20:55 - 2008-12-19 18:15 - 00028672 _____ C:\WINDOWS\system32\config\SAM.bak

2014-01-21 20:54 - 2014-01-21 20:54 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG

2014-01-21 20:54 - 2014-01-21 20:54 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG

2014-01-21 20:54 - 2014-01-21 20:54 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG

2014-01-21 20:54 - 2014-01-21 20:54 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG

2014-01-21 20:54 - 2014-01-21 20:54 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG

2014-01-21 20:53 - 2008-12-19 18:51 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid

2014-01-21 20:53 - 2008-12-19 18:16 - 00000000 ___RD C:\Programme

2014-01-21 20:43 - 2014-01-21 20:43 - 00000000 _RSHD C:\cmdcons

2014-01-21 20:43 - 2008-12-19 19:14 - 00000325 __RSH C:\boot.ini

2014-01-21 20:38 - 2014-01-21 20:37 - 05172786 ____R (Swearware) C:\Dokumente und Einstellungen\Adelheid\Desktop\ComboFix.exe

2014-01-21 20:24 - 2014-01-21 20:22 - 05172786 _____ (Swearware) C:\Dokumente und Einstellungen\Maria\Desktop\ComboFix.exe

2014-01-21 18:10 - 2008-12-19 19:09 - 00000000 ____D C:\WINDOWS\system32\ias

2014-01-21 00:34 - 2014-01-18 14:23 - 00000254 _____ C:\WINDOWS\Tasks\RegClean Prosch.job

2014-01-20 15:01 - 2014-01-17 14:56 - 00000262 _____ C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job

2014-01-19 20:39 - 2013-07-01 16:56 - 00000000 ___RD C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\Dropbox

2014-01-19 13:24 - 2009-02-14 21:21 - 00002509 _____ C:\Dokumente und Einstellungen\Adelheid\Desktop\Microsoft Office Word 2003.lnk

2014-01-19 12:57 - 2013-04-03 11:01 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1003.job

2014-01-19 12:35 - 2009-06-24 12:12 - 00000000 ____D C:\WINDOWS\Minidump

2014-01-19 12:25 - 2012-06-09 20:48 - 00193536 _____ C:\Dokumente und Einstellungen\Adelheid\Desktop\Haushalt 200901.xls

2014-01-18 12:19 - 2014-01-18 12:13 - 00002502 _____ C:\WINDOWS\system32\ASOROSet.bin

2014-01-18 12:18 - 2014-01-18 12:18 - 00000000 ____H C:\WINDOWS\system32\config\system.sav.LOG

2014-01-18 12:18 - 2014-01-18 12:18 - 00000000 ____H C:\WINDOWS\system32\config\software.sav.LOG

2014-01-18 12:18 - 2008-12-19 18:49 - 00000000 __SHD C:\Dokumente und Einstellungen\LocalService

2014-01-18 12:16 - 2014-01-18 12:16 - 00000000 ____H C:\WINDOWS\system32\config\SECURITY.sav.LOG

2014-01-18 12:16 - 2014-01-18 12:16 - 00000000 ____H C:\WINDOWS\system32\config\SAM.sav.LOG

2014-01-18 12:13 - 2014-01-18 12:11 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup

2014-01-17 23:58 - 2009-11-16 14:16 - 00000276 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

2014-01-17 20:52 - 2013-06-16 12:09 - 00000284 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1003.job

2014-01-17 17:17 - 2014-01-17 17:17 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\CIMG6937

2014-01-17 17:13 - 2014-01-17 17:07 - 00001714 _____ C:\Dokumente und Einstellungen\All Users\Desktop\Disk Speedup.lnk

2014-01-17 17:13 - 2014-01-17 17:07 - 00000000 ____D C:\Programme\Disk Speedup

2014-01-17 17:13 - 2014-01-17 17:07 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Disk Speedup

2014-01-17 17:07 - 2014-01-17 17:07 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Systweak

2014-01-17 17:07 - 2014-01-17 14:56 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Systweak

2014-01-17 17:07 - 2008-12-19 18:15 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme

2014-01-17 17:06 - 2014-01-17 14:56 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\RegClean Pro

2014-01-17 17:05 - 2014-01-17 14:56 - 00000707 _____ C:\Dokumente und Einstellungen\All Users\Desktop\RegClean Pro.lnk

2014-01-17 17:05 - 2014-01-17 14:56 - 00000000 ____D C:\Programme\RegClean Pro

2014-01-17 15:28 - 2008-12-19 22:16 - 00000000 ____D C:\Programme\Canon

2014-01-17 15:27 - 2009-07-08 17:24 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Amazon

2014-01-17 14:56 - 2014-01-17 14:56 - 00000270 _____ C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job

2014-01-17 14:55 - 2012-11-08 18:08 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\WiseConvert

2014-01-17 14:54 - 2014-01-17 14:54 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe

2014-01-17 14:54 - 2014-01-17 14:54 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe

2014-01-17 14:54 - 2014-01-17 14:54 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe

2014-01-17 14:54 - 2014-01-17 14:54 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl

2014-01-17 14:54 - 2014-01-17 14:54 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll

2014-01-17 14:54 - 2014-01-17 14:54 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Java

2014-01-17 14:54 - 2014-01-17 14:54 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java

2014-01-17 14:54 - 2008-12-19 22:28 - 00000000 ____D C:\Programme\Java

2014-01-17 14:33 - 2013-03-02 21:34 - 00002347 _____ C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk

2014-01-15 13:28 - 2013-08-16 20:15 - 00000000 ____D C:\WINDOWS\system32\MRT

2014-01-15 13:25 - 2014-01-15 13:25 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$

2014-01-15 13:25 - 2008-12-21 23:45 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-01-13 17:30 - 2014-01-13 17:30 - 00000000 ____D C:\Programme\pdfforge Toolbar

2014-01-13 17:30 - 2014-01-13 17:30 - 00000000 ____D C:\Programme\Gemeinsame Dateien\Spigot

2014-01-13 17:30 - 2014-01-13 17:30 - 00000000 ____D C:\Programme\Application Updater

2014-01-13 17:30 - 2014-01-13 17:30 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Search Settings

2014-01-09 18:39 - 2009-03-22 13:08 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Paint.NET

2014-01-09 17:48 - 2008-12-23 13:26 - 00167424 _____ C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-01-06 21:02 - 2014-01-06 21:02 - 00000269 _____ C:\Dokumente und Einstellungen\Adelheid\Desktop\2014-01-06 603.txt

2014-01-05 18:18 - 2012-06-24 10:38 - 00000000 ___RD C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\Eigene Bilder

2014-01-05 18:18 - 2009-01-05 16:46 - 00000020 ____H C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLdu.DAT

2014-01-04 17:30 - 2013-12-18 19:34 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\Weihnachtsbrief 2013

2014-01-04 17:19 - 2008-12-19 22:20 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM

2014-01-04 14:49 - 2011-09-04 16:24 - 00000286 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1004.job

2014-01-02 17:46 - 2008-12-19 18:41 - 00000000 ___RD C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder

2013-12-30 11:09 - 2013-10-14 10:09 - 00000286 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1004.job

2013-12-30 10:43 - 2011-05-28 20:41 - 00000278 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1005.job

2013-12-30 03:04 - 2008-12-28 14:25 - 00458752 _____ C:\WINDOWS\system32\config\ACEEvent.evt

2013-12-29 23:39 - 2013-12-29 23:38 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\Testkonstruktion

2013-12-29 23:33 - 2013-12-29 23:33 - 50286352 _____ () C:\Dokumente und Einstellungen\Maria\Desktop\NokiaSoftwareUpdaterSetup_DE.exe

2013-12-29 21:32 - 2013-12-29 21:32 - 00000273 _____ C:\Dokumente und Einstellungen\Adelheid\Desktop\2013-12-29 603.txt

2013-12-29 21:15 - 2013-12-29 21:15 - 00000000 ____D C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache

2013-12-29 21:14 - 2012-11-08 18:08 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Anwendungsdaten\Conduit

2013-12-29 20:31 - 2013-12-29 20:29 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\Adelheid

2013-12-29 18:57 - 2013-07-01 16:52 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Anwendungsdaten\Dropbox

2013-12-29 16:29 - 2013-07-01 16:56 - 00001055 _____ C:\Dokumente und Einstellungen\Adelheid\Desktop\Dropbox.lnk

2013-12-29 16:29 - 2013-07-01 16:53 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Startmenü\Programme\Dropbox

2013-12-24 13:31 - 2013-12-24 13:31 - 00000000 ____D C:\Dokumente und Einstellungen\Felicitas\Eigene Dateien\2013 Fotos Maria bei den Großeltern

2013-12-23 18:11 - 2009-03-21 11:59 - 00056320 ___SH C:\Dokumente und Einstellungen\Felicitas\Eigene Dateien\Thumbs.db

2013-12-23 17:39 - 2013-12-23 17:39 - 00000000 ____D C:\Dokumente und Einstellungen\Adelheid\Eigene Dateien\W1LSE9
 

Some content of TEMP:

====================

C:\Dokumente und Einstellungen\Adelheid\Lokale Einstellungen\Temp\avgnt.exe

C:\Dokumente und Einstellungen\Maria\Lokale Einstellungen\Temp\avgnt.exe

C:\Dokumente und Einstellungen\Maria\Lokale Einstellungen\Temp\eauninstall.exe

C:\Dokumente und Einstellungen\Maria\Lokale Einstellungen\Temp\Harry Potter and the Prisoner of Azkaban_uninst.exe

C:\Dokumente und Einstellungen\Maria\Lokale Einstellungen\Temp\SkypeSetup.exe

C:\Dokumente und Einstellungen\Maria\Lokale Einstellungen\Temp\uninst1.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe

[2004-08-10 13:00] - [2008-04-14 03:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 
 

C:\Windows\System32\winlogon.exe

[2004-08-10 13:00] - [2008-04-14 03:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 
 

C:\Windows\System32\svchost.exe

[2004-08-10 13:00] - [2008-04-14 03:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 
 

C:\Windows\System32\services.exe

[2004-08-10 13:00] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 
 

C:\Windows\System32\User32.dll

[2004-08-10 13:00] - [2008-04-14 03:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 
 

C:\Windows\System32\userinit.exe

[2004-08-10 13:00] - [2008-04-14 03:23] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 
 

C:\Windows\System32\rpcss.dll

[2004-08-10 13:00] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b 
 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.

C:\Windows\System32\Drivers\volsnap.sys

[2004-08-10 13:00] - [2008-04-14 02:52] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 
 
 

==================== End Of Log ============================

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-01-2014

Ran by Adelheid at 2014-01-22 08:50:26

Running from Z:\

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
 

==================== Installed Programs ======================
 

7-Zip 9.20 (Version:  - )

ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY)

ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden

Acronis*True*Image*Home (Version: 11.0.8101 - Acronis)

ActiveSpeed (Version: 7.1.0 - Ascentive) Hidden

Adobe AIR (Version: 3.7.0.1530 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden

Adobe Connect 9 Add-in (HKCU Version: 11,2,261,0 - Adobe Systems Incorporated)

Adobe Digital Editions (Version:  - )

Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated)

Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden

AIM (Version:  - )

Amazon Kindle (Version:  - Amazon)

AOL Coach Version 1.0(Build:20040229.1 de) (Version:  - )

AOL Deinstallation (Version:  - )

AOL Installations-Manager (Version: 3.0.0.7 - AOL Deutschland)

AOL Toolbar 5.0 (Version: 5.0.70.1 - AOL)

Apple Application Support (Version: 2.3.4 - Apple Inc.)

Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)

Apple Software Update (Version: 2.1.3.127 - Apple Inc.)

Ask Toolbar (Version: 1.12.5.0 - Ask.com) <==== ATTENTION

ATI AVIVO Codecs (Version: 9.16.0.30508 - ATI Technologies Inc.)

ATI Catalyst Install Manager (Version: 3.0.812.0 - ATI Technologies, Inc.)

ATI Catalyst Registration (Version: 3.00.0000 - ATI Technologies Inc.) Hidden

ATI Parental Control & Encoder (Version: 3.0 - Ihr Firmenname) Hidden

ATI Problem Report Wizard (Version: 8.10 - ATI Technologies)

ATI Stream SDK v2 Developer (Version: 2.3.0.0 - ATI Technologies Inc.)

Avanquest update (Version: 1.33 - Avanquest Software)

Avira Free Antivirus (Version: 14.0.2.286 - Avira)

Babylon (Version:  - Babylon)

Babylon toolbar  (Version:  - BabylonToolbar) <==== ATTENTION

BabylonObjectInstaller (Version: 2.0.0.4 - Babylon Ltd)

Belkin Wireless USB Utility (Version: 6.3.2.16 - Belkin)

Belkin Wireless USB Utility (Version: 6.3.2.16 - Belkin) Hidden

BIOS Update (Version:  - )

BiosNotice (Version:  - )

Bonjour (Version: 3.0.0.10 - Apple Inc.)

C64 - Classix GOLD- Version 1.00 (Version:  - )

Canon Easy-PhotoPrint EX (Version:  - )

Canon Easy-WebPrint EX (Version:  - )

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (Version:  - )

Canon iP4500 series (Version:  - )

Canon MG5100 series MP Drivers (Version:  - )

Canon MP Navigator EX 4.0 (Version:  - )

Canon My Printer (Version:  - )

Canon Solution Menu EX (Version:  - )

Canon Utilities Solution Menu (Version:  - )

Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden

Catalyst Control Center Graphics Previews Common (Version: 2011.0126.1740.31600 - ATI) Hidden

Catalyst Control Center InstallProxy (Version: 2011.0126.1740.31600 - ATI Technologies, Inc.) Hidden

Catan - Städte und Ritter (Version: 1.220 - Catan GmbH)

CCC Help English (Version: 2011.0126.1739.31600 - ATI) Hidden

ccc-core-static (Version: 2011.0126.1740.31600 - Ihr Firmenname) Hidden

ccc-utility (Version: 2011.0126.1740.31600 - ATI) Hidden

CDBurnerXP (Version: 4.2.3.1110 - CDBurnerXP)

CD-LabelPrint (Version:  - )

Cisco AnyConnect Secure Mobility Client  (Version: 3.1.03103 - Cisco Systems, Inc.)

Cisco AnyConnect Secure Mobility Client (Version: 3.1.03103 - Cisco Systems, Inc.) Hidden

Cisco Systems VPN Client 5.0.07.0290 (Version: 5.0.6 - Cisco Systems, Inc.)

Citavi (Version: 3.4.0.2 - Swiss Academic Software)

Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)

CyberLink PowerDVD (Version: 7.3.5711.0 - CyberLink Corp.)

Disk Speedup (Version:  - Systweak Software)

DivX Converter (Version: 7.1.0 - DivX, Inc.)

DivX Plus DirectShow Filters (Version:  - DivX, Inc.)

DivX-Setup (Version: 2.6.1.8 - DivX, LLC)

Dropbox (HKCU Version: 2.4.10 - Dropbox, Inc.)

Easydivx0792 (Version:  - )

eHOT Line (Version:  - )

Electronic Arts Product Registration (Version: 1.01.0000 - Electronic Arts)

Electronic Arts Product Registration (Version: 1.01.0000 - Electronic Arts) Hidden

EPSON Copy Utility (Version:  - )

Epson Copy Utility 3.5 (Version: 3.5.0.0 - )

Epson Event Manager (Version: 2.40.0002 - SEIKO EPSON CORPORATION)

EPSON Perfection V33/V330 Handbuch (Version:  - )

EPSON Scan (Version:  - Seiko Epson Corporation)

EPSON Smart Panel (Version:  - )

EPSON TWAIN 5 (Version:  - )

FormatFactory 2.50 (Version: 2.50 - Free Time)

Free Studio version 4.9 (Version:  - DVDVideoSoft Limited.)

Free YouTube Download 2.3 (Version:  - DVDVideoSoft Limited.)

FreePDF (Remove only) (Version:  - )

Futuremark SystemInfo (Version: 3.21.2.1 - Futuremark Corporation)

Gapminder Desktop (Version: 1.0.20 - Gapminder Foundation) Hidden

Gapminder Desktop (Version: 1.0beta20 - Gapminder Foundation)

GIMP 2.6.5 (Version:  - )

Google Chrome (Version: 32.0.1700.76 - Google Inc.)

Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden

GPL Ghostscript 8.71 (Version:  - )

Harry Potter II (Version:  - )

Hotfix für Windows XP (KB952287) (Version: 1 - Microsoft Corporation)

HW Monitor (Version:  - )

IBM SPSS Statistics 21 (Version: 21.0.0.0 - IBM Corp)

Indeo® Software (Version:  - )

iTunes (Version: 11.0.2.26 - Apple Inc.)

iTunes Agent 1.3.1 (HKCU Version:  - )

iTunes Library Updater (Version: 1.2.2 - N/A)

Java 7 Update 51 (Version: 7.0.510 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Learn2 Player (Uninstall Only) (Version:  - )

Marvell Miniport Driver (Version: 9.12.3.3 - Marvell)

McAfee Security Scan Plus (Version: 3.0.318.3 - McAfee, Inc.)

Mendeley Desktop 1.9.1 (Version: 1.9.1 - Mendeley Ltd.)

Microsoft .NET Framework 1.0 Security Update (KB2833951) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 1.1 (Version:  - )

Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden

Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322 - Microsoft)

Microsoft .NET Framework 1.1 Security Update (KB2698023) (Version:  - )

Microsoft .NET Framework 1.1 Security Update (KB2833941) (Version:  - )

Microsoft .NET Framework 1.1 Security Update (KB979906) (Version:  - )

Microsoft .NET Framework 2.0 Language Pack - DEU (Version:  - Microsoft Corporation)

Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42 - Microsoft Corporation) Hidden

Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden

Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version:  - Microsoft Corporation) Hidden

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden

Microsoft LifeCam (Version: 1.40.164.0 - Microsoft)

Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Speech Recognition Engine 4.0 (English) (Version:  - )

Microsoft Text-to-Speech Engine 4.0 (English) (Version:  - )

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works 6-9 Converter (Version: 9.7.0000 - Microsoft Corporation)

Microsoft XML Parser (Version: 8.70.1104.04 - Microsoft Corporation) Hidden

Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)

Mozilla Maintenance Service (Version: 26.0 - Mozilla)

Mozilla Thunderbird (3.0.5) (Version: 3.0.5 (de) - Mozilla)

MSN (Version:  - )

MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden

MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)

Nero 7 Essentials (Version: 7.03.0918 - Nero AG)

Nero BackItUp (Version: 4.0.0.0 - Nero AG) Hidden

Nero BackItUp (Version: 4.0.1.102 - Nero AG) Hidden

Nero BackItUp 4 Essentials (Version:  - Nero AG)

Nero ControlCenter (Version: 0.0.0.1 - Nero AG) Hidden

Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden

Nero Installer (Version: 2.0.0.1 - Nero AG) Hidden

neroxml (Version: 1.0.0 - Nero AG) Hidden

Nikon Message Center (Version: 0.92.000 - Nikon)

Nikon Transfer (Version: 1.0.2 - Nikon)

Nokia Connectivity Cable Driver (Version: 7.1.78.0 - Nokia)

Nokia PC Suite (Version: 7.1.180.94 - Nokia)

Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden

Nokia Software Updater (Version: 3.0.655 - Nokia Corporation)

NTI Backup NOW! 3 (Version: 3.0.53 - NewTech Infosystems)

NTI Backup NOW! 3 (Version: 3.0.53 - NewTech Infosystems) Hidden

NTI CD & DVD-Maker (Version: 6.5 - NewTech Infosystems) Hidden

NTI CD & DVD-Maker 6.5 Gold  (Version: 6.5 - NewTech Infosystems)

NTI DriveBackup! 3 (Version: 3.0.46 - NewTech Infosystems)

NTI DriveBackup! 3 (Version: 3.0.46 - NewTech Infosystems) Hidden

OpenAL (Version:  - )

Otto (Version:  - )

Paint.NET v3.36 (Version: 3.36.0 - dotPDN LLC)

PC Connectivity Solution (Version: 12.0.27.0 - Nokia)

PDF Experte 7 Professional (Version: 7.0.1840.0 - Avanquest software)

PDFCreator (Version: 0.9.9 - Frank Heindörfer, Philip Chinery)

pdfforge Toolbar v8.6 (Version: 8.6 - Spigot, Inc.) <==== ATTENTION

PlayMemories Home (Version: 7.0.03.04240 - Sony Corporation)

Pod to PC 3.085 (Version:  - myPodApps)

QuickTime (Version: 7.71.80.42 - Apple Inc.)

Reader for PC (Version: 2.0.02.15180 - Sony Corporation)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (Version: 16.0.3 - RealNetworks)

REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.28.0000 - Realtek)

Realtek High Definition Audio Driver (Version: 5.10.0.6101 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

RedMon - Redirection Port Monitor (Version:  - )

RegClean Pro (Version: 6.21 - Systweak Inc) <==== ATTENTION

Rossmann Fotowelt Software 4.9 (Version: 4.9 - ORWO Net)

Roxio PhotoSuite 5 (Version: 5.0.1366.0 - Roxio Corp.)

ScanToWeb (Version:  - )

searchgol toolbar   (Version: 1.8.16.19 - searchgol) <==== ATTENTION

Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden

Sicherheitsupdate für Windows Internet Explorer 8 (KB2510531) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2544521) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2722913) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2744842) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2761465) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2792100) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2797052) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2799329) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2809289) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2817183) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2829530) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2838727) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2846071) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2847204) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2862772) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2870699) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2879017) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2888505) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Internet Explorer 8 (KB2898785) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB2834904) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB2834904-v2) (Version:  - Microsoft Corporation)

Sicherheitsupdate für Windows Media Player (KB952069) (Version:  - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows Media Player 10 (KB936782) (Version:  - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB2820197) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2829361) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2834886) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2839229) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2845187) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2847311) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2849470) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2850851) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2850869) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2859537) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2862152) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2862330) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2862335) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2864063) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2868038) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2868626) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2876217) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2876315) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2876331) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2883150) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2884256) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2892075) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2893294) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2893984) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2898715) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2900986) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB2914368) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB938464) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB946648) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950762) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB950974) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951066) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951376-v2) (Version: 2 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB951698) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB952954) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB954211) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB954600) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB955069) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956802) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956803) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB956841) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB957095) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB957097) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB958215) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB958644) (Version: 1 - Microsoft Corporation)

Sicherheitsupdate für Windows XP (KB960714) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB963027) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB969897) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB971961) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB972260) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB974455) (Version: 1 - Microsoft Corporation) Hidden

Sicherheitsupdate für Windows XP (KB975713) (Version: 1 - Microsoft Corporation) Hidden

Skype™ 6.7 (Version: 6.7.102 - Skype Technologies S.A.)

SmartSound Quicktracks Plugin (Version: 3.0.2.6 - SmartSound Software Inc)

SmartSound Quicktracks Plugin (Version: 3.0.2.6 - SmartSound Software Inc) Hidden

Sonic Encoders (Version: 1.00 - Sonic Solutions)

Sonic UDF Reader (Version: 5.2.1 - Sonic Solutions)

Sony Picture Utility (Version: 2.0.03.12280 - Sony Corporation)

Sony USB Driver (Version: 2.00 - Sony Corporation)

Spyware Striker (Version: 7.1.1 - Ascentive) Hidden

Sun ODF Plugin for Microsoft Office 3.2 (Version: 3.2.9483 - Sun Microsystems)

Tinypic 3.14 (Version: Tinypic 3.14 - E. Fiedler)

TuneUp Utilities 2011 (Version: 10.0.4500.49 - TuneUp Software)

TuneUp Utilities 2011 (Version: 10.0.4500.49 - TuneUp Software) Hidden

TuneUp Utilities Language Pack (de-DE) (Version: 10.0.4500.49 - TuneUp Software) Hidden

Übung macht den Meister Englisch (Version:  - )

Ulead VideoStudio 9.0 (Version: 9.0 - Ulead System)

Uninstall 1.0.0.1 (Version:  - )

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)

Update für Windows Media Player 10 (KB913800) (Version:  - Microsoft Corporation) Hidden

Update für Windows XP (KB2863058) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)

Update für Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden

Update für Windows XP (KB976749) (Version: 1 - Microsoft Corporation) Hidden

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden

VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden

Viewpoint Media Player (Version:  - )

VLC media player 1.0.5 (Version: 1.0.5 - VideoLAN Team)

Vtune ATI 4.0 (Version:  - )

WD Spindown or Stop Utility for External Drive, v1.00 (Version: 1.0.0 - Western Digital Technologies)

WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden

Windows Genuine Advantage Validation Tool (KB892130) (Version:  - Microsoft Corporation)

Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)

Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Essentials (Version: 14.0.8117.0416 - Microsoft Corporation)

Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Sign-in Assistant (Version: 5.000.818.5 - Microsoft Corporation)

Windows Live Upload Tool (Version: 14.0.8014.1029 - Microsoft Corporation)

Windows Media Encoder 9-Reihe (Version:  - )

Windows Media Encoder 9-Reihe (Version: 9.00.2980 - Microsoft Corporation) Hidden

Windows Media Format 11 runtime (Version:  - )

Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden

Windows Media Player 11 (Version:  - )

Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden

Windows Movie Maker 2.0 (Version: 2.0.0000 - Microsoft Corporation) Hidden

Windows PowerShell(TM) 1.0 (Version: 2 - Microsoft Corporation)

Windows XP Service Pack 3 (Version: 20080414.031514 - Microsoft Corporation)

Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (Version: 02/25/2011 4.7 - Nokia)

Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (Version: 02/25/2011 7.01.0.9 - Nokia)

Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0 - Nokia)

WiseConvert Toolbar (Version: 6.13.3.501 - WiseConvert)

Wondershare Photo Collage Studio 4.2.9.2 (Version: 4.2.9.2 - Wondershare Software Co.,Ltd.)

XviD MPEG-4 Codec (Version:  - )
 

==================== Restore Points  =========================
 

24-10-2013 18:24:19 Systemprüfpunkt

28-10-2013 15:37:46 Systemprüfpunkt

29-10-2013 15:55:11 Systemprüfpunkt

30-10-2013 21:56:16 Systemprüfpunkt

02-11-2013 06:50:19 Systemprüfpunkt

04-11-2013 12:57:23 Systemprüfpunkt

05-11-2013 16:20:34 Systemprüfpunkt

06-11-2013 16:45:34 Systemprüfpunkt

07-11-2013 17:29:50 Systemprüfpunkt

08-11-2013 21:11:50 Systemprüfpunkt

09-11-2013 21:59:07 Systemprüfpunkt

10-11-2013 22:09:03 Systemprüfpunkt

12-11-2013 20:02:41 Systemprüfpunkt

13-11-2013 11:35:13 Software Distribution Service 3.0

14-11-2013 15:47:59 Systemprüfpunkt

18-11-2013 10:13:23 Systemprüfpunkt

21-11-2013 21:58:45 Systemprüfpunkt

26-11-2013 20:12:12 Systemprüfpunkt

28-11-2013 06:40:14 Systemprüfpunkt

29-11-2013 15:07:38 Systemprüfpunkt

30-11-2013 15:57:55 Systemprüfpunkt

01-12-2013 18:12:53 Systemprüfpunkt

04-12-2013 07:49:06 Systemprüfpunkt

05-12-2013 09:14:26 Systemprüfpunkt

06-12-2013 15:49:40 Systemprüfpunkt

08-12-2013 12:07:19 Systemprüfpunkt

09-12-2013 16:31:05 Systemprüfpunkt

10-12-2013 17:52:02 Systemprüfpunkt

12-12-2013 17:22:30 Systemprüfpunkt

12-12-2013 18:00:20 Software Distribution Service 3.0

13-12-2013 18:01:05 Software Distribution Service 3.0

14-12-2013 18:38:42 Systemprüfpunkt

15-12-2013 19:01:29 Systemprüfpunkt

16-12-2013 19:46:25 Systemprüfpunkt

17-12-2013 20:48:37 Systemprüfpunkt

19-12-2013 12:30:14 Systemprüfpunkt

20-12-2013 13:47:32 Systemprüfpunkt

21-12-2013 14:07:47 Systemprüfpunkt

22-12-2013 14:12:51 Systemprüfpunkt

23-12-2013 17:41:21 Systemprüfpunkt

27-12-2013 11:55:46 Systemprüfpunkt

29-12-2013 14:47:56 Systemprüfpunkt

30-12-2013 15:45:19 Systemprüfpunkt

02-01-2014 09:57:02 Systemprüfpunkt

03-01-2014 11:38:17 Systemprüfpunkt

04-01-2014 14:10:12 Systemprüfpunkt

05-01-2014 18:50:25 Systemprüfpunkt

06-01-2014 18:52:23 Systemprüfpunkt

07-01-2014 20:55:47 Systemprüfpunkt

09-01-2014 19:37:55 Systemprüfpunkt

10-01-2014 20:11:08 Systemprüfpunkt

11-01-2014 21:55:32 Systemprüfpunkt

12-01-2014 23:23:02 Systemprüfpunkt

14-01-2014 13:48:27 Systemprüfpunkt

14-01-2014 18:00:16 Software Distribution Service 3.0

15-01-2014 12:24:30 Software Distribution Service 3.0

16-01-2014 13:02:04 Systemprüfpunkt

17-01-2014 13:53:51 Java 7 Update 7 wird entfernt

17-01-2014 13:54:18 Java 7 Update 51 wird installiert

17-01-2014 14:02:04 RegClean Pro Fr, Jan 17, 14  15:01

19-01-2014 21:24:49 Systemprüfpunkt

20-01-2014 22:06:03 Systemprüfpunkt
 

==================== Hosts content: ==========================
 

2004-08-10 13:00 - 2014-01-21 20:54 - 00000028 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
 
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1004.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1004.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1004.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-484763869-1425521274-839522115-1005.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1003.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1004.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-484763869-1425521274-839522115-1005.job => C:\Programme\Real\RealUpgrade\realupgrade.exe

Task: C:\WINDOWS\Tasks\RegClean Prosch.job => C:\Programme\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => C:\Programme\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => C:\Programme\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job => C:\Programme\Ask.com\UpdateTask.exe
 

==================== Loaded Modules (whitelisted) =============
 

2010-04-08 16:22 - 2001-10-28 15:42 - 00116224 _____ () C:\WINDOWS\system32\pdfcmnnt.dll

2010-07-08 17:54 - 2005-01-06 17:33 - 00116224 _____ () C:\WINDOWS\system32\redmonnt.dll

2011-04-14 15:44 - 1997-10-17 12:06 - 00018432 _____ () C:\WINDOWS\System32\spool\PRTPROCS\W32X86\jDocPrc.dll

2012-11-03 13:03 - 2012-09-19 19:17 - 00397088 _____ () C:\Programme\Avira\AntiVir Desktop\sqlite3.dll

2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\WINDOWS\system32\vpnapi.dll

2004-08-10 13:00 - 2011-02-04 17:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll

2004-08-10 13:00 - 2008-04-14 03:22 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

2013-04-10 15:38 - 2011-06-23 15:09 - 01101312 _____ () C:\Programme\Avanquest\PDF Experte 7 Professional\TMSlite140.bpl

2013-04-10 15:38 - 2011-06-23 15:09 - 02366464 _____ () C:\Programme\Avanquest\PDF Experte 7 Professional\BBlite140.bpl

2013-04-10 15:38 - 2010-11-23 08:46 - 02387456 _____ () C:\Programme\Avanquest\PDF Experte 7 Professional\PKIECtrl140.bpl

2013-04-10 15:38 - 2011-01-18 18:59 - 00684032 _____ () C:\Programme\Avanquest\PDF Experte 7 Professional\js32.dll

2013-04-10 15:38 - 2011-06-22 15:29 - 00336896 _____ () C:\Programme\Avanquest\PDF Experte 7 Professional\visage140.bpl

2013-04-10 15:38 - 2011-06-23 15:09 - 00089088 _____ () C:\Programme\Avanquest\PDF Experte 7 Professional\expertpdfcore140.bpl

2013-04-10 15:38 - 2011-06-22 15:29 - 00212992 _____ () C:\Programme\Avanquest\PDF Experte 7 Professional\vsmisc140.bpl

2013-04-11 15:50 - 2010-03-29 13:02 - 00520234 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon\sqlite3.dll

2013-03-18 12:56 - 2013-03-18 12:56 - 00880640 _____ () H:\Programme\appHelper\fsk.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00040264 _____ () H:\Programme\appHelper\FskMediaPlayers.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00239944 _____ () H:\Programme\appHelper\Fskin.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00026952 _____ () H:\Programme\appHelper\FskinLocalize.dll

2013-02-15 11:17 - 2013-02-15 11:17 - 00798720 _____ () H:\Programme\appHelper\FskSecurity.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00125256 _____ () H:\Programme\appHelper\FskDocumentViewer.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00016200 _____ () H:\Programme\appHelper\FskPower.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00024904 _____ () H:\Programme\appHelper\FskNetInterface.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00017224 _____ () H:\Programme\appHelper\FskMobileMediaDevice.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00015176 _____ () H:\Programme\appHelper\FskTimeHardware.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00034632 _____ () H:\Programme\appHelper\ticket.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00018760 _____ () H:\Programme\appHelper\ebookDeviceNotifier.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00092488 _____ () H:\Programme\appHelper\ebookUsb.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00149832 _____ () H:\Programme\appHelper\readerAppHelper.dll

2013-03-18 12:58 - 2013-03-18 12:58 - 00178504 _____ () H:\Programme\appHelper\USBDetector.dll

2012-06-26 12:11 - 2012-06-26 12:11 - 02302040 _____ () D:\Programme\NokiaSuite\Nokia PC Suite 7\QtCore4.dll

2012-06-26 12:11 - 2012-06-26 12:11 - 08197208 _____ () D:\Programme\NokiaSuite\Nokia PC Suite 7\QtGui4.dll

2012-06-26 12:11 - 2012-06-26 12:11 - 00345688 _____ () D:\Programme\NokiaSuite\Nokia PC Suite 7\QtXml4.dll

2012-06-26 12:10 - 2012-06-26 12:10 - 00202328 _____ () D:\Programme\NokiaSuite\Nokia PC Suite 7\imageformats\qjpeg4.dll

2012-06-26 12:10 - 2012-06-26 12:10 - 00027736 _____ () D:\Programme\NokiaSuite\Nokia PC Suite 7\imageformats\qsvg4.dll

2012-06-26 12:11 - 2012-06-26 12:11 - 00282200 _____ () D:\Programme\NokiaSuite\Nokia PC Suite 7\QtSvg4.dll

2005-10-28 10:13 - 2005-10-28 10:13 - 00167936 _____ () C:\Programme\Belkin\USB F5D7050\Wireless Utility\BelkinwcuiDLL.dll

2005-12-02 20:53 - 2005-12-02 20:53 - 00237568 _____ () C:\Programme\Belkin\USB F5D7050\Wireless Utility\BlkwcapiZU.DLL

2005-11-01 16:36 - 2005-11-01 16:36 - 00045056 _____ () C:\Programme\Belkin\USB F5D7050\Wireless Utility\ZDWLAN.dll

2005-09-21 20:39 - 2005-09-21 20:39 - 00212992 _____ () C:\Programme\Belkin\USB F5D7050\Wireless Utility\dot1x_dll.dll

2004-03-05 14:00 - 2004-03-05 14:00 - 00155648 _____ () C:\Programme\Belkin\USB F5D7050\Wireless Utility\SSLEAY32.dll

2004-03-05 14:00 - 2004-03-05 14:00 - 00827392 _____ () C:\Programme\Belkin\USB F5D7050\Wireless Utility\LIBEAY32.dll

2005-10-28 10:13 - 2005-10-28 10:13 - 00061440 _____ () C:\Programme\Belkin\USB F5D7050\Wireless Utility\BelkinHWStatus.dll

2013-12-20 13:00 - 2013-12-20 13:00 - 03559024 _____ () C:\Programme\Mozilla Firefox\mozjs.dll

2013-12-05 21:20 - 2013-12-05 21:20 - 00122880 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Swiss Academic Software\Citavi Picker\Firefox\components\CitaviPickerCommunication.dll

2004-01-09 21:02 - 2004-01-09 21:02 - 00045056 _____ () C:\Programme\AOL 9.0 VR\zlib.dll

2002-04-22 22:08 - 2002-04-22 22:08 - 00053248 _____ () C:\Programme\AOL 9.0 VR\xmlparse.dll

2002-04-22 22:08 - 2002-04-22 22:08 - 00081920 _____ () C:\Programme\AOL 9.0 VR\xmltok.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
 

==================== Faulty Device Manager Devices =============
 

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows

Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows

Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}

Manufacturer: Cisco Systems

Service: vpnva

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Cisco Systems VPN Adapter

Description: Cisco Systems VPN Adapter

Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}

Manufacturer: Cisco Systems

Service: CVirtA

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Nokia 3110c

Description: Nokia 3110c

Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

Manufacturer: Nokia

Service: WUDFRd

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (01/21/2014 09:31:46 PM) (Source: crypt32) (User: )

Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.

.
 

Error: (01/21/2014 09:31:46 PM) (Source: crypt32) (User: )

Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: A connection with the server could not be established

.
 

Error: (01/21/2014 08:52:07 PM) (Source: crypt32) (User: )

Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: Diese Netzwerkverbindung ist nicht vorhanden.

.
 

Error: (01/21/2014 08:52:06 PM) (Source: crypt32) (User: )

Description: Der automatische Aktualisierungsabruf der Drittanbieterstammlisten-Sequenznummer von <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> ist fehlgeschlagen mit dem Fehler: A connection with the server could not be established

.
 

Error: (01/19/2014 04:01:55 PM) (Source: VSS) (User: )

Description: Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert in 0x800423f4) fehlgeschlagen.
 

Error: (01/19/2014 03:19:28 PM) (Source: VSS) (User: )

Description: Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert in 0x800423f4) fehlgeschlagen.
 

Error: (01/19/2014 03:13:34 PM) (Source: VSS) (User: )

Description: Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert in 0x800423f4) fehlgeschlagen.
 

Error: (01/19/2014 03:01:22 PM) (Source: VSS) (User: )

Description: Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert in 0x800423f4) fehlgeschlagen.
 

Error: (01/19/2014 02:58:53 PM) (Source: VSS) (User: )

Description: Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert in 0x800423f4) fehlgeschlagen.
 

Error: (01/19/2014 02:58:46 PM) (Source: VSS) (User: )

Description: Volumeschattenkopie-Dienstfehler: Von Schattenkopieautor "RemovableStorageManager" aufgerufene Routine "OpenNtmsSessionW" ist mit Status "0x80070422" (konvertiert in 0x800423f4) fehlgeschlagen.
 
 

System errors:

=============

Error: (01/21/2014 11:44:16 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 

Error: (01/21/2014 11:44:04 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 

Error: (01/21/2014 11:10:43 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 

Error: (01/21/2014 11:10:41 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 

Error: (01/21/2014 11:06:58 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 

Error: (01/21/2014 11:06:54 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 

Error: (01/21/2014 11:01:13 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 

Error: (01/21/2014 11:01:13 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 

Error: (01/21/2014 11:01:12 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 

Error: (01/21/2014 10:56:02 PM) (Source: Wechselmediendienst) (User: )

Description: Der Wechselmediendienst konnte die Medien in Laufwerk Laufwerk 0 der Bibliothek General USB Flash Disk USB Device nicht laden.
 
 

Microsoft Office Sessions:

=========================

Error: (01/21/2014 09:31:46 PM) (Source: crypt32)(User: )

Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtDiese Netzwerkverbindung ist nicht vorhanden.
 

Error: (01/21/2014 09:31:46 PM) (Source: crypt32)(User: )

Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established
 

Error: (01/21/2014 08:52:07 PM) (Source: crypt32)(User: )

Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtDiese Netzwerkverbindung ist nicht vorhanden.
 

Error: (01/21/2014 08:52:06 PM) (Source: crypt32)(User: )

Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtA connection with the server could not be established
 

Error: (01/19/2014 04:01:55 PM) (Source: VSS)(User: )

Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW
 

Error: (01/19/2014 03:19:28 PM) (Source: VSS)(User: )

Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW
 

Error: (01/19/2014 03:13:34 PM) (Source: VSS)(User: )

Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW
 

Error: (01/19/2014 03:01:22 PM) (Source: VSS)(User: )

Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW
 

Error: (01/19/2014 02:58:53 PM) (Source: VSS)(User: )

Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW
 

Error: (01/19/2014 02:58:46 PM) (Source: VSS)(User: )

Description: 0x800704220x800423f4RemovableStorageManagerOpenNtmsSessionW
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 44%

Total physical RAM: 2047.23 MB

Available physical RAM: 1136.46 MB

Total Pagefile: 3938.65 MB

Available Pagefile: 2585.71 MB

Total Virtual: 2047.88 MB

Available Virtual: 1934.61 MB
 

==================== Drives ================================
 

Drive c: (Laufwerk_C) (Fixed) (Total:128.53 GB) (Free:22.02 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive d: (Volume) (Fixed) (Total:296.75 GB) (Free:21.19 GB) NTFS

Drive f: (Laufwerk_F) (Fixed) (Total:232.88 GB) (Free:63.05 GB) NTFS ==>[Drive with boot components (Windows XP)]

Drive h: () (Fixed) (Total:292.97 GB) (Free:76.04 GB) NTFS

Drive j: () (Removable) (Total:14.91 GB) (Free:14.85 GB) FAT32

Drive z: (Volume) (Fixed) (Total:213.26 GB) (Free:212.92 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 233 GB) (Disk ID: B1B686F9)

Partition 1: (Active) - (Size=233 GB) - (Type=07 NTFS)
 

========================================================

Disk: 1 (Size: 932 GB) (Disk ID: CA60CA60)

Partition 1: (Active) - (Size=129 GB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=297 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=293 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=213 GB) - (Type=07 NTFS)
 

========================================================

Disk: 2 (Size: 15 GB) (Disk ID: 00000000)

Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)
 

==================== End Of Log ============================

Weitere Daten vom Laptop und die Ergebnisse vom Mailware-Programm übersteigen ungezipt die Kapazität dieser Nachricht. Ich hatte über 100 Befunde bei Maleware. Habe sie alle gelöscht. Aber bin ich jetzt damit sicher? Avira fand TR/Trash.Gen, TR/Drop.Softomat.AN, SWF/Dldr.AdSechost.A, APPL//Somoto.Gen2, ADWARE/Vattalia.AB, APPL/InstallIQ.Gen5, ADWARE/YontooGen. Sind alle in der Quarantäne.

Vielen herzlichen Dank für Ihre Mühe
Adele