Gerald77 | 21.08.2014 15:58 | Hallo,
hier also die Logs: Code:
# AdwCleaner v3.308 - Bericht erstellt am 21/08/2014 um 15:59:59
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Schnatz - LAPTOP
# Gestartet von : C:\Users\Schnatz\Desktop\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Schnatz\AppData\Roaming\Mozilla\Firefox\Profiles\5sec4p80.default-1408516775631\prefs.js ]
[ Datei : C:\Users\Schnatz-Schnute\AppData\Roaming\Mozilla\Firefox\Profiles\dz3j0nti.default\prefs.js ]
[ Datei : C:\Users\Schnute\AppData\Roaming\Mozilla\Firefox\Profiles\4h1pj4wh.default\prefs.js ]
-\\ Google Chrome v36.0.1985.143
[ Datei : C:\Users\Schnatz\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Schnatz-Schnute\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ Datei : C:\Users\Schnute\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [8337 octets] - [24/12/2013 21:04:12]
AdwCleaner[R1].txt - [5576 octets] - [19/08/2014 18:01:38]
AdwCleaner[R2].txt - [5636 octets] - [19/08/2014 18:04:49]
AdwCleaner[R3].txt - [1867 octets] - [20/08/2014 08:55:44]
AdwCleaner[R4].txt - [1810 octets] - [21/08/2014 15:57:16]
AdwCleaner[S0].txt - [8071 octets] - [25/12/2013 00:25:57]
AdwCleaner[S1].txt - [5493 octets] - [19/08/2014 18:05:39]
AdwCleaner[S2].txt - [1882 octets] - [20/08/2014 08:57:36]
AdwCleaner[S3].txt - [1731 octets] - [21/08/2014 15:59:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1791 octets] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Schnatz on 21.08.2014 at 16:39:53,54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Schnatz\AppData\Roaming\mozilla\firefox\profiles\5sec4p80.default-1408516775631\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.08.2014 at 16:47:06,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 21.08.2014
Suchlauf-Zeit: 16:18:49
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.21.04
Rootkit Datenbank: v2014.08.16.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Schnatz
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 439740
Verstrichene Zeit: 16 Min, 48 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 0
(No malicious items detected)
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 0
(No malicious items detected)
Physische Sektoren: 0
(No malicious items detected)
(end) FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Schnatz (administrator) on LAPTOP on 21-08-2014 16:49:18
Running from C:\Users\Schnatz\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(ASUS) C:\Windows\AsScrPro.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Firebird Project) C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\Winamp\winampa.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-03-04] (Synaptics Incorporated)
HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2010-11-02] (Intel(R) Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-24] ()
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\Winampa.exe [12288 2003-04-17] ()
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-272760400-1270822022-3501408996-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKU\S-1-5-21-272760400-1270822022-3501408996-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-06] (Acresso Corporation)
HKU\S-1-5-21-272760400-1270822022-3501408996-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DriverScanner] => "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-02-21] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-02-21] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: SmartFTP Drop -> {EA5A76F7-8138-4B53-B0F5-ADCC730CAFBD} => C:\Program Files\SmartFTP Client\sfShellTools.dll (SmartSoft Ltd.)
ShellIconOverlayIdentifiers-x32: EldosIconOverlay -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Schnatz\AppData\Roaming\Mozilla\Firefox\Profiles\5sec4p80.default-1408516775631
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Schnatz\AppData\Roaming\Mozilla\Firefox\Profiles\5sec4p80.default-1408516775631\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-20]
FF Extension: Download Protect - C:\Program Files (x86)\Mozilla Firefox\extensions\{3274AE82-2718-4180-8A64-E74BE8DB11C6} [2014-07-23]
Chrome:
=======
CHR HomePage: hxxp://www.google.de?hl=de&gl=de
CHR DefaultSearchURL: hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de
CHR DefaultNewTabURL: hxxp://www.google.de/?hl=de&gl=de
CHR DefaultSuggestURL: hxxp://www.google.de/suggest?q={searchTerms}&hl=de&gl=de
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Schnatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.8.0.8855_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Schnatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-21]
CHR Extension: (Google-Suche) - C:\Users\Schnatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-21]
CHR Extension: (Download Protect) - C:\Users\Schnatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\idaialjmlhdeppmdcpmajhnmclbbbbfc [2014-04-20]
CHR Extension: (Skype Click to Call) - C:\Users\Schnatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-05-21]
CHR Extension: (Google Wallet) - C:\Users\Schnatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-08]
CHR Extension: (Google Mail) - C:\Users\Schnatz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-11-29]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 FirebirdGuardianDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbguard.exe [98304 2010-09-17] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files (x86)\Firebird\Firebird_2_5\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2013-12-24] (IObit)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-11-02] ()
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [204576 2014-05-19] (Microsoft)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 16:49 - 2014-08-21 16:49 - 00025889 _____ () C:\Users\Schnatz\Desktop\FRST.txt
2014-08-21 16:47 - 2014-08-21 16:47 - 00000774 _____ () C:\Users\Schnatz\Desktop\JRT.txt
2014-08-21 16:36 - 2014-08-21 16:36 - 00001158 _____ () C:\Users\Schnatz\Desktop\mbam.txt
2014-08-21 16:16 - 2014-08-21 16:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 16:16 - 2014-08-21 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-21 16:15 - 2014-08-21 16:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-21 16:15 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-21 16:15 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-21 16:15 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-21 16:14 - 2014-08-21 16:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Schnatz\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-21 15:59 - 2014-08-21 16:00 - 00001871 _____ () C:\Users\Schnatz\Desktop\AdwCleaner[S3].txt
2014-08-21 15:56 - 2014-08-21 15:56 - 01364531 _____ () C:\Users\Schnatz\Desktop\adwcleaner_3.308.exe
2014-08-21 14:00 - 2014-08-21 14:02 - 00000000 ____D () C:\Users\Schnatz\Desktop\Produktfotos Jacqueline
2014-08-21 12:16 - 2014-08-21 12:16 - 00029559 _____ () C:\ComboFix.txt
2014-08-21 11:44 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-21 11:44 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-21 11:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-21 11:44 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-21 11:44 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-21 11:44 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-21 11:44 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-21 11:44 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-21 11:43 - 2014-08-21 12:16 - 00000000 ____D () C:\Qoobox
2014-08-21 11:43 - 2014-08-21 12:16 - 00000000 ____D () C:\ComboFix
2014-08-21 11:42 - 2014-08-21 12:12 - 00000000 ____D () C:\Windows\erdnt
2014-08-21 11:41 - 2014-08-21 11:42 - 05572251 ____R (Swearware) C:\Users\Schnatz\Desktop\ComboFix.exe
2014-08-21 10:57 - 2014-08-21 10:57 - 00011639 _____ () C:\Users\Schnatz\Desktop\FRST.zip
2014-08-21 10:32 - 2014-08-21 10:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-21 10:32 - 2014-08-21 10:32 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-08-21 10:31 - 2014-08-21 10:31 - 00000974 _____ () C:\Users\Schnatz\Desktop\gmer.zip
2014-08-21 10:00 - 2014-08-21 10:00 - 00003336 _____ () C:\Users\Schnatz\Desktop\gmer.txt
2014-08-21 09:43 - 2014-08-21 09:43 - 00380416 _____ () C:\Users\Schnatz\Desktop\8wvku4y7.exe
2014-08-21 09:37 - 2014-08-21 16:49 - 00000000 ____D () C:\FRST
2014-08-21 09:36 - 2014-08-21 09:37 - 02101760 _____ (Farbar) C:\Users\Schnatz\Desktop\FRST64.exe
2014-08-21 09:34 - 2014-08-21 09:35 - 00000476 _____ () C:\Users\Schnatz\Desktop\defogger_disable.txt
2014-08-21 09:34 - 2014-08-21 09:34 - 00000000 _____ () C:\Users\Schnatz\defogger_reenable
2014-08-21 09:31 - 2014-08-21 09:31 - 00050477 _____ () C:\Users\Schnatz\Desktop\Defogger.exe
2014-08-21 09:20 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-21 09:20 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-21 09:20 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-21 09:20 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-21 09:19 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-21 09:19 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-21 09:19 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-21 09:19 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-21 09:19 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-21 09:19 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-21 09:19 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-21 09:19 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-21 09:19 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-21 09:19 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-20 08:49 - 2014-08-20 22:12 - 00000000 ____D () C:\Users\Schnatz\AppData\Local\CrashDumps
2014-08-20 08:39 - 2014-08-20 08:39 - 00000000 ____D () C:\Users\Schnatz\Desktop\Alte Firefox-Daten
2014-08-19 18:14 - 2014-04-06 08:36 - 01016261 _____ (Thisisu) C:\Users\Schnatz\Desktop\JRT_NEW.exe
2014-08-19 18:02 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-19 16:33 - 2014-08-20 08:39 - 00002414 _____ () C:\Users\Schnatz\Desktop\Rkill.txt
2014-08-19 10:04 - 2014-08-19 10:05 - 00000000 ____D () C:\Program Files\Unlocker
2014-08-19 10:04 - 2014-08-19 10:04 - 00000000 ____D () C:\Users\Schnatz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-08-13 23:31 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 23:31 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 23:31 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 23:31 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 23:31 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 23:31 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 23:30 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 23:30 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 07:29 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 07:29 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 07:29 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 07:29 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 07:29 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 07:29 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 07:29 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 07:29 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 07:29 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 07:29 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 07:29 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 07:29 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 07:29 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 07:29 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 07:29 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 07:29 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 07:29 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 07:29 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 07:29 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 07:29 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 07:29 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 07:29 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 07:29 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 07:29 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 07:29 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 07:29 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 07:29 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 07:29 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 07:29 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 07:29 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 07:29 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 07:29 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 07:29 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 07:29 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 07:29 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 07:29 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 07:29 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 07:29 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 07:29 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 07:29 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 07:29 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 07:29 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 07:29 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 07:29 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 07:29 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 07:29 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 07:29 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 07:29 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 07:29 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 07:29 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 07:29 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 07:29 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 07:29 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 07:29 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 07:29 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 07:29 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 07:29 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 07:29 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 07:29 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 07:29 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 07:29 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 07:29 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 07:29 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 07:29 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 07:29 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 07:29 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 07:29 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 07:29 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 07:28 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 07:28 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 07:28 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 07:28 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 07:28 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 07:28 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 07:28 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 07:28 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 07:28 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 07:28 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 07:28 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 07:28 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 07:28 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 07:28 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 07:28 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 07:27 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 07:27 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-11 07:35 - 2014-08-11 12:50 - 00022983 _____ () C:\Users\Schnatz\Desktop\Ikea Einkauf.htm
2014-08-11 07:35 - 2014-08-11 12:50 - 00000000 ____D () C:\Users\Schnatz\Desktop\Ikea Einkauf-Dateien
2014-08-07 17:04 - 2014-08-19 09:08 - 00000000 ____D () C:\Users\Schnatz\AppData\Roaming\Spotify
2014-08-07 17:04 - 2014-08-18 18:40 - 00000000 ____D () C:\Users\Schnatz\AppData\Local\Spotify
2014-08-07 17:04 - 2014-08-07 17:04 - 00001817 _____ () C:\Users\Schnatz\Desktop\Spotify.lnk
2014-08-07 17:04 - 2014-08-07 17:04 - 00001803 _____ () C:\Users\Schnatz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-07 16:38 - 2014-08-07 16:38 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-04 18:05 - 2014-08-04 18:20 - 00000000 ____D () C:\Users\Schnatz\Desktop\iPod
2014-07-23 07:05 - 2014-07-23 07:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-21 16:49 - 2014-08-21 16:49 - 00025889 _____ () C:\Users\Schnatz\Desktop\FRST.txt
2014-08-21 16:49 - 2014-08-21 09:37 - 00000000 ____D () C:\FRST
2014-08-21 16:47 - 2014-08-21 16:47 - 00000774 _____ () C:\Users\Schnatz\Desktop\JRT.txt
2014-08-21 16:39 - 2011-06-20 22:43 - 01324450 _____ () C:\Windows\WindowsUpdate.log
2014-08-21 16:38 - 2011-04-13 04:33 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-21 16:36 - 2014-08-21 16:36 - 00001158 _____ () C:\Users\Schnatz\Desktop\mbam.txt
2014-08-21 16:18 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 16:18 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 16:16 - 2014-08-21 16:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 16:16 - 2014-08-21 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-21 16:16 - 2014-08-21 16:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-21 16:14 - 2014-08-21 16:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Schnatz\Desktop\mbam-setup-2.0.2.1012.exe
2014-08-21 16:08 - 2011-04-13 04:33 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-21 16:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-21 16:07 - 2009-07-14 06:51 - 00229126 _____ () C:\Windows\setupact.log
2014-08-21 16:06 - 2009-07-14 06:45 - 05085328 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 16:05 - 2013-12-24 21:04 - 00000000 ____D () C:\AdwCleaner
2014-08-21 16:05 - 2012-07-11 19:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 16:00 - 2014-08-21 15:59 - 00001871 _____ () C:\Users\Schnatz\Desktop\AdwCleaner[S3].txt
2014-08-21 16:00 - 2011-04-13 03:39 - 00539242 _____ () C:\Windows\PFRO.log
2014-08-21 15:56 - 2014-08-21 15:56 - 01364531 _____ () C:\Users\Schnatz\Desktop\adwcleaner_3.308.exe
2014-08-21 14:02 - 2014-08-21 14:00 - 00000000 ____D () C:\Users\Schnatz\Desktop\Produktfotos Jacqueline
2014-08-21 12:16 - 2014-08-21 12:16 - 00029559 _____ () C:\ComboFix.txt
2014-08-21 12:16 - 2014-08-21 11:43 - 00000000 ____D () C:\Qoobox
2014-08-21 12:16 - 2014-08-21 11:43 - 00000000 ____D () C:\ComboFix
2014-08-21 12:16 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-21 12:12 - 2014-08-21 11:42 - 00000000 ____D () C:\Windows\erdnt
2014-08-21 12:06 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-21 11:42 - 2014-08-21 11:41 - 05572251 ____R (Swearware) C:\Users\Schnatz\Desktop\ComboFix.exe
2014-08-21 11:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-21 10:57 - 2014-08-21 10:57 - 00011639 _____ () C:\Users\Schnatz\Desktop\FRST.zip
2014-08-21 10:46 - 2014-08-21 10:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-08-21 10:32 - 2014-08-21 10:32 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-08-21 10:31 - 2014-08-21 10:31 - 00000974 _____ () C:\Users\Schnatz\Desktop\gmer.zip
2014-08-21 10:00 - 2014-08-21 10:00 - 00003336 _____ () C:\Users\Schnatz\Desktop\gmer.txt
2014-08-21 09:43 - 2014-08-21 09:43 - 00380416 _____ () C:\Users\Schnatz\Desktop\8wvku4y7.exe
2014-08-21 09:37 - 2014-08-21 09:36 - 02101760 _____ (Farbar) C:\Users\Schnatz\Desktop\FRST64.exe
2014-08-21 09:35 - 2014-08-21 09:34 - 00000476 _____ () C:\Users\Schnatz\Desktop\defogger_disable.txt
2014-08-21 09:34 - 2014-08-21 09:34 - 00000000 _____ () C:\Users\Schnatz\defogger_reenable
2014-08-21 09:34 - 2011-12-12 22:54 - 00000000 ____D () C:\Users\Schnatz
2014-08-21 09:31 - 2014-08-21 09:31 - 00050477 _____ () C:\Users\Schnatz\Desktop\Defogger.exe
2014-08-21 09:21 - 2014-04-04 19:37 - 00000000 ____D () C:\Users\Schnatz\AppData\Local\Adobe
2014-08-20 22:12 - 2014-08-20 08:49 - 00000000 ____D () C:\Users\Schnatz\AppData\Local\CrashDumps
2014-08-20 19:50 - 2011-12-20 12:17 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-08-20 08:39 - 2014-08-20 08:39 - 00000000 ____D () C:\Users\Schnatz\Desktop\Alte Firefox-Daten
2014-08-20 08:39 - 2014-08-19 16:33 - 00002414 _____ () C:\Users\Schnatz\Desktop\Rkill.txt
2014-08-19 17:47 - 2014-02-15 18:38 - 00000000 ____D () C:\Program Files (x86)\Eurofibu 2K4KBS
2014-08-19 17:37 - 2014-04-04 19:39 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-19 16:38 - 2013-12-24 11:49 - 00000000 ____D () C:\Users\Schnatz\AppData\Roaming\Malwarebytes
2014-08-19 16:38 - 2013-12-24 11:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 16:38 - 2013-12-24 11:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-08-19 16:33 - 2014-03-26 17:21 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-08-19 12:40 - 2013-05-30 09:16 - 00014336 ___SH () C:\Users\Schnatz\Thumbs.db
2014-08-19 12:18 - 2013-05-26 00:32 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-08-19 11:11 - 2011-02-19 06:24 - 00711546 _____ () C:\Windows\system32\perfh007.dat
2014-08-19 11:11 - 2011-02-19 06:24 - 00153736 _____ () C:\Windows\system32\perfc007.dat
2014-08-19 11:11 - 2009-07-14 07:13 - 01653060 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-19 10:05 - 2014-08-19 10:04 - 00000000 ____D () C:\Program Files\Unlocker
2014-08-19 10:04 - 2014-08-19 10:04 - 00000000 ____D () C:\Users\Schnatz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-08-19 09:08 - 2014-08-07 17:04 - 00000000 ____D () C:\Users\Schnatz\AppData\Roaming\Spotify
2014-08-19 08:43 - 2014-01-06 20:38 - 00000000 ____D () C:\Users\Schnatz\Desktop\Zeug
2014-08-19 08:22 - 2013-04-17 17:38 - 00000000 ____D () C:\Users\Schnatz\Desktop\Wiener Linien
2014-08-18 18:40 - 2014-08-07 17:04 - 00000000 ____D () C:\Users\Schnatz\AppData\Local\Spotify
2014-08-15 13:00 - 2013-12-24 11:44 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-14 08:40 - 2011-12-12 16:44 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-08-14 08:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 23:53 - 2011-12-14 18:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 23:46 - 2013-08-15 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 23:39 - 2012-01-08 01:26 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 12:50 - 2014-08-11 07:35 - 00022983 _____ () C:\Users\Schnatz\Desktop\Ikea Einkauf.htm
2014-08-11 12:50 - 2014-08-11 07:35 - 00000000 ____D () C:\Users\Schnatz\Desktop\Ikea Einkauf-Dateien
2014-08-10 07:39 - 2014-01-27 12:22 - 00000000 ____D () C:\Users\Schnatz\Desktop\Willhaben
2014-08-08 03:24 - 2011-06-20 23:11 - 00001655 _____ () C:\Windows\system32\ServiceFilter.ini
2014-08-07 17:04 - 2014-08-07 17:04 - 00001817 _____ () C:\Users\Schnatz\Desktop\Spotify.lnk
2014-08-07 17:04 - 2014-08-07 17:04 - 00001803 _____ () C:\Users\Schnatz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-08-07 16:38 - 2014-08-07 16:38 - 00001139 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-07 16:38 - 2013-02-28 09:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-07 16:38 - 2013-02-28 09:30 - 00000000 ____D () C:\ProgramData\Avira
2014-08-07 16:38 - 2013-02-28 09:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-05 16:32 - 2012-12-09 12:30 - 00001104 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
2014-08-05 09:20 - 2013-03-02 00:59 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 18:20 - 2014-08-04 18:05 - 00000000 ____D () C:\Users\Schnatz\Desktop\iPod
2014-08-02 21:47 - 2013-01-31 18:55 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-08-01 09:39 - 2013-10-25 13:15 - 00000000 ____D () C:\Users\Schnatz\AppData\Local\SoulseekQt
2014-08-01 01:41 - 2014-08-13 07:29 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 07:29 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-28 06:59 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-25 16:52 - 2014-08-13 07:28 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-13 07:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-13 07:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-13 07:29 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-13 07:29 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-13 07:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:28 - 2014-08-13 07:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:25 - 2014-08-13 07:29 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 07:28 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-13 07:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-13 07:29 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-13 07:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-13 07:28 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-13 07:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 15:00 - 2014-08-13 07:28 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 14:59 - 2014-08-13 07:28 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-13 07:28 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-13 07:29 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 07:29 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-13 07:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-13 07:29 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-13 07:29 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 07:29 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:28 - 2014-08-13 07:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:21 - 2014-08-13 07:29 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-13 07:28 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-13 07:29 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-13 07:29 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:17 - 2014-08-13 07:28 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:12 - 2014-08-13 07:29 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-13 07:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:10 - 2014-08-13 07:28 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:08 - 2014-08-13 07:29 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 07:29 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-13 07:29 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 07:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 07:29 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 07:29 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-13 07:28 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-13 07:29 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-13 07:29 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 07:28 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 07:29 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-13 07:29 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-13 07:29 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-13 07:29 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-13 07:28 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-13 07:29 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 07:28 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 07:29 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 07:29 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 07:29 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-25 10:17 - 2014-02-03 22:20 - 00000000 ____D () C:\Users\Schnatz\Desktop\Dampferei
2014-07-24 14:08 - 2012-11-27 18:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-24 14:08 - 2012-11-27 18:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 07:32 - 2012-11-27 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 06:22 - 2012-05-05 09:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 07:05 - 2014-07-23 07:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
Some content of TEMP:
====================
C:\Users\Schnatz\AppData\Local\Temp\avgnt.exe
C:\Users\Schnatz\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 09:25
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Schnatz at 2014-08-21 16:50:08
Running from C:\Users\Schnatz\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.2 - )
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS K3 Series ScreenSaver (HKLM-x32\...\ASUS K3 Series ScreenSaver) (Version: 1.0.0002 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.43 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0030 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG3200 series Benutzerregistrierung (HKLM-x32\...\Canon MG3200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG3200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3200_series) (Version: 1.01 - Canon Inc.)
Canon MG3200 series On-screen Manual (HKLM-x32\...\Canon MG3200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
eMule (HKLM-x32\...\eMule) (Version: - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
Firebird 2.5.0.26074 (Win32) (HKLM-x32\...\FBDBServer_2_5_is1) (Version: 2.5.0.26074 - Firebird Project)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hardwood Spades (HKLM-x32\...\Hardwood Spades v2) (Version: - Silver Creek Entertainment)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel PROSet Wireless (Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{AF162E20-417F-4946-A06D-65734984957F}) (Version: 14.00.0000 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.0.4.922 - IObit)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
LogoMaker 4.0 (HKLM-x32\...\LogoMaker_is1) (Version: - Avanquest)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
NVIDIA Control Panel 267.21 (Version: 267.21 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.39.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PCDRUCK.DE Visitenkarten Version 1.1 (HKLM-x32\...\{80D92898-B3E6-4C30-B4B7-ADFE3D460A5C}_is1) (Version: 1.1 - PCDRUCK.DE)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 5.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6294 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10001 - Realtek Semiconductor Corp.)
SAM3 (remove only) (HKLM-x32\...\SAM3) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{5CB37516-555F-4975-8751-ADC605F54CA5}) (Version: 4.1.1316.0 - SmartSoft Ltd.)
SmartFTP Client German (Germany) MUI (HKLM\...\{8F092699-E3CA-4D92-B4B2-0CC3E5F9B950}) (Version: 4.1.1316.0 - SmartSoft Ltd.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version: - )
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: - NCH Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.16.1 - Synaptics Incorporated)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
SyncBack (HKLM-x32\...\SyncBack_is1) (Version: - 2BrightSparks)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
UnderCoverXP 1.23 (HKLM-x32\...\UnderCoverXP_is1) (Version: - Wicked & Wild Inc.)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
UploadingDesktop (HKLM-x32\...\UploadingDesktop_is1) (Version: - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VueScan (HKLM\...\VueScan) (Version: - )
Winamp (nur entfernen) (HKLM-x32\...\Winamp) (Version: - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-272760400-1270822022-3501408996-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Schnatz\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
==================== Restore Points =========================
19-08-2014 13:41:46 Windows Update
19-08-2014 15:33:29 Removed novaPDF 8 add-in for Microsoft Office (x64)
19-08-2014 15:35:27 Removed novaPDF 8 add-in for Microsoft Office (x86)
19-08-2014 15:36:14 Removed novaPDF 8 Printer Driver
19-08-2014 15:37:03 doPDF 8
19-08-2014 15:47:03 Eurofibu Kassabuch 2013 Standard wird entfernt
19-08-2014 15:47:44 PosBill8 wird entfernt
20-08-2014 07:41:51 Windows Update
21-08-2014 07:19:05 Windows Update
21-08-2014 08:46:02 Installed 7-Zip 9.20 (x64 edition)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-08-21 12:01 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {1AA81546-DF63-4C09-BC68-972544A75A6F} - System32\Tasks\AdobeAAMUpdater-1.0-Laptop-Schnatz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {1C666A11-044D-4545-A213-0F76E0DAB9CB} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {535D0100-AFA1-4429-B2F8-EE2DDE368288} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {6062A6B9-208E-404E-BD12-E8B9777F9FC6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {60F398C6-F009-4FEB-B4EF-955537F134F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {788AD639-42E0-41DF-9BE9-2B71D7F6B739} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-08-31] (ASUSTeK Computer Inc.)
Task: {84A77F86-B445-48DE-B57F-B89B693CD5C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13] (Google Inc.)
Task: {BBD75959-FDBF-499D-9ED7-AF71C3BCD2AE} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {CDB7FF6D-1817-4C77-B1E4-01BF130D9C45} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-12-02] (ASUS)
Task: {F234D2D3-EE6C-4789-8BBA-2DB244A32742} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {FBB3A22B-491B-4A2E-A797-CA887A78DDEE} - System32\Tasks\{43AECE11-7885-4942-8DF2-5854315CA137} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.59.126/de/abandoninstall?page=tsProgressBar
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-11-02 21:58 - 2010-11-02 21:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-05-19 16:48 - 2014-05-19 16:48 - 00017920 _____ () C:\Windows\System32\novamn8.dll
2010-04-03 04:21 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2013-01-31 20:34 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-08-21 12:04 - 2014-08-21 12:04 - 00130933 _____ () C:\Windows\TEMP\2a9a7188-2f9b-4c02-a7f4-5421caf99ace\AgileDotNetRT64.dll
2014-08-21 12:04 - 2014-08-21 12:04 - 00130933 _____ () C:\Windows\TEMP\2baca5df-110d-4425-83de-0e951af60763\AgileDotNetRT64.dll
2011-04-22 09:38 - 2011-01-27 02:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-02 21:58 - 2010-11-02 21:58 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2010-09-24 01:53 - 2010-09-24 01:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2003-04-17 08:54 - 2003-04-17 08:54 - 00012288 _____ () C:\Program Files (x86)\Winamp\winampa.exe
2011-07-29 01:08 - 2011-07-29 01:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2011-12-13 17:47 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\rarext64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-21 16:02 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\Schnatz\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2011-07-29 01:09 - 2011-07-29 01:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Spotify => "C:\Users\Schnatz\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Schnatz\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-08-21 12:00:04.319
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-08-21 12:00:04.179
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 39%
Total physical RAM: 4007.79 MB
Available physical RAM: 2419.13 MB
Total Pagefile: 8013.76 MB
Available Pagefile: 6022.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:119.24 GB) (Free:41.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:153.85 GB) (Free:147.29 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 343771F7)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=119.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=153.9 GB) - (Type=OF Extended)
==================== End Of Log ============================ lg
Gerald |