... puh das dauerte wirklich lange.
Schritt 1. erledigt.
Schritt 2. Hier die mbam: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 13.05.2014
Suchlauf-Zeit: 09:55:05
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.05.13.06
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows Vista Service Pack 2
CPU: x64
Dateisystem: NTFS
Benutzer: Radja Reichert
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 288150
Verstrichene Zeit: 15 Min, 53 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 23
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [46a4ed63b0cb3afcc3cba480da28e31d],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd.1, In Quarantäne, [46a4ed63b0cb3afcc3cba480da28e31d],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.dskBnd, In Quarantäne, [46a4ed63b0cb3afcc3cba480da28e31d],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.dskBnd, In Quarantäne, [46a4ed63b0cb3afcc3cba480da28e31d],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.dskBnd.1, In Quarantäne, [46a4ed63b0cb3afcc3cba480da28e31d],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [46a4ed63b0cb3afcc3cba480da28e31d],
PUP.Optional.Softonic.A, HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [46a4ed63b0cb3afcc3cba480da28e31d],
PUP.Optional.Softonic.A, HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [46a4ed63b0cb3afcc3cba480da28e31d],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [b8327fd1611a4bebe4abb272639f54ac],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr.1, In Quarantäne, [b8327fd1611a4bebe4abb272639f54ac],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\Softonic.SoftonicHlpr, In Quarantäne, [b8327fd1611a4bebe4abb272639f54ac],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.SoftonicHlpr, In Quarantäne, [b8327fd1611a4bebe4abb272639f54ac],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [b8327fd1611a4bebe4abb272639f54ac],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Softonic.SoftonicHlpr.1, In Quarantäne, [b8327fd1611a4bebe4abb272639f54ac],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [b8327fd1611a4bebe4abb272639f54ac],
PUP.Optional.Softonic.A, HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [b8327fd1611a4bebe4abb272639f54ac],
PUP.Optional.Softonic.A, HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, In Quarantäne, [b8327fd1611a4bebe4abb272639f54ac],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc, In Quarantäne, [6189c9870b70340230753652b64c4eb2],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\CLASSES\srv.SoftonicSrvc.1, In Quarantäne, [905ac090cead1a1c1b8a592f2ad8c13f],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\srv.SoftonicSrvc, In Quarantäne, [ca20361ab7c4aa8cb8ed1f6928dab947],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\srv.SoftonicSrvc.1, In Quarantäne, [777364ecc5b675c1dcc9f296e71b669a],
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\SOFTONIC\Softonic, In Quarantäne, [20ca76da542711250b9ee1a78d75fc04],
PUP.Optional.Softonic.A, HKU\S-1-5-21-898814254-3000735508-3869472208-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Softonic, In Quarantäne, [ab3f55fb2b50c07670361573b44e9967],
Registrierungswerte: 2
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, Softonic Toolbar, In Quarantäne, [46a4ed63b0cb3afcc3cba480da28e31d]
PUP.Optional.Softonic.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, In Quarantäne, [ecfe91bf1467ea4c5836e242b151ea16],
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 2
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf, Löschen bei Neustart, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
Dateien: 41
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\searchplugins\softonic.xml, In Quarantäne, [ffeb98b8275431052a794c3c22e0cc34],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\appCntrl.js, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.html, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.js, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\chMntz.dll, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ct.js, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CTB.dll, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\dpk.js, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.htm, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.js, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\json2.min.js, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\logo.png, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\manifest.json, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Local\Google\Chrome\User Data\default\extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\pref.json, In Quarantäne, [21c97ed2542794a22f76591c857dc53b],
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.admin", false);), Ersetzt,[0ae00050e89376c0329df87956ae9b65]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.aflt", "OC");), Ersetzt,[4d9d6be5e398e353a32c89e82fd503fd]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");), Ersetzt,[26c489c787f465d1bc1368095ca8f709]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.autoRvrt", "false");), Ersetzt,[4c9e91bf3843f83ef1de056c27dd9d63]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dfltLng", "de");), Ersetzt,[9c4ea7a96a11b68018b7254cc242ac54]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dfltSrch", true);), Ersetzt,[42a8ca861f5cbc7a18b73b360400be42]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dnsErr", true);), Ersetzt,[73771e32146757dfe4eb87eae51f946c]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.excTlbr", false);), Ersetzt,[dd0d113f0f6c251105ca5e1347bd45bb]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.ffxUnstlRst", false);), Ersetzt,[bd2d2d23bac1152168675021a26251af]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpg", true);), Ersetzt,[8169b39da0db3303616e08699173e41c]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpgUrl", "http://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=52af82fa00000000000000248c2fe726");), Ersetzt,[4aa09cb4631862d4c20ddb96d62ece32]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.id", "52af82fa00000000000000248c2fe726");), Ersetzt,[b436a9a789f2280e6d62b5bc947024dc]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.instlDay", "16026");), Ersetzt,[effb64ecbfbc999d1ab5cea3cf35659b]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.instlRef", "MOY00621");), Ersetzt,[15d596ba1962191d557afc75bb49758b]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.newTab", true);), Ersetzt,[88623a160e6dbe78ebe4e78acc38827e]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.newTabUrl", "http://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=52af82fa00000000000000248c2fe726");), Ersetzt,[4f9b1e32c9b2af872ea1c2af8f75df21]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.prdct", "Softonic");), Ersetzt,[a1493d13a3d87eb8d1fe076ac44052ae]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.prtnrId", "softonic");), Ersetzt,[13d78bc54635a294389751208e76966a]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.rvrt", "false");), Ersetzt,[bf2bf65aed8e95a1785708692bd9956b]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.smplGrp", "none");), Ersetzt,[8763bf913942e353616eeb86d13301ff]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");), Ersetzt,[3eac72de205b37ff9f3084ed030151af]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.tlbrId", "opencandy2013");), Ersetzt,[4b9f96baa5d687af6d62066b6a9a728e]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.tlbrSrchUrl", "http://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=52af82fa00000000000000248c2fe726&q=");), Ersetzt,[608a83cdb8c34beb517ec1b091738779]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsn", "1.8.21.14");), Ersetzt,[6684212f2655e4527c53f180d03445bb]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsnTs", "1.8.21.1415:07:34");), Ersetzt,[d218d47c3b40c86e23ac4c25947056aa]
PUP.Optional.Softonic.A, C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsni", "1.8.21.14");), Ersetzt,[14d67ad62a51e84e23acbfb20cf8a35d]
Physische Sektoren: 0
(No malicious items detected)
(end)
Schritt 3. Hier die Log.txt von Eset: Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3ccc11aee1d6ff4b8d3ca91ba4ea03b0
# engine=18240
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-13 11:07:18
# local_time=2014-05-13 01:07:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1799 16775165 100 94 11348 170650543 12171 0
# compatibility_mode=5892 16776574 100 100 11407 237503144 0 0
# scanned=352649
# found=1
# cleaned=1
# scan_time=10090
sh=429E6FA2FEA66FD60AF90C94E87665ADF7813EF2 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Radja Reichert\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1c09e06b-5fb666e4"
Schritt 4.
hier die frst.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-05-2014 01
Ran by Radja Reichert (administrator) on OFFICE1 on 13-05-2014 13:23:14
Running from C:\Users\Radja Reichert\Desktop
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(SonicWALL, Inc.) C:\Program Files\SonicWALL\SonicWALL Global VPN Client\SWGVCSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
() C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Canon Inc.) C:\Program Files (x86)\Canon\CAL\CALMAIN.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Dropbox, Inc.) C:\Users\Radja Reichert\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
() C:\Program Files (x86)\Common Files\LogiShrd\LQCVFX\COCIManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [914224 2008-11-18] (Hewlett-Packard)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-11-03] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => C:\Windows\system32\NvCpl.dll [16327712 2009-06-26] (NVIDIA Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2320752 2009-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Health Check Scheduler] => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [75016 2008-12-04] (Hewlett-Packard)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePDIRShortCut] => c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe [210216 2008-11-26] (CyberLink Corp.)
HKLM-x32\...\Run: [TSMAgent] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296 2008-12-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer for HP TouchSmart] => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736 2008-12-15] (CyberLink)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2780432 2009-05-08] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [741376 2007-11-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [77824 2007-10-30] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [DVDAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200 2008-11-28] (CyberLink Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371712 2009-07-15] (shbox.de)
HKLM-x32\...\Run: [TVAgent] => C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [206120 2009-04-22] (CyberLink Corp.)
HKLM-x32\...\Run: [CorelDRAW Graphics Suite 11b] => C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\DE\Programs\registration.exe [733184 2003-12-02] (Corel Corporation)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_15_Plus_Sonderedition\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-09-01] (Research In Motion Limited)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [618496 2010-06-07] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [HPAdvisor] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144 2010-06-30] (Hewlett-Packard)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [102400 2010-06-30] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-898814254-3000735508-3869472208-1000\...\Run: [WMPNSCFG] => C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
Startup: C:\Users\Radja Reichert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Radja Reichert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Radja Reichert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=92&bd=Pavilion&pf=cndt
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {7C638C6B-5B27-4A85-83CB-40250D1E4AC4} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM - {CA8FE908-E845-4081-937D-C045FEC0FC98} URL = http://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM - {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 - {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL = http://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {DEC53055-CEEF-4998-8CAF-522FBCBAA1C3} URL = http://www.google.de/#hl=de&source=hp&q={searchTerms}&aq=f&aqi=g10&aql=&oq=&gs_rfai=&fp=70ab29c01d34da04
SearchScopes: HKCU - {EFA2CDF5-331C-4E0D-ADEE-706B5C3B0896} URL =
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll" No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default
FF user.js: detected! => C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\user.js
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @innoplus.de/ino3DViewer - C:\Program Files (x86)\INNOVA-engineering GmbH\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Radja Reichert\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Radja Reichert\AppData\Roaming\Mozilla\Firefox\Profiles\5z3ywv0m.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2009-04-22] ()
R2 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104 2009-04-22] ()
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]
S2 Norton Internet Security; "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1
S2 RoxLiveShare9; "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S1 Beep; No ImagePath
R3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [103992 2007-09-10] (Brother Industries Ltd.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2013-11-14] ()
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-04-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 Ps2; C:\Windows\System32\DRIVERS\PS2.sys [21504 2006-09-07] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-09-10] (Samsung Electronics)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [146928 2008-11-28] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20081126.003\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{8AAF211B-043E02A9-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-13 10:14 - 2014-05-13 10:14 - 02347384 _____ (ESET) C:\Users\Radja Reichert\Desktop\esetsmartinstaller_deu.exe
2014-05-13 10:12 - 2014-05-13 10:12 - 00015072 _____ () C:\Users\Radja Reichert\Desktop\mbam.txt
2014-05-13 09:38 - 2014-05-13 10:01 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 09:37 - 2014-05-13 09:37 - 00000943 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-13 09:37 - 2014-05-13 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-13 09:37 - 2014-05-13 09:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-13 09:37 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-13 09:37 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-13 09:33 - 2014-05-13 09:36 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Radja Reichert\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-12 08:19 - 2014-05-13 13:23 - 00024088 _____ () C:\Users\Radja Reichert\Desktop\FRST.txt
2014-05-12 08:18 - 2014-05-12 08:19 - 02066944 _____ (Farbar) C:\Users\Radja Reichert\Desktop\FRST64.exe
2014-05-12 07:55 - 2014-05-12 07:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-03 13:06 - 2014-05-03 13:06 - 00000000 ____D () C:\Users\Radja Reichert\AppData\Roaming\DropboxMaster
2014-05-03 03:00 - 2014-04-29 13:39 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 03:00 - 2014-04-29 13:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 03:00 - 2014-04-29 12:28 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 03:00 - 2014-04-29 12:07 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-15 11:50 - 2014-04-15 11:50 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-04-15 11:49 - 2014-04-15 11:50 - 00527423 _____ ( ) C:\Users\Radja Reichert\Downloads\Lame_v3.99.3_for_Windows.exe
2014-04-15 11:27 - 2014-04-15 11:27 - 00948090 _____ (Jodix Technologies Ltd. ) C:\Users\Radja Reichert\Downloads\free-wma-mp3-converter.exe
2014-04-15 11:27 - 2014-04-15 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jodix
2014-04-15 11:27 - 2014-04-15 11:27 - 00000000 ____D () C:\Program Files (x86)\Free WMA to MP3 Converter
2014-04-15 11:01 - 2014-04-15 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-15 11:00 - 2014-04-15 11:01 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-15 11:00 - 2014-04-15 11:01 - 00000000 ____D () C:\Program Files\iTunes
2014-04-15 11:00 - 2014-04-15 11:01 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-15 11:00 - 2014-04-15 11:00 - 00000000 ____D () C:\Program Files\iPod
2014-04-15 10:57 - 2014-04-16 08:36 - 00000000 ____D () C:\Users\Radja Reichert\AppData\Roaming\Audacity
2014-04-15 10:56 - 2014-04-15 10:56 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-04-15 10:56 - 2014-04-15 10:56 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-04-15 10:54 - 2014-04-15 10:56 - 22180353 _____ (Audacity Team ) C:\Users\Radja Reichert\Downloads\audacity-win-2.0.5.exe
==================== One Month Modified Files and Folders =======
2014-05-13 13:23 - 2014-05-12 08:19 - 00024088 _____ () C:\Users\Radja Reichert\Desktop\FRST.txt
2014-05-13 13:23 - 2013-07-22 09:19 - 00000000 ____D () C:\FRST
2014-05-13 13:16 - 2014-03-07 15:04 - 00000616 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-898814254-3000735508-3869472208-1000.job
2014-05-13 13:02 - 2011-01-20 13:18 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-13 12:54 - 2012-09-21 08:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-13 11:58 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-13 11:58 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-13 10:14 - 2014-05-13 10:14 - 02347384 _____ (ESET) C:\Users\Radja Reichert\Desktop\esetsmartinstaller_deu.exe
2014-05-13 10:12 - 2014-05-13 10:12 - 00015072 _____ () C:\Users\Radja Reichert\Desktop\mbam.txt
2014-05-13 10:08 - 2009-03-09 15:41 - 01642949 _____ () C:\Windows\WindowsUpdate.log
2014-05-13 10:04 - 2013-02-13 17:59 - 00000000 ___RD () C:\Users\Radja Reichert\Dropbox
2014-05-13 10:04 - 2013-02-13 17:56 - 00000000 ____D () C:\Users\Radja Reichert\AppData\Roaming\Dropbox
2014-05-13 10:02 - 2014-03-18 22:28 - 00000680 _____ () C:\Users\Radja Reichert\AppData\Local\d3d9caps.dat
2014-05-13 10:02 - 2011-01-20 13:18 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-13 10:02 - 2009-08-19 08:11 - 00000000 ____D () C:\Users\Radja Reichert\Desktop\Scans
2014-05-13 10:01 - 2014-05-13 09:38 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-13 10:01 - 2009-02-04 21:50 - 00514918 _____ () C:\ProgramData\nvModes.001
2014-05-13 10:01 - 2009-02-04 21:12 - 00514918 _____ () C:\ProgramData\nvModes.dat
2014-05-13 09:58 - 2012-09-19 21:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-13 09:58 - 2008-01-21 05:26 - 00651608 _____ () C:\Windows\PFRO.log
2014-05-13 09:58 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-13 09:57 - 2006-11-02 17:42 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-13 09:37 - 2014-05-13 09:37 - 00000943 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-13 09:37 - 2014-05-13 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-13 09:37 - 2014-05-13 09:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-13 09:37 - 2012-04-18 09:08 - 00000000 ____D () C:\Users\Radja Reichert\AppData\Roaming\Malwarebytes
2014-05-13 09:37 - 2012-04-18 09:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-13 09:36 - 2014-05-13 09:33 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Radja Reichert\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-13 09:32 - 2013-08-08 10:30 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-05-12 08:19 - 2014-05-12 08:18 - 02066944 _____ (Farbar) C:\Users\Radja Reichert\Desktop\FRST64.exe
2014-05-12 07:57 - 2011-01-20 13:18 - 00004122 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-12 07:57 - 2011-01-20 13:18 - 00003870 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-12 07:55 - 2014-05-12 07:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-07 04:35 - 2009-07-17 10:17 - 00003592 _____ () C:\Windows\System32\Tasks\HP Health Check
2014-05-04 15:49 - 2009-07-17 11:16 - 00000456 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-05-03 13:06 - 2014-05-03 13:06 - 00000000 ____D () C:\Users\Radja Reichert\AppData\Roaming\DropboxMaster
2014-05-03 13:06 - 2013-02-13 17:56 - 00000000 ____D () C:\Users\Radja Reichert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-03 13:06 - 2009-07-17 10:13 - 00000000 ___RD () C:\Users\Radja Reichert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 13:27 - 2009-07-17 14:27 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-01 06:31 - 2013-10-17 15:49 - 00009035 _____ () C:\Users\Radja Reichert\Desktop\Kalkulation Auto Sprit.xlsx
2014-04-29 13:39 - 2014-05-03 03:00 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 13:15 - 2014-05-03 03:00 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 12:28 - 2014-05-03 03:00 - 12347392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 12:07 - 2014-05-03 03:00 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 09:54 - 2012-09-21 08:59 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 09:54 - 2012-09-21 08:59 - 00003736 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 09:54 - 2011-07-25 09:27 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-22 07:59 - 2009-02-05 04:46 - 00677534 _____ () C:\Windows\system32\perfh007.dat
2014-04-22 07:59 - 2009-02-05 04:46 - 00147046 _____ () C:\Windows\system32\perfc007.dat
2014-04-22 07:59 - 2006-11-02 14:46 - 01576088 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-17 11:22 - 2012-04-20 21:13 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-04-16 12:37 - 2014-03-07 11:09 - 00000000 ____D () C:\Users\Radja Reichert\Desktop\BUSS
2014-04-16 08:36 - 2014-04-15 10:57 - 00000000 ____D () C:\Users\Radja Reichert\AppData\Roaming\Audacity
2014-04-15 11:50 - 2014-04-15 11:50 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-04-15 11:50 - 2014-04-15 11:49 - 00527423 _____ ( ) C:\Users\Radja Reichert\Downloads\Lame_v3.99.3_for_Windows.exe
2014-04-15 11:27 - 2014-04-15 11:27 - 00948090 _____ (Jodix Technologies Ltd. ) C:\Users\Radja Reichert\Downloads\free-wma-mp3-converter.exe
2014-04-15 11:27 - 2014-04-15 11:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jodix
2014-04-15 11:27 - 2014-04-15 11:27 - 00000000 ____D () C:\Program Files (x86)\Free WMA to MP3 Converter
2014-04-15 11:01 - 2014-04-15 11:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-15 11:01 - 2014-04-15 11:00 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-15 11:01 - 2014-04-15 11:00 - 00000000 ____D () C:\Program Files\iTunes
2014-04-15 11:01 - 2014-04-15 11:00 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-15 11:00 - 2014-04-15 11:00 - 00000000 ____D () C:\Program Files\iPod
2014-04-15 10:56 - 2014-04-15 10:56 - 00000860 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2014-04-15 10:56 - 2014-04-15 10:56 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-04-15 10:56 - 2014-04-15 10:54 - 22180353 _____ (Audacity Team ) C:\Users\Radja Reichert\Downloads\audacity-win-2.0.5.exe
Files to move or delete:
====================
C:\Users\Radja Reichert\AppData\Roaming\desktop.ini
Some content of TEMP:
====================
C:\Users\Radja Reichert\AppData\Local\Temp\avgnt.exe
C:\Users\Radja Reichert\AppData\Local\Temp\DivXSetup.exe
C:\Users\Radja Reichert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpevogwl.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-13 10:10
==================== End Of Log ============================
--- --- ---
und die Addition.txt Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-05-2014 01
Ran by Radja Reichert at 2014-05-13 13:23:49
Running from C:\Users\Radja Reichert\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
3D-Viewer-innoPlus (HKLM-x32\...\{B96DB037-DBEA-4186-9081-9CBD537F82E8}) (Version: 12.00.0203 - INNOVA-engineering GmbH)
64 Bit HP CIO Components Installer (Version: 3.2.1 - Hewlett-Packard) Hidden
7-Zip 4.65 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0465-000001000000}) (Version: 4.65.00.0 - Igor Pavlov)
ActiveCheck component for HP Active Support Library (x32 Version: 1.1.18.0 - Hewlett-Packard) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
AMR to MP3 Converter 1.4 (HKLM-x32\...\{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1) (Version: - amrtomp3converter.com)
AOL Toolbar 5.0 (HKLM-x32\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
Bizagi Process Modeler (HKLM-x32\...\InstallShield_{E44368A0-62C5-44FB-8670-B4013EFD7DB8}) (Version: 2.5.11 - Bizagi Limited)
Bizagi Process Modeler (Version: 2.5.11 - Bizagi Limited) Hidden
BlackBerry Desktop Software 6.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 6.1.0.36 - Research in Motion Ltd.)
BlackBerry Desktop Software 6.1 (x32 Version: 6.1.0.36 - Research in Motion Ltd.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite (HKLM-x32\...\{46E1B1F2-A279-4356-9B17-029F9CC72EAE}) (Version: 1.00 - Brother Industries, Ltd.)
Canon Camera Access Library (HKLM-x32\...\CAL) (Version: 8.1.1.17 - )
Canon Camera Support Core Library (HKLM-x32\...\CSCLIB) (Version: 7.3.1.6 - )
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC5) (Version: 5.4.5.17 - )
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowDVC6) (Version: 6.2.0.8 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM-x32\...\CameraWindowMC) (Version: 6.1.0.7 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.2.0.5 - )
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.4.2.6 - )
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\RAW Image Task) (Version: 2.4.0.7 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.5.0.5 - )
Canon Utilities Digital Photo Professional 2.2 (HKLM-x32\...\DPP) (Version: 2.2.0.1 - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 1.1.0.8 - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.18.42 - )
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 5.7.0.74 - )
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CorelDRAW Graphics Suite 12 (HKLM-x32\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.458 - Corel Corporation)
Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.2.0 - Business Objects)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2326 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 6.0.2326 - CyberLink Corp.) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.2.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.)
DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.9 - DivX, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.31 - Dropbox, Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.1.13 - MAGIX AG)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fotobuch (HKLM-x32\...\Fotobuch_is1) (Version: - )
Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
Free YouTube to MP3 Converter version 3.12.26.224 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.26.224 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GoToMeeting 6.2.0.1350 (HKCU\...\GoToMeeting) (Version: 6.2.0.1350 - CitrixOnline)
GPL Ghostscript 8.64 (HKLM-x32\...\GPL Ghostscript 8.64) (Version: - )
Hardware Diagnose Tools (HKLM\...\PC-Doctor for Windows) (Version: 5.1.5048.14 - PC-Doctor, Inc.)
HP Active Support Library (HKLM-x32\...\{0295F89F-F698-4101-9A7D-49F407EC2D82}) (Version: 3.1.10.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{E1591139-8B44-411B-A81B-D35F83A0565A}) (Version: 5.7.0.2875 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.1.2717 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 2.1.2717 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2415 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 2.0.2415 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{F1568AA6-5982-4AFB-A871-C68E4328BC3B}) (Version: 2.1.7 - Hewlett-Packard)
HP MediaSmart TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 2.2.1622 - Hewlett-Packard)
HP MediaSmart TV (x32 Version: 2.2.1622 - Hewlett-Packard) Hidden
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Picasso Media Center Add-In (x32 Version: 9.1.7.0 - Hewlett-Packard Development Company, L.P.) Hidden
HP Recovery Manager RSS (x32 Version: 92.0.0.9 - Hewlet Packard Company) Hidden
HP Support Information (HKLM-x32\...\{1CC069FA-1A86-402E-9787-3F04E652C67A}) (Version: 10.1.0001 - Hewlett-Packard)
HP Total Care Setup (HKLM-x32\...\{95A747E0-DF19-46CB-A622-20A0107201BD}) (Version: 1.1.2413.2876 - Hewlett-Packard Company)
HPAsset component for HP Active Support Library (x32 Version: 2.0.64.3 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
IZArc 3.81 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 3.81 Build 1550 - Ivan Zahariev)
J2SE Runtime Environment 5.0 Update 17 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150170}) (Version: 1.5.0.170 - Sun Microsystems, Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1103 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1103 - CyberLink Corp.) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
Logitech Webcam Software (HKLM\...\{D4DF3FD3-4467-47EF-8D4A-AF1E691E34F5}) (Version: 12.00.1280 - Logitech Inc.)
MAGIX 3D Maker (embeded) (HKLM-x32\...\MAGIX 3D Maker D) (Version: 6.0.0.8 - MAGIX AG)
MAGIX Foto Manager 8 6.0.1.457 (D) (HKLM-x32\...\MAGIX Foto Manager 8 D) (Version: 6.0.1.457 - MAGIX AG)
MAGIX Fotobuch 3.6 (HKLM-x32\...\MAGIX Fotobuch) (Version: 3.6 - MAGIX AG)
MAGIX Online Druck Service 3.4.3.0 (D) (HKLM-x32\...\MAGIX Online Druck Service D) (Version: 3.4.3.0 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (HKLM-x32\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Video deluxe 15 Plus Sonderedition 8.5.0.28 (D) (HKLM-x32\...\MAGIX Video deluxe 15 Plus Sonderedition D) (Version: 8.5.0.28 - MAGIX AG)
MAGIX Xtreme Foto Designer 6 6.0.27.0 (D) (HKLM-x32\...\MAGIX Xtreme Foto Designer 6 D) (Version: 6.0.27.0 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
mb Software ArCon (HKLM-x32\...\ArCon) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 7.1 (HKLM\...\{5EBE0F1F-45DF-4298-AC6B-E8E54EAEC834}) (Version: 7.10.344.0 - Microsoft)
Microsoft MapPoint Europa 2006 (HKLM-x32\...\{83ED1E80-A1B7-4256-BCF1-AC4A88151A6B}) (Version: 13.00.18.1200 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote 2007 Trial (HKLM-x32\...\ONENOTER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MIKSOFT Mobile AMR converter (HKLM-x32\...\MIKSOFT Mobile AMR converter_is1) (Version: - MIKSOFT)
Move Networks Media Player for Internet Explorer (HKCU\...\Move Networks Player - IE) (Version: - )
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mufin MusicFinder Base 1.5.3.255 (D) (HKLM-x32\...\Mufin MusicFinder Base D) (Version: 1.5.3.255 - MAGIX AG)
muvee Reveal (HKLM-x32\...\{D722CF4B-4B06-BF11-FDEA-BD1B319FEA57}) (Version: 7.0.35.7918 - muvee Technologies Pte Ltd)
My HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
n-tv plus (HKLM-x32\...\{04FDCC5E-4B50-4A08-804D-D82DDFB1589F}) (Version: 7.2.3.0 - n-tv Nachrichtenfernsehen GmbH)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Optimierte Multimedia-Tastatur-Lösung (HKLM-x32\...\KBD) (Version: 1.0.9.2 - Hewlett-Packard)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PC Connectivity Solution (HKLM-x32\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2325 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.2325 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2417 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.2417 - CyberLink Corp.) Hidden
Python 2.6 pywin32-212 (HKLM-x32\...\pywin32-py2.6) (Version: 2.12 - Python Software Foundation)
Python 2.6.1 (HKLM-x32\...\{9CC89170-000B-457D-91F1-53691F85B223}) (Version: 2.6.1150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5740 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Renditeberechnung2012 (HKLM\...\{B8240442-9276-4F4A-B232-36D84A70299B}) (Version: 1.4 - PROJECT)
Safari (HKLM-x32\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
SAMSUNG Mobile Modem V2 Software (HKLM\...\SAMSUNG Mobile Modem V2) (Version: - )
Samsung Mobile phone USB driver Software (HKLM\...\Samsung Mobile phone USB driver) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG SYMBIAN USB Download Driver (HKLM\...\{D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65}) (Version: 1.1.808.7165 - SAMSUNG Electronics CO,.LTD)
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
ScanSoft PaperPort 11 (HKLM-x32\...\{7A8FF745-BBC5-482B-88E4-18D3178249A9}) (Version: 11.1.0000 - Nuance Communications, Inc.)
Softonic toolbar on IE and Chrome (HKLM-x32\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ATTENTION
SonicWALL Global VPN Client (HKLM\...\{5E2D889D-FAFC-4E76-A851-3695ABA1A76F}) (Version: 4.2.6 - SonicWALL)
sp43204 (HKLM-x32\...\sp43204) (Version: - Hewlett-Packard)
sp44626 (HKLM-x32\...\sp44626) (Version: - Hewlett-Packard)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.19617 - TeamViewer)
Testversion von Microsoft Office Home and Student 2007 (HKLM\...\OfficeTrial) (Version: - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ONENOTER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-00A1-0000-0000-0000000FF1CE}_ONENOTER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update for Zip Opener (HKCU\...\DSite) (Version: - ) <==== ATTENTION
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Wartung Samsung CLP-320 Series (HKLM-x32\...\Samsung CLP-320 Series) (Version: - Samsung Electronics Co., Ltd.)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\BC15EA930074932BB2C4B4493C9FD4EA95087D1A) (Version: 10/12/2007 6.85.4.0 - Nokia)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
==================== Restore Points =========================
15-04-2014 22:16:05 Windows Update
16-04-2014 16:08:13 Geplanter Prüfpunkt
17-04-2014 22:00:01 Geplanter Prüfpunkt
22-04-2014 06:32:40 Windows Update
22-04-2014 22:00:01 Geplanter Prüfpunkt
23-04-2014 22:00:01 Geplanter Prüfpunkt
25-04-2014 06:51:09 Windows Update
28-04-2014 08:05:45 Geplanter Prüfpunkt
28-04-2014 22:00:00 Geplanter Prüfpunkt
29-04-2014 22:40:21 Windows Update
30-04-2014 22:00:01 Geplanter Prüfpunkt
02-05-2014 15:24:50 Geplanter Prüfpunkt
03-05-2014 01:00:13 Windows Update
03-05-2014 22:00:07 Geplanter Prüfpunkt
04-05-2014 22:00:00 Geplanter Prüfpunkt
06-05-2014 05:44:56 Geplanter Prüfpunkt
06-05-2014 10:34:52 Windows Update
12-05-2014 05:47:12 Windows Update
12-05-2014 22:00:01 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 14:34 - 2013-07-22 11:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0A96A8FF-5249-46CA-B3F4-46564DDD70A9} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-12-04] (Hewlett-Packard)
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {1F1D6DE3-956B-4B7E-B2DC-A7A6DA0FE14C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4BF42C18-F18E-4A8D-A6BC-C852EEAEE294} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {5149D95D-838E-4933-8F6E-C468DFC3029D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20] (Google Inc.)
Task: {5B9CA713-FFBC-48DF-928A-C07F4CC84636} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-11-05] (PC-Doctor, Inc.)
Task: {6CAEB8CA-7B30-4284-BBD6-184D72975CCB} - System32\Tasks\{F02772E6-CF17-4885-8DDA-56B7B41D7054} => C:\Program Files (x86)\Skype\Phone\Skype.exe
Task: {75975F37-86BE-434C-86C7-D50392E4DAB4} - System32\Tasks\RecoveryCD => C:\Program Files (x86)\Hewlett-Packard\HP TCS\RemEngine.exe [2008-12-17] ()
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {8D42B199-E249-4971-9829-EE60AF765246} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-20] (Google Inc.)
Task: {B46F264A-0B76-4B9F-8521-33020B9A5C54} - System32\Tasks\{B1C9739D-62EB-4799-BD30-78F4DB609FA7} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.104.211/de/abandoninstall?page=tsDownload&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:offered-notinstalled
Task: {D33A5FE6-3A69-43B8-98AE-4688009BC287} - System32\Tasks\G2MUpdateTask-S-1-5-21-898814254-3000735508-3869472208-1000 => C:\Users\Radja Reichert\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe [2014-03-17] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {DF782F97-EC24-402A-A603-DB06E2215F8B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EA299210-0401-4774-9F54-9B8A11C3BCB2} - System32\Tasks\{9BEE126D-CEFA-4212-8C5C-0E81B390E3D5} => Iexplore.exe http://ui.skype.com/ui/0/5.1.0.104.211/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;toolbarpresent,google-chrome:notoffered;alreadyoffered
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-898814254-3000735508-3869472208-1000.job => C:\Users\Radja Reichert\AppData\Local\Citrix\GoToMeeting\1350\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe
==================== Loaded Modules (whitelisted) =============
2009-07-27 22:30 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2012-04-20 21:12 - 2009-09-11 09:48 - 00027648 _____ () C:\Windows\System32\sst3cl6.dll
2012-04-20 21:12 - 2010-03-10 16:17 - 00757760 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst3cdu.dll
2009-04-22 22:53 - 2009-04-22 22:53 - 00296320 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
2009-04-22 22:53 - 2009-04-22 22:53 - 00116104 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
2009-05-08 10:35 - 2009-05-08 10:35 - 02780432 _____ () C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
2009-04-22 22:52 - 2009-04-22 22:52 - 00074536 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\Common\MCEMediaStatus64.dll
2012-04-20 21:10 - 2010-06-07 12:15 - 00618496 _____ () C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2013-11-15 02:48 - 2013-11-15 02:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-04-20 21:10 - 2009-09-30 06:51 - 00306688 _____ () C:\Windows\Samsung\PanelMgr\caller64.exe
2009-05-08 10:34 - 2009-05-08 10:34 - 00559888 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2013-08-08 10:27 - 2013-08-08 10:22 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-04-22 22:53 - 2009-04-22 22:53 - 00267656 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapEngine.dll
2009-04-22 22:53 - 2009-04-22 22:53 - 00038184 ____N () C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\CLCapSvcps.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2010-06-30 00:12 - 2010-06-30 00:12 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2008-12-15 17:15 - 2008-12-15 17:15 - 00881960 ____N () C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2014-05-13 10:03 - 2014-05-13 10:03 - 00041984 _____ () C:\Users\Radja Reichert\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpevogwl.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Radja Reichert\AppData\Roaming\Dropbox\bin\libcef.dll
2013-11-15 02:49 - 2013-11-15 02:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-05-12 07:55 - 2014-05-12 07:55 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-29 09:54 - 2014-04-29 09:54 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/13/2014 01:19:32 PM) (Source: SideBySide) (User: ) (EventID: 78)
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (05/13/2014 10:15:42 AM) (Source: SideBySide) (User: ) (EventID: 78)
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (05/13/2014 10:15:29 AM) (Source: SideBySide) (User: ) (EventID: 78)
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (05/13/2014 10:15:29 AM) (Source: SideBySide) (User: ) (EventID: 78)
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (05/13/2014 10:15:11 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Client application bug: DNSServiceResolve(34:51:c9:8e:55:ed@fe80::3651:c9ff:fe8e:55ed._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (05/13/2014 10:14:58 AM) (Source: SideBySide) (User: ) (EventID: 78)
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Error: (05/13/2014 10:00:28 AM) (Source: Windows Search Service) (User: ) (EventID: 3024)
Description: Die Aktualisierung kann nicht gestartet werden, da kein Zugriff auf die Inhaltsquellen bestand. Beheben Sie die Fehler, und starten Sie die Aktualisierung erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (05/13/2014 09:59:54 AM) (Source: WinMgmt) (User: ) (EventID: 10)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/13/2014 08:43:38 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Client application bug: DNSServiceResolve(34:51:c9:8e:55:ed@fe80::3651:c9ff:fe8e:55ed._apple-mobdev2._tcp.local.) active for over two minutes. This places considerable burden on the network.
Error: (05/12/2014 04:15:54 PM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Client application bug: DNSServiceResolve(1062A17B22ED9E9C._appletv-v2._tcp.local.) active for over two minutes. This places considerable burden on the network.
System errors:
=============
Error: (05/13/2014 10:02:26 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: HP Health Check Service%%1053
Error: (05/13/2014 10:02:26 AM) (Source: Service Control Manager) (User: ) (EventID: 7009)
Description: 30000HP Health Check Service
Error: (05/13/2014 09:59:55 AM) (Source: Service Control Manager) (User: ) (EventID: 7026)
Description: Beep
i8042prt
SRTSP
SRTSPX
Error: (05/13/2014 09:59:55 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: SSPORT%%2
Error: (05/13/2014 09:59:55 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Norton Internet Security%%3
Error: (05/13/2014 09:59:55 AM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: DgiVecp%%2
Error: (05/13/2014 06:44:14 AM) (Source: Dhcp) (User: ) (EventID: 1001)
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0060738BE6D1 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%1223. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/13/2014 06:44:03 AM) (Source: Dhcp) (User: ) (EventID: 1001)
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0060738BE6D1 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%1223. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/12/2014 06:28:21 PM) (Source: Dhcp) (User: ) (EventID: 1001)
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0060738BE6D1 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%1223. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Error: (05/12/2014 06:28:11 PM) (Source: Dhcp) (User: ) (EventID: 1001)
Description: Diesem Computer konnte keine Netzwerkadresse durch den DHCP-Server für die Netzwerkkarte mit der Netzwerkadresse 0060738BE6D1 zugeteilt werden. Der folgende Fehler ist aufgetreten:
%%1223. Es wird weiterhin im Hintergrund versucht, eine Adresse vom Netzwerkadressserver (DHCP) zugeteilt zu bekommen.
Microsoft Office Sessions:
=========================
Error: (02/09/2014 07:27:38 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 418 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/21/2013 04:15:23 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 52073 seconds with 1620 seconds of active time. This session ended with a crash.
Error: (03/04/2013 11:53:49 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 561642 seconds with 4740 seconds of active time. This session ended with a crash.
Error: (08/22/2012 09:36:37 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 46 seconds with 0 seconds of active time. This session ended with a crash.
Error: (08/22/2012 09:35:37 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 602221 seconds with 28440 seconds of active time. This session ended with a crash.
Error: (05/31/2012 11:30:11 AM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 66304 seconds with 180 seconds of active time. This session ended with a crash.
Error: (02/14/2012 04:43:04 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 370993 seconds with 13440 seconds of active time. This session ended with a crash.
Error: (09/06/2011 00:18:43 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 152301 seconds with 8100 seconds of active time. This session ended with a crash.
Error: (07/07/2011 02:36:35 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 22784 seconds with 3300 seconds of active time. This session ended with a crash.
Error: (04/07/2011 03:49:07 PM) (Source: Microsoft Office 12 Sessions) (User: ) (EventID: 7001)
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 5672 seconds with 300 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-05-13 13:23:41.563
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:23:41.293
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:23:41.017
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:23:40.748
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:23:40.364
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:23:40.091
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:23:39.815
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:23:39.538
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:23:22.089
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-13 13:23:21.815
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 53%
Total physical RAM: 6142.33 MB
Available physical RAM: 2874.53 MB
Total Pagefile: 12483.69 MB
Available Pagefile: 8702.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:582.33 GB) (Free:358.8 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.84 GB) (Free:1.95 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP2) (Fixed) (Total:596.17 GB) (Free:563.2 GB) NTFS
Drive h: () (Removable) (Total:1.91 GB) (Free:1.73 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=582 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 596 GB) (Disk ID: 0A9EBB9C)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 2 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
Viele Grüße |
FRST 32-Bit | FRST 64-Bit