Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Roll Around Virus eingefangen (https://www.trojaner-board.de/164369-roll-around-virus-eingefangen.html)

ulfilas-bs 23.02.2015 17:54
Roll Around Virus eingefangen
 
Hallo,

ich habe mir offenbar am Wochenende einen Virus eingefangen, der dafür sorgt, daß ständig Werbeeinblendungen meinen Bildschirm zumüllen.

An den unterschiedlichsten Stellen sind diese Einblendungen mit "Roll Around" oder "Roll Around Advertisement" gekennzeichnet.

Wie kann ich das dauerhaft beheben?

Ich will nicht unerwähnt lassen, daß ich in Computerdingen recht unbelesen bin. Ich bin zwar seit Jahren Computerbenutzer, mehr aber auch nicht.

Vielen Dank im voraus.

Wolfgang

PS: Mein Betriebssystem ist Win 7

schrauber 23.02.2015 17:57
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


ulfilas-bs 23.02.2015 18:29
Hallo Schrauber,

danke für die schnelle Antwort.

Ich hoffe, ich mache jetzt alles richtig. Versuchen wir es mal:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2015
Ran by ulfilas (administrator) on ULFILAS-PC2 on 23-02-2015 18:16:58
Running from C:\Users\ulfilas\Downloads
Loaded Profiles: ulfilas (Available profiles: ulfilas & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1294882704\ee\aolsoftware.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Dropbox, Inc.) C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [134416 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1294882704\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Soft32 Updater.exe] => C:\Users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe [163640 2011-10-19] (I.T.N.T.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [42320 2012-01-31] (AOL Inc.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\MountPoints2: E - E:\autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m3800&r=17361209cm16973354k458h892jv8s
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8d82658c-bf64-4670-95c2-87ac0d42a30e&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/04/2013&type=hp1000
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://search.babylon.com/?babsrc=HP_Prot
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8d82658c-bf64-4670-95c2-87ac0d42a30e&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/04/2013&type=hp1000
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?babsrc=HP_ss_gin2g&mntrId=E6ED582C80139263&affID=119357&tt=250613_gr4&tsp=4924
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=394&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> 07011D6973D74D4683BA58A6A4934816 URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8d82658c-bf64-4670-95c2-87ac0d42a30e&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/04/2013&type=hp1000
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} ->  No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Roll Around -> {83c0e288-8fa0-43d3-acc7-c1e839d85abc} -> C:\Program Files (x86)\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66)
Toolbar: HKLM-x32 - ChatZum Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} -  No File
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
Toolbar: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> No Name - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {B4977DFF-8AE5-44DC-8A42-C62F56960AA9} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default
FF SearchEngineOrder.3: Bing
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\searchplugins\buenosearch.xml
FF Extension: Avira Browser Safety - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: ProxTube - Unblock YouTube - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\ich@maltegoetz.de [2014-02-07]
FF Extension: ChatZum Toolbar - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83} [2013-04-05]
FF Extension: Viewtubes - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-04-20]
FF Extension: YouTube quality manager - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\youtubequality@rzll.xpi [2012-04-21]
FF Extension: Roll Around - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{711c82f1-361e-4764-aa28-cdd55ff6117e}.xpi [2015-02-20]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-20]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2012-11-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-31]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-07]

Chrome:
=======
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-11-01]
CHR Extension: (Google Docs) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-01]
CHR Extension: (Google Drive) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-01]
CHR Extension: (Adblock Plus) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-22]
CHR Extension: (Google Search) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-07-01]
CHR Extension: (iLivid) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-02-20]
CHR Extension: (DVDVideoSoft) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2014-01-16]
CHR Extension: (Google Wallet) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-01]
CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gebcpofjimbbchggpnfcaiieolloeodp] - C:\Users\ulfilas\AppData\Local\BargainWorkbench.crx [2013-09-05]
CHR HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\ulfilas\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx [Not Found]
CHR HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gebcpofjimbbchggpnfcaiieolloeodp] - C:\Users\ulfilas\AppData\Local\BargainWorkbench.crx [2013-09-05]
CHR HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-11]
CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\ulfilas\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gebcpofjimbbchggpnfcaiieolloeodp] - C:\Users\ulfilas\AppData\Local\BargainWorkbench.crx [2013-09-05]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-28] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992048 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.)
S1 FNETURPX; C:\Windows\SysWOW64\drivers\FNETURPX.SYS [7040 2013-01-26] (FNet Co., Ltd.) [File not signed]
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-04-05] (REALiX(tm))
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 USA19H; C:\Windows\System32\DRIVERS\USA19Hx64.sys [740096 2007-10-30] (Keyspan)
S3 USA19HP; C:\Windows\System32\DRIVERS\USA19Hx64p.SYS [35840 2007-10-23] (Keyspan)
R1 {9d5747ee-0448-4681-8337-1555de75a3b6}Gw64; C:\Windows\System32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64.sys [61120 2014-06-14] (StdLib)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 okorkylq; \??\C:\Windows\system32\drivers\okorkylq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 18:16 - 2015-02-23 18:18 - 00032088 _____ () C:\Users\ulfilas\Downloads\FRST.txt
2015-02-23 18:16 - 2015-02-23 18:17 - 00000000 ____D () C:\FRST
2015-02-23 18:16 - 2015-02-23 18:16 - 02087424 _____ (Farbar) C:\Users\ulfilas\Downloads\FRST64.exe
2015-02-23 17:23 - 2015-02-23 17:24 - 00002721 _____ () C:\Users\ulfilas\Downloads\software_removal_tool.log
2015-02-22 23:28 - 2015-02-22 23:32 - 00000000 ____D () C:\Users\ulfilas\Desktop\201+7756-2010-07-23
2015-02-22 23:26 - 2015-02-22 23:26 - 00000000 ____D () C:\Users\ulfilas\Desktop\2007_02
2015-02-22 23:25 - 2015-02-22 23:25 - 00000000 ____D () C:\Users\ulfilas\Desktop\201_35_v_L_20111222_Schloss
2015-02-22 23:24 - 2015-02-22 23:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\bw201-1
2015-02-20 14:03 - 2015-02-20 14:03 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\RHEng
2015-02-20 14:03 - 2015-02-20 14:03 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-20 14:00 - 2015-02-20 14:00 - 03533008 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter (1).exe
2015-02-20 13:59 - 2015-02-20 14:01 - 03312648 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter.exe
2015-02-17 15:17 - 2015-02-17 18:08 - 01787688 _____ () C:\Users\ulfilas\Desktop\Anzeige Musik Express.tif
2015-02-17 15:17 - 2015-02-17 18:08 - 00841028 _____ () C:\Users\ulfilas\Desktop\Anzeige Musik Express.ai
2015-02-16 20:18 - 2015-02-16 20:18 - 00000000 ____D () C:\Users\ulfilas\Desktop\DatenblattE12
2015-02-16 14:55 - 2015-02-19 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-12 20:00 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 20:00 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 17:01 - 2015-02-12 17:02 - 06372800 _____ (Tim Kosse) C:\Users\ulfilas\Downloads\FileZilla_3.10.1.1_win32-setup.exe
2015-02-12 00:03 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 00:03 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 00:03 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 00:03 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 00:03 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 00:03 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 00:03 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 00:03 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 00:03 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 00:03 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 00:03 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 00:03 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 00:03 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 00:03 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 00:03 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 00:03 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 00:03 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 00:03 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 00:03 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 00:02 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 00:02 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 00:02 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 00:02 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 00:02 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 00:02 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 00:02 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 00:02 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 00:02 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 00:02 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 00:02 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 00:02 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 00:02 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 00:02 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 00:02 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 00:02 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 00:02 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 00:02 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-12 00:01 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 00:01 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 00:01 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 00:01 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 00:01 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 00:01 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 01:23 - 2015-02-11 01:23 - 04752438 _____ () C:\Users\ulfilas\Downloads\mt31345,1236865807,HK_uebersicht.bmp
2015-02-10 21:00 - 2015-02-10 21:02 - 00000000 ____D () C:\Users\ulfilas\Desktop\2015-02-1013.53.18
2015-02-10 14:29 - 2015-02-10 14:29 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller (1).exe
2015-02-09 00:45 - 2015-02-09 00:49 - 00000128 ____H () C:\ProgramData\V93GE
2015-02-09 00:45 - 2015-02-09 00:45 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\LaserSoft Imaging
2015-02-09 00:30 - 2015-02-09 00:30 - 17070168 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Documentation_de.exe
2015-02-09 00:26 - 2015-02-09 00:30 - 427688568 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Movies_de.exe
2015-02-09 00:26 - 2015-02-09 00:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\Program Files\SilverFast Application
2015-02-09 00:23 - 2015-02-09 00:24 - 45434944 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF-8.2.0r3(Nikon)_x64.exe
2015-02-04 03:05 - 2015-02-04 03:05 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2015-02-04 03:05 - 2015-02-04 03:05 - 00000000 ____D () C:\Program Files\VueScan
2015-02-04 03:04 - 2015-02-04 03:04 - 17367649 _____ () C:\Users\ulfilas\Downloads\Vuescan_9.4.60.zip
2015-02-04 03:04 - 2015-02-04 03:04 - 00000000 ____D () C:\Users\ulfilas\Downloads\Vuescan_9.4.60
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Scan 4
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\Program Files (x86)\Nikon
2015-02-04 01:48 - 2015-02-04 01:48 - 00003152 _____ () C:\Windows\System32\Tasks\{6726E861-BE61-476F-A0A6-B34BBB729385}
2015-02-04 01:45 - 2015-02-04 01:45 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (2).exe
2015-02-04 01:20 - 2015-02-04 01:20 - 00000000 ____D () C:\ProgramData\Nikon
2015-02-04 00:38 - 2015-02-04 00:38 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (1).exe
2015-02-04 00:37 - 2015-02-04 02:45 - 00000000 ____D () C:\Users\ulfilas\Desktop\Treiber Nikon Coolscan 5000 ED
2015-02-03 09:47 - 2002-12-04 19:54 - 00006545 _____ (Nikon Corporation) C:\Windows\SysWOW64\NKScnUSD.dll
2015-02-03 09:46 - 2015-02-03 09:46 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de.exe
2015-02-01 23:43 - 2015-02-01 23:43 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Nikon
2015-02-01 23:37 - 2015-02-04 02:01 - 00000000 ____D () C:\Windows\SysWOW64\Color
2015-02-01 23:37 - 2002-01-05 21:10 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2015-02-01 23:37 - 1997-01-30 20:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2015-02-01 23:37 - 1997-01-22 06:26 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP50.DLL
2015-02-01 23:37 - 1996-03-28 00:13 - 00010656 _____ (Nikon Inc.) C:\Windows\SysWOW64\NKNSCN95.DLL
2015-02-01 23:35 - 2015-02-01 23:35 - 00003046 _____ () C:\Windows\System32\Tasks\{DF64A0B2-4826-4E01-8091-D3A91ED4E841}
2015-01-30 02:23 - 2015-01-30 02:24 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-23 18:18 - 2012-05-05 15:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-23 17:54 - 2010-12-30 02:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-23 17:09 - 2009-11-13 03:01 - 01706379 _____ () C:\Windows\WindowsUpdate.log
2015-02-23 16:14 - 2009-09-03 09:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-23 16:14 - 2009-07-14 03:34 - 00000489 _____ () C:\Windows\win.ini
2015-02-23 15:45 - 2009-07-14 08:45 - 00000000 ____D () C:\Windows\ShellNew
2015-02-23 15:44 - 2009-12-24 15:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Google
2015-02-23 15:44 - 2009-09-03 10:07 - 00000000 ____D () C:\ProgramData\Google
2015-02-23 15:44 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-23 15:02 - 2014-06-16 00:22 - 00000288 _____ () C:\Windows\Tasks\System Speedup_DEFAULT.job
2015-02-23 15:01 - 2014-06-16 00:22 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\System Speedup
2015-02-23 14:11 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-23 14:11 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-23 14:08 - 2009-09-08 23:47 - 00704324 _____ () C:\Windows\system32\perfh007.dat
2015-02-23 14:08 - 2009-09-08 23:47 - 00152162 _____ () C:\Windows\system32\perfc007.dat
2015-02-23 14:08 - 2009-07-14 06:13 - 01634576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-23 14:05 - 2013-11-19 17:41 - 00000000 ___RD () C:\Users\ulfilas\Dropbox
2015-02-23 14:04 - 2014-05-08 23:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa.job
2015-02-23 14:04 - 2013-11-19 17:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Dropbox
2015-02-23 14:03 - 2012-01-16 13:11 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2015-02-23 14:02 - 2009-11-13 03:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-23 14:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-23 14:02 - 2009-07-14 05:51 - 00169012 _____ () C:\Windows\setupact.log
2015-02-23 13:43 - 2011-06-20 14:24 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{40457202-43A6-48A0-B73A-FD3D606DDC7E}
2015-02-23 03:18 - 2014-07-01 09:16 - 00000280 _____ () C:\Windows\Tasks\System Speedupsch.job
2015-02-23 02:00 - 2009-12-24 14:37 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Adobe
2015-02-23 00:51 - 2010-04-02 14:09 - 06338560 ___SH () C:\Users\ulfilas\Desktop\Thumbs.db
2015-02-22 23:14 - 2012-12-03 13:31 - 00000000 ____D () C:\Users\ulfilas\Desktop\Verknüpfungen
2015-02-20 15:40 - 2009-09-03 10:10 - 01422700 _____ () C:\Windows\PFRO.log
2015-02-20 14:04 - 2011-05-08 13:47 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-20 10:35 - 2014-02-07 01:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-19 21:03 - 2012-02-25 21:03 - 00000318 _____ () C:\Windows\Tasks\MT66 Software Update.job
2015-02-18 14:42 - 2013-04-30 12:11 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\MyPhoneExplorer
2015-02-18 01:22 - 2014-06-16 00:22 - 00000296 _____ () C:\Windows\Tasks\System Speedup_UPDATES.job
2015-02-17 00:49 - 2014-12-04 22:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Beschriftung Bw 77
2015-02-13 08:30 - 2012-09-27 11:14 - 00000000 ____D () C:\Windows\rescache
2015-02-13 02:59 - 2013-11-19 17:27 - 00002977 _____ () C:\Windows\wininit.ini
2015-02-13 02:59 - 2013-11-19 17:27 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 17:02 - 2011-04-09 02:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\FileZilla
2015-02-12 12:35 - 2013-10-06 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON PhotoQuicker
2015-02-12 12:35 - 2011-06-23 20:06 - 00000000 ____D () C:\Program Files (x86)\EPSON
2015-02-12 12:35 - 2009-09-03 09:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-12 12:30 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-12 12:22 - 2012-07-23 18:41 - 00000000 ____D () C:\ProgramData\DatacardService
2015-02-12 12:15 - 2012-04-20 18:55 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Mozilla
2015-02-12 11:38 - 2013-12-22 14:08 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-12 11:31 - 2009-07-14 05:45 - 05040184 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 03:11 - 2013-08-19 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:11 - 2012-10-18 18:11 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 03:11 - 2012-10-18 18:11 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-12 03:03 - 2010-01-09 03:02 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 17:23 - 2014-08-14 08:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 17:23 - 2013-12-22 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-09 00:26 - 2012-02-27 14:39 - 00030042 _____ () C:\Windows\DPINST.LOG
2015-02-09 00:00 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-05 05:49 - 2014-06-21 10:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa
2015-02-05 05:49 - 2010-12-30 02:43 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 03:18 - 2012-05-05 15:11 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 03:18 - 2012-05-05 15:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 03:18 - 2012-02-21 01:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 19:52 - 2011-06-07 02:12 - 00038400 ___SH () C:\Users\ulfilas\Documents\Thumbs.db
2015-02-04 19:49 - 2013-08-28 23:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Schriftverkehr
2015-01-27 13:13 - 2009-12-24 14:15 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\VirtualStore

==================== Files in the root of some directories =======

2009-09-03 09:44 - 2009-02-10 20:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2013-07-28 00:16 - 2014-07-23 00:21 - 0000149 _____ () C:\Users\ulfilas\AppData\Roaming\WB.CFG
2013-12-31 01:17 - 2014-01-03 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-28 09:16 - 2014-01-29 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-TTL.DAT
2011-06-27 22:15 - 2013-03-27 10:49 - 0003204 _____ () C:\Users\ulfilas\AppData\Roaming\wklnhst.dat
2012-03-08 18:46 - 2012-03-10 01:37 - 0001456 _____ () C:\Users\ulfilas\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2013-09-05 00:16 - 2013-09-05 00:16 - 0085126 _____ () C:\Users\ulfilas\AppData\Local\BargainWorkbench.crx
2011-02-10 21:41 - 2014-12-12 14:35 - 0030720 _____ () C:\Users\ulfilas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-11 12:39 - 2010-02-11 12:40 - 0001643 _____ () C:\Users\ulfilas\AppData\Local\MyWinLockerInstaller.txt-20100211.log
2011-06-10 12:54 - 2012-04-27 14:02 - 0007658 _____ () C:\Users\ulfilas\AppData\Local\Resmon.ResmonCfg
2009-11-13 03:07 - 2009-11-13 03:10 - 0008031 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-09-03 09:44 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-02-09 00:45 - 2015-02-09 00:49 - 0000128 ____H () C:\ProgramData\V93GE

Some content of TEMP:
====================
C:\Users\ulfilas\AppData\Local\Temp\avgnt.exe
C:\Users\ulfilas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx209hw.dll
C:\Users\ulfilas\AppData\Local\Temp\ose00000.exe
C:\Users\ulfilas\AppData\Local\Temp\ose00001.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 13:05

==================== End Of Log ============================
--- --- ---

--- --- ---



Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2015
Ran by ulfilas at 2015-02-23 18:19:12
Running from C:\Users\ulfilas\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee 14 (HKLM-x32\...\{6F5A71BD-9EC9-4A59-BFBD-CA63CFB4885D}) (Version: 14.1.137 - ACD Systems International Inc.)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.1.6731 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.1.6731 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3005 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Advanced Image Viewer and Converter 1.6 (HKLM-x32\...\Advanced Image Viewer and Converter_is1) (Version: 1.6 - Creabit Development)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Akamai) (Version:  - )
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
AppCloudUpdater (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\AppCloudUpdater) (Version:  - AppCloudUpdater) <==== ATTENTION!
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVC-C1 (HKLM-x32\...\{88307995-B9B1-4CE9-AD4A-79247F0C2200}) (Version: 1.00 - Canopus)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.624 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canopus Codec Option (HKLM-x32\...\{772E9146-D676-4869-A298-047FF2A2B92D}) (Version: 3.04 - )
CDDRV_Installer (x32 Version: 1.00.0000 - Logitech Inc.) Hidden
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CrystalDiskInfo 4.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 4.5.0 - Crystal Dew World)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DiRT (HKLM-x32\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Dropbox (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Easy Media Player 1.1.12 (HKLM-x32\...\Easy Media Player) (Version: 1.1.12 - Easy Media Player)
EasyCleaner (HKLM-x32\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - )
eBay Worldwide (HKLM-x32\...\{AAF89271-2594-468D-B578-96B2E30C41C4}) (Version: 2.1.0703 - OEM)
EDIUS 5(SetupManager) (HKLM-x32\...\{FA8B6532-78E9-490B-B97D-32379E16810E}) (Version: 5.12 - Thomson Canopus)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.20.00 - SEIKO EPSON CORPORATION)
EPSON Print CD (HKLM-x32\...\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version:  - )
EPSON PRINT Image Framer Tool2.1 (HKLM-x32\...\{23B59ED4-C360-11D7-875B-0090CC005647}) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
ESPR200 Referenzhandbuch (HKLM-x32\...\ESPR200 Referenzhandbuch) (Version:  - )
ESPR200 Softwarehandbuch (HKLM-x32\...\ESPR200 Softwarehandbuch) (Version:  - )
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FoxTab PDF Creator (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\FoxTab PDF Creator) (Version:  - ) <==== ATTENTION
Free 3D Photo Maker version 2.0.13.1206 (HKLM-x32\...\Free 3D Photo Maker_is1) (Version:  - DVDVideoSoft Ltd.)
Free Studio version 5.3.2 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Ltd.)
Free Video to Flash Converter version 5.0.3.1206 (HKLM-x32\...\Free Video to Flash Converter_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to DVD Converter version 3.0.28.1201 (HKLM-x32\...\Free YouTube to DVD Converter_is1) (Version: 3.0.28.1201 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.55.219 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.55.219 - DVDVideoSoft Ltd.)
Glary Utilities 2.41.0.1358 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.41.0.1358 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hardlock Gerätetreiber (HKLM-x32\...\Hardlock Gerätetreiber) (Version:  - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
HDR Projects platin (64-Bit) (HKLM\...\HDR Projects platin_is1) (Version: 1.23 - Franzis Verlag GmbH)
Hello Engines! Standard 4 (HKLM-x32\...\{51974F4F-7A40-48AE-99B8-243F34F17884}) (Version: 4.0.1 - AceBIT)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
HWiNFO64 Version 4.36 (HKLM\...\HWiNFO64_is1) (Version: 4.36 - Martin Malík - REALiX)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
iZotope VST Plug-ins (HKLM-x32\...\iZotope VST Plug-ins_is1) (Version: 1.00 - iZotope, Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
king.com (remove only) (HKLM-x32\...\king.com) (Version:  - Midasplayer Ltd (king.com))
Logitech SetPoint (HKLM-x32\...\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}) (Version: 3.3 - Logitech)
Macromedia Flash MX (HKLM-x32\...\{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}) (Version: 6 - Macromedia)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 27.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MP3 Recorder for YouTube 1.0 Professional-E (HKLM-x32\...\{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\MyFreeCodec) (Version:  - )
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{bd521da1-d38b-47ae-824a-c66007866327}) (Version:  - Nero AG)
NetObjects Fusion 10.0 (HKLM-x32\...\{963938DE-34BE-471A-A341-5318413CEA31}) (Version: 10.0 German - )
NetObjects Fusion 12.0 (HKLM-x32\...\{50F2611D-E53E-4FAD-9A62-50984A9B3DA5}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (x32 Version: 12.00.5000.5222 - NetObjects) Hidden
NewBlue Effects for EDIUS 5 (HKLM-x32\...\NewBlue Effects for EDIUS 5) (Version:  - )
NexusFont 2.5 (ver 2.5.7.1562) (HKLM-x32\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version:  - xiles)
Nikon Scan (HKLM-x32\...\{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}) (Version: 4.0 - )
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PcCloneEX (HKLM-x32\...\PcCloneEX) (Version:  - )
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.1 - pdfforge)
PIF DESIGNER2.1 (HKLM-x32\...\{23B59B9F-C360-11D7-875B-0090CC005647}) (Version:  - )
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ProCoder 3 (HKLM-x32\...\{663118ED-6E80-45D6-9484-6830798B8B86}) (Version: 3.05.91 - Grass Valley)
proDAD Heroglyph PEARL Edition 2.0 (HKLM-x32\...\proDAD-Heroglyph-2.0) (Version:  - )
proDAD Mercalli 1.0 (HKLM-x32\...\proDAD-Mercalli-1.0) (Version:  - )
proDAD Vitascene 1.0 (HKLM-x32\...\proDAD-Vitascene-1.0) (Version:  - )
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
ScanToWeb (HKLM-x32\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version:  - )
Setup (x32 Version: 2.01.01 - Default Company Name) Hidden
SilverFast 8.2.0r3 (64bit) (HKLM-x32\...\SilverFast 8 x64) (Version: 8.2.0r3 - LaserSoft Imaging AG)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartPCFixer 4.2 (HKLM\...\{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1) (Version: 4.2 - LionSea Software) <==== ATTENTION
Soft32 Updater (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\{9452E3A1-8F98-44D7-9CC9-522F5D36AA9E}_is1) (Version: 1.0.2.0 - Soft32)
SSC Service Utility v4.30 (HKLM-x32\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Speedup (HKLM-x32\...\System Speedup_is1) (Version: 2.1 - systemspeedup.com)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Ulead DVD MovieFactory 5 (HKLM-x32\...\{B01CC90F-C153-468A-BC33-7BE8A9B8A3D0}) (Version: 5.7 - Corel Corporation)
Ulead GIF Animator 5 (HKLM-x32\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for Zip Opener (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\DSite) (Version:  - ) <==== ATTENTION
Vasco da Gama 4 HDPro (HKLM-x32\...\{05BBF12D-565E-4212-8BDD-C482C72866DD}) (Version: 4.00.0000 - MotionStudios)
VisualLightBox (HKLM-x32\...\VisualLightBox_is1) (Version:  - )
VueScan (HKLM-x32\...\VueScan) (Version:  - )
VueScan x64 (HKLM\...\VueScan x64) (Version:  - )
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
Win7 Games Familie (HKLM-x32\...\{BA104239-E026-4F14-84E5-21D8232879B7}_is1) (Version:  - )
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinMerge 2.12.4 (HKLM-x32\...\WinMerge_is1) (Version: 2.12.4 - Thingamahoochie Software)
Yahoo Community Smartbar Engine (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\{507781d8-8ffe-4a7c-a107-2969c1d750c1}) (Version: 1.51.66.11081 - Linkury Inc.) <==== ATTENTION
Zip Opener Packages (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Zip Opener Packages) (Version:  - ) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-39457134-2311114567-1202830544-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

19-02-2015 13:33:37 Geplanter Prüfpunkt
20-02-2015 14:03:26 Uniblue PC Mechanic installation
22-02-2015 23:23:15 Windows Update
23-02-2015 15:43:15 Removed Firebird SQL Server - MAGIX Edition
23-02-2015 15:44:24 Microsoft Office File Validation Add-In wird entfernt
23-02-2015 15:44:49 Removed Microsoft Office Home and Student 2007
23-02-2015 16:12:52 Microsoft Office PowerPoint Viewer 2007 (German) wird entfernt
23-02-2015 16:13:24 Removed Microsoft Office Language Pack 2007 - German/Deutsch
23-02-2015 17:23:58 Software Removal Tool

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A7BBAD0-2F92-4427-ADC4-28FA2D114777} - System32\Tasks\{DF64A0B2-4826-4E01-8091-D3A91ED4E841} => pcalua.exe -a E:\Welcome.exe -d E:\
Task: {1381D620-C902-4016-8B56-2C87F6F18E7F} - System32\Tasks\{F4DDE730-B0CE-4463-BE94-21E2CDBA82F4} => pcalua.exe -a "C:\Users\ulfilas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ZYFR01Y\195.62_desktop_win7_winvista_32bit_international_whql[1].exe" -d C:\Users\ulfilas\Desktop
Task: {1527BC50-3043-4B84-B207-666432B8DDC9} - System32\Tasks\System Speedupsch => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-05-28] (System Speedup)
Task: {1672CAB8-6D98-49BA-917E-F30560029FC6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {16CA613C-B1F6-4F24-B4E9-B3968DEB7021} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {228F388E-D5FD-408A-B51F-64B7FCA64DDC} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {23892EBA-9C54-41A4-979C-625109861922} - System32\Tasks\{E723FADB-826B-409F-B51A-ABE2C0772FB3} => pcalua.exe -a C:\Users\ulfilas\Downloads\EDIUS5UPD_v512\SetupManagerForEDIUS.exe -d C:\Users\ulfilas\Downloads\EDIUS5UPD_v512
Task: {24F0E4AF-4402-417A-BA63-BF176D79B6BE} - System32\Tasks\{0271A1CB-9DF8-4E25-9C38-8C343215C965} => pcalua.exe -a C:\Users\ulfilas\AppData\Local\Temp\Temp1_EDIUS5UPD_v510.part01.zip\EDIUS5UPD_v510.part01.exe
Task: {39538910-0BAF-4ABA-9AE9-B45A02B670E6} - System32\Tasks\{CDF299DB-8317-43C4-936A-416101AD5113} => pcalua.exe -a E:\setup.exe -d E:\
Task: {438FC2CB-0C76-459A-9726-6BC54E8722A6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {47941720-6160-4E8E-8F08-4C598E41CB62} - System32\Tasks\{9083B65D-7109-4848-B33E-51D981E0E74E} => pcalua.exe -a "E:\EDIUS_5_weitereUpdates\iZotope EdiusVST_501.exe" -d E:\EDIUS_5_weitereUpdates
Task: {484D1538-4973-4ABD-8C2C-19CFC1F30D7A} - System32\Tasks\{5D122795-2115-4DCB-8BCE-DA32635C030A} => pcalua.exe -a "C:\Program Files (x86)\Wings of War\setup.exe"
Task: {4B6F66AB-627E-4D4D-A156-16FE40B79DD7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {537FF9F3-82C1-40A5-9A2E-A8632CE1F139} - System32\Tasks\{185ADA29-097A-4C46-9086-1357D0CFF13D} => C:\Program Files (x86)\NetObjects\NetObjects Fusion 10.0\Fusion.exe [2009-04-06] (NetObjects)
Task: {5BA23C81-C9A7-4491-B40F-5E14A30D07C2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {5E7DF6CC-AC1D-4630-8E1C-40C2E0A3A470} - System32\Tasks\{62C59ABE-DBE3-412F-BDDD-E400263A4057} => pcalua.exe -a E:\EDIUS_5_weitereUpdates\mercalli-10-edius.exe -d E:\EDIUS_5_weitereUpdates
Task: {6139358D-23D0-4326-8666-772D86C918D3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-39457134-2311114567-1202830544-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {61F40EA4-A210-4ECB-B008-15111BDE5688} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-05-28] (System Speedup)
Task: {6244E85A-E40A-42A9-8FBE-BC773950EE4D} - System32\Tasks\{A8FAB7F2-7994-4CB7-8D60-8D9062F36C85} => pcalua.exe -a "C:\Users\ulfilas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PK2THV5G\license-vs10-edius-final-setup[1].exe" -d C:\Users\ulfilas\Desktop
Task: {67176B93-9DE5-4F91-8E92-DBE2252091BE} - System32\Tasks\{574334F4-9D1A-4896-A282-A829874577FE} => pcalua.exe -a E:\ABCFontViewer.exe -d E:\
Task: {7C4306B5-AE52-44CD-8848-6699D0CD04AD} - System32\Tasks\System Speedup_UPDATES => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe [2013-05-28] (System Speedup)
Task: {81C7775D-FDEF-46C8-AC84-E83709FE379E} - System32\Tasks\{56A937FD-58C7-4C87-AC78-E23245BCED96} => pcalua.exe -a C:\Users\ulfilas\Desktop\license-mc10-edius-final-setup.exe -d C:\Users\ulfilas\Desktop
Task: {8920A950-358C-4053-9B20-81417750B0C7} - System32\Tasks\{029039E4-BD59-450A-BAC5-571366525B7F} => pcalua.exe -a "C:\Users\ulfilas\AppData\Local\Temp\Temp1_PX3130_12_83079 (1).zip\Backup software\Setup.exe"
Task: {8A32DAE3-73DA-4E5A-B724-C90C00F6AF94} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-39457134-2311114567-1202830544-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {97FE8EA6-E00E-40E1-9BAD-75C1C8844E62} - System32\Tasks\{3C689CEF-9D7E-4CCC-8361-73EA8FCE44B3} => pcalua.exe -a E:\setup.exe -d E:\
Task: {9AB0A1F1-E8E4-4C27-AFDE-511F8A46476B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {A2B9B6C4-5B90-458A-BFA5-AA376C0D4B89} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {A8AAD325-B2C6-4F99-B550-4374A79E4BDD} - System32\Tasks\AdobeAAMUpdater-1.0-ulfilas-PC2-ulfilas => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {AE8BB2BF-F88F-4DA1-8F80-940219156894} - System32\Tasks\{0977B413-051A-436E-B469-A3FD6874AD87} => pcalua.exe -a "E:\EDIUS_5_weitereUpdates\ProDAD EDIUS 5 Plug-ins für optional erhältliche Software\adoplugins.exe" -d "E:\EDIUS_5_weitereUpdates\ProDAD EDIUS 5 Plug-ins für optional erhältliche Software"
Task: {AE962257-722B-4C5F-81E0-3EB11F78862F} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {B226D1FD-5E7A-4A78-B6AE-EC3C6BE37E27} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B80842B3-E3B5-4075-9BFF-BFE584E8CBAE} - System32\Tasks\{6726E861-BE61-476F-A0A6-B34BBB729385} => pcalua.exe -a "C:\Users\ulfilas\Downloads\ns403de (2).exe" -d C:\Users\ulfilas\Downloads
Task: {DB260857-6A49-46B2-9E6F-31AD5E196803} - System32\Tasks\{6D75AA2F-72CF-4FA8-9A24-3781C616535B} => pcalua.exe -a C:\Users\ulfilas\Downloads\kinginstaller.exe -d C:\Users\ulfilas\Downloads
Task: {E1162C2C-F04B-4E5C-B38B-F090EC0942C8} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {E1AB0DC2-78C8-459C-99C6-89474A381581} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2011-12-27] (Glarysoft Ltd)
Task: {E5DD81AA-A581-4826-8798-606DDCE7D4CF} - System32\Tasks\{BD5AA116-3872-46FA-B9EE-30DA74ED1DCB} => pcalua.exe -a C:\Users\ulfilas\Downloads\Rossmann_Fotosoftware_Setup.exe -d C:\Users\ulfilas\Downloads
Task: {EB6FA328-6145-40FE-9859-32F6D861E87D} - System32\Tasks\{504E8EFE-07DF-49D7-ACB0-363966DCD849} => pcalua.exe -a "C:\Users\ulfilas\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AA2KSY5V\googleearthwin-peruser[1].exe" -d C:\Users\ulfilas\Desktop
Task: {ECF69DC5-821A-4F8E-9C9E-DCBC1C929D3A} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {F38D329C-FDB3-436C-818A-A8FA6DE94742} - System32\Tasks\{A70B6C0D-4BB2-4B0D-ADF4-7E9C82D6D666} => C:\Program Files (x86)\NetObjects\NetObjects Fusion 10.0\Fusion.exe [2009-04-06] (NetObjects)
Task: {FBE3B2B7-17E9-4943-AED4-A1ACC00EC1D3} - System32\Tasks\{F0374E83-0A2C-4373-8124-2CB1427251BE} => C:\Program Files (x86)\NetObjects\NetObjects Fusion 10.0\Fusion.exe [2009-04-06] (NetObjects)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe
Task: C:\Windows\Tasks\System Speedupsch.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_DEFAULT.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe
Task: C:\Windows\Tasks\System Speedup_UPDATES.job => C:\Program Files (x86)\System Speedup\SystemSpeedup.exe

==================== Loaded Modules (whitelisted) ==============

2012-11-20 03:02 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-04-21 13:09 - 2011-10-04 21:43 - 00087552 _____ () C:\Windows\System32\custmon64i.dll
2014-07-16 09:24 - 2014-07-16 09:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00750080 _____ () C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-23 14:04 - 2015-02-23 14:04 - 00043008 _____ () c:\users\ulfilas\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx209hw.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00047616 _____ () C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00865280 _____ () C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 22:00 - 2015-02-10 22:00 - 00200704 _____ () C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-01-31 19:25 - 2012-01-31 19:25 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7\zlib.dll
2012-01-31 19:25 - 2012-01-31 19:25 - 00094208 _____ () C:\Program Files (x86)\AOL Desktop 9.7\Components\Tier2Svc.dll
2012-01-31 19:25 - 2012-01-31 19:25 - 00060928 _____ () C:\Program Files (x86)\AOL Desktop 9.7\Components\DataSvcs.dll
2014-10-16 10:15 - 2014-10-16 10:15 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-02-20 15:55 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 15:55 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 15:55 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-02-20 15:55 - 2015-02-17 23:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:423BBE9A
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:58DD92AC
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:DDE7FCF4
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk => C:\Windows\pss\Adobe Gamma Loader.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk => C:\Windows\pss\Logitech SetPoint.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ulfilas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_57685536.lnk => C:\Windows\pss\_uninst_57685536.lnk.Startup
MSCONFIG\startupreg: ACSW14DE => "C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeInTouch2.exe" /pid ACSW14DE
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\ulfilas\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.6\AOL.EXE" -b
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: EPSON Stylus Photo R285 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICKE.EXE /FU "C:\Windows\TEMP\E_SAF88.tmp" /EF "HKCU"
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1294882704\ee\AOLSoftware.exe
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: IMBooster => C:\Program Files (x86)\Iminent\IMBooster\imbooster.exe /warmup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NexusServer => "C:\Program Files (x86)\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe" -SelfLaunch
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Soft32 Updater.exe => C:\Users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe /SILENT
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

==================== Accounts: =============================

Administrator (S-1-5-21-39457134-2311114567-1202830544-500 - Administrator - Disabled)
Gast (S-1-5-21-39457134-2311114567-1202830544-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-39457134-2311114567-1202830544-1002 - Limited - Enabled)
ulfilas (S-1-5-21-39457134-2311114567-1202830544-1000 - Administrator - Enabled) => C:\Users\ulfilas
UpdatusUser (S-1-5-21-39457134-2311114567-1202830544-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: PS/2 Mouse
Description: PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Logitech
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/23/2015 02:03:28 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
  bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
  bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (02/23/2015 01:46:26 PM) (Source: MsiInstaller) (EventID: 10005) (User: ulfilas-PC2)
Description: Produkt: Shopping App by Ask -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:

Google Chrome

Error: (02/23/2015 01:46:19 PM) (Source: MsiInstaller) (EventID: 10005) (User: ulfilas-PC2)
Description: Produkt: Shopping App by Ask -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:

Google Chrome

Error: (02/23/2015 01:46:17 PM) (Source: MsiInstaller) (EventID: 10005) (User: ulfilas-PC2)
Description: Produkt: Shopping App by Ask -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:

Google Chrome

Error: (02/23/2015 01:46:04 PM) (Source: MsiInstaller) (EventID: 10005) (User: ulfilas-PC2)
Description: Produkt: Shopping App by Ask -- Fehler 25001. Die folgenden Anwendungen sollten geschlossen werden, bevor Sie mit der Deinstallation fortfahren:

Google Chrome

Error: (02/20/2015 04:50:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDCreator.exe, Version: 5.10.0.8, Zeitstempel: 0x4a3a7e4f
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003ae7a
ID des fehlerhaften Prozesses: 0x12c4
Startzeit der fehlerhaften Anwendung: 0xDVDCreator.exe0
Pfad der fehlerhaften Anwendung: DVDCreator.exe1
Pfad des fehlerhaften Moduls: DVDCreator.exe2
Berichtskennung: DVDCreator.exe3

Error: (02/20/2015 04:49:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDCreator.exe, Version: 5.10.0.8, Zeitstempel: 0x4a3a7e4f
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003ae7a
ID des fehlerhaften Prozesses: 0x53c
Startzeit der fehlerhaften Anwendung: 0xDVDCreator.exe0
Pfad der fehlerhaften Anwendung: DVDCreator.exe1
Pfad des fehlerhaften Moduls: DVDCreator.exe2
Berichtskennung: DVDCreator.exe3

Error: (02/20/2015 04:48:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DVDCreator.exe, Version: 5.10.0.8, Zeitstempel: 0x4a3a7e4f
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.6161, Zeitstempel: 0x4dace5b9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003ae7a
ID des fehlerhaften Prozesses: 0xe8c
Startzeit der fehlerhaften Anwendung: 0xDVDCreator.exe0
Pfad der fehlerhaften Anwendung: DVDCreator.exe1
Pfad des fehlerhaften Moduls: DVDCreator.exe2
Berichtskennung: DVDCreator.exe3

Error: (02/19/2015 02:10:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Nikon Scan.exe, Version: 4.0.3.3000, Zeitstempel: 0x405e6549
Name des fehlerhaften Moduls: LS5000.md3, Version: 1.0.0.3014, Zeitstempel: 0x45c8465c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00086f07
ID des fehlerhaften Prozesses: 0xff0
Startzeit der fehlerhaften Anwendung: 0xNikon Scan.exe0
Pfad der fehlerhaften Anwendung: Nikon Scan.exe1
Pfad des fehlerhaften Moduls: Nikon Scan.exe2
Berichtskennung: Nikon Scan.exe3

Error: (02/19/2015 00:30:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Nikon Scan.exe, Version: 4.0.3.3000, Zeitstempel: 0x405e6549
Name des fehlerhaften Moduls: LS9000.md3, Version: 1.0.0.3009, Zeitstempel: 0x45c84720
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00026fb7
ID des fehlerhaften Prozesses: 0x4e9c
Startzeit der fehlerhaften Anwendung: 0xNikon Scan.exe0
Pfad der fehlerhaften Anwendung: Nikon Scan.exe1
Pfad des fehlerhaften Moduls: Nikon Scan.exe2
Berichtskennung: Nikon Scan.exe3


System errors:
=============
Error: (02/23/2015 05:00:33 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/23/2015 05:00:33 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/23/2015 05:00:33 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (02/23/2015 02:06:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (02/23/2015 02:06:29 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/23/2015 02:04:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
FNETURPX

Error: (02/23/2015 02:02:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\FNETURPX.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/23/2015 01:39:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (02/23/2015 01:39:04 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (02/23/2015 01:37:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
FNETURPX


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 43%
Total physical RAM: 6143.14 MB
Available physical RAM: 3469.03 MB
Total Pagefile: 12284.47 MB
Available Pagefile: 8983.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:690.95 GB) (Free:122.23 GB) NTFS
Drive d: (DATA) (Fixed) (Total:691.21 GB) (Free:96.92 GB) NTFS
Drive f: (TOSHIBA EXT) (Fixed) (Total:2794.51 GB) (Free:2562.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 3A331294)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=691 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=691.2 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 1.

==================== End Of Log ============================

schrauber 24.02.2015 07:01
Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    AppCloudUpdater

    FoxTab PDF Creator

    SmartPCFixer 4.2

    Update for Zip Opener

    Yahoo Community Smartbar Engine (HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\{507781d8-8ffe-4a7c-a107-2969c1d750c1}) (Version: 1.51.66.11081 - Linkury Inc.) <==== ATTENTION

    Zip Opener Packages



  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

ulfilas-bs 24.02.2015 10:21
Hallo,

ich habe jetzt den Revo Uninstaller ausgeführt, indem ich die beschriebenen Schritte für jedes Programm jeweils nacheinander durchlaufen habe.

Alle angegebenen Programme gleichzeitig auszuwählen, war nicht möglich. Ich hoffe, dies war so korrekt.

Zwischendurch erhielt ich jedesmal eine Fehlermeldung:

http://www.ulfilas.com/Screenshot.jpg

Ich habe jeweils auf "Ok" geklickt und den Prozeß fortgesetzt.

Nach jedem Entfernen eines Programms habe ich dann, wie beschrieben, die Reste gelöscht.

Am Ende eines jeden Durchlaufs konnte ich nur "Zurück" klicken oder "Abbruch".

Da ein - probeweiser - Klick auf "Zurück" die Meldung lieferte, ich würde dadurch den moderaten Modus verlassen und mit einem anderen Modus eine tiefere Suche starten (sinngemäß), habe ich mit nach jedem Durchlauf für das Klicken auf "Abbruch" entschieden.

War das korrekt?

Zwei der in deiner Auflistung genannten Programme habe ich im Fenster "Uninstall" nicht gefunden, und zwar "SmartPCFixer 4.2" und "Update for Zip Opener".

Sollen die auf meinem Rechner tatsächlich vorhanden sein, oder war dies eine Standard-Auflistung?

Da ich mir nun nicht sicher bin, ob ich bisher alles richtig gemacht habe, stoppe ich an dieser Stelle erstmal und warte deine Antwort ab.

Der Scan mit Combofix steht daher zur Zeit noch aus.

Viele Grüße

Wolfgang

schrauber 24.02.2015 17:04
Nein, nicht Abbruch klicken. Wenn das Reste löschen vorbei ist solltest Du wieder auf der Hauptseite von Revo landen, mit der Anzeige der installierten Programme.

Programme die dort nicht gelistet sind normal über Windows deinstallieren. Egal ob das klappt oder nicht, direkt weiter mit Combofix.

ulfilas-bs 24.02.2015 19:10
Vermutlich habe ich jetzt schon einen Fehler gemacht, indem ich Combofix heruntergeladen und sofort gestartet habe.

Es lief auch alles schön durch bis zu dem Punkt, an dem ich darauf hingewiesen wurde, daß Avira und Microsoft Security Essentials noch am Laufen seien.

Dieses Dialogfenster habe ich geöffnet gelassen und daraufhin versucht, Avira und Microsoft Security Essentials zu deaktivieren.

Ich klickte dann im Dialogfenster von Combofix auf "Ok", um den Prozeß fortzusetzen.

Microsoft Security Essentials scheint auch deaktiviert zu sein, Avira aber offenbar nicht, wie sich aus der darauf folgenden Meldung schließen läßt.

Was das Deaktivieren von Avira betrifft, bin ich jetzt allerdings auch überfragt. Im Dialogfeld, daß ich über die Leiste am unteren Bildschirmrand aufmachen kann, läßt sich ncihts weiter tun.

Klicke ich auf "Geräte verwalten", tut sich gar nichts. Klicke ich über der grünen Fläche "Free Antivirus" auf "Öffnen" (das beim Überfahren mit der Maus sichtbar wird), tut sich dort auch nichts.

Combofix warnt mich jetzt, mit dem Suchlauf fortzufahren.

Was soll ich tun?

Das Combofix-Dialogfeld habe ich nach wie vor offen.

Hier ein Screenshot der Combofix- und Avira-Dialogfenster:

http://www.ulfilas.com/Screenshot2

schrauber 25.02.2015 07:10
fortfahren :)

ulfilas-bs 26.02.2015 11:44
Hallo,

Combofix ist jetzt durchgelaufen. Unten folgt das gelieferte Ergebnis.

Zu meiner Schande muß ich aber gestehen, daß ich zwischenzeitlich doch geklickt habe, und auch noch ins blaue Combofix-Fenster hinein:

An irgendeiner Stelle meldete Combofix, daß 50 Routinen jetzt beendet seien. Da sich nichts mehr tat, ging ich davon aus, der komplette Ablauf sei beendet und ich müsse jetzt den Text aus diesem Fenster kopieren.

Das war aber ein Irrtum. Ich konnte ja nicht wissen, wann genau der Prozeß beendet sein würde.

Das Problem ist auch tatsächlich noch nicht behoben. Während ich jetzt auf dieser Seite bin, erscheinen weiterhin Werbeeinblendungen von Roll Around und es gehen von allein entsprechende Seiten auf, die ich nicht sehen will.

Hier aber nun erstmal die Textdatei von Combofix:

Code:
ComboFix 15-02-16.01 - ulfilas 26.02.2015  11:08:29.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.6143.3657 [GMT 1:00]
ausgeführt von:: c:\users\ulfilas\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Microsoft Security Essentials *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\users\ulfilas\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\ulfilas\AppData\Roaming\.#
c:\windows\IsUn0407.exe
c:\windows\msdownld.tmp
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\tmp35EE.tmp
c:\windows\SysWow64\tmp360E.tmp
c:\windows\SysWow64\tmpBB85.tmp
c:\windows\SysWow64\UNWISE.EXE
F:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
.
.
(((((((((((((((((((((((  Dateien erstellt von 2015-01-26 bis 2015-02-26  ))))))))))))))))))))))))))))))
.
.
2015-02-26 10:19 . 2015-02-26 10:19        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2015-02-26 10:19 . 2015-02-26 10:19        --------        d-----w-        c:\users\Default\AppData\Local\temp
2015-02-25 22:37 . 2015-01-29 09:07        11910896        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{187FB08E-A80B-423B-8990-F87403485FCD}\mpengine.dll
2015-02-24 19:34 . 2015-01-29 09:07        11910896        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-02-24 08:45 . 2015-02-24 08:45        --------        d-----w-        c:\program files (x86)\VS Revo Group
2015-02-23 17:16 . 2015-02-23 17:20        --------        d-----w-        C:\FRST
2015-02-22 22:24 . 2014-09-16 15:09        1188440        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E231660A-B052-4222-AB05-B6F3A22962A1}\gapaengine.dll
2015-02-20 13:03 . 2015-02-20 13:03        --------        d-----w-        c:\program files (x86)\Free Codec Pack
2015-02-20 13:03 . 2015-02-20 13:03        --------        d-----w-        c:\users\ulfilas\AppData\Roaming\RHEng
2015-02-16 13:55 . 2015-02-19 20:12        --------        d-----w-        c:\program files (x86)\Mozilla Thunderbird
2015-02-12 19:00 . 2015-01-23 04:41        6041600        ----a-w-        c:\windows\system32\jscript9.dll
2015-02-12 19:00 . 2015-01-23 03:43        620032        ----a-w-        c:\windows\SysWow64\jscript9diag.dll
2015-02-12 19:00 . 2015-01-23 03:17        4300800        ----a-w-        c:\windows\SysWow64\jscript9.dll
2015-02-12 19:00 . 2015-01-23 04:42        814080        ----a-w-        c:\windows\system32\jscript9diag.dll
2015-02-11 23:02 . 2015-01-15 08:14        155072        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2015-02-11 23:01 . 2014-12-08 03:09        406528        ----a-w-        c:\windows\system32\scesrv.dll
2015-02-11 23:01 . 2014-12-08 02:46        308224        ----a-w-        c:\windows\SysWow64\scesrv.dll
2015-02-11 23:01 . 2015-01-14 06:09        5554112        ----a-w-        c:\windows\system32\ntoskrnl.exe
2015-02-11 23:01 . 2015-01-14 05:44        3972544        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2015-02-11 23:01 . 2015-01-14 05:44        3917760        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2015-02-11 23:01 . 2015-01-14 06:05        503808        ----a-w-        c:\windows\system32\srcore.dll
2015-02-11 23:01 . 2015-01-14 06:04        296960        ----a-w-        c:\windows\system32\rstrui.exe
2015-02-11 23:01 . 2015-01-14 06:05        50176        ----a-w-        c:\windows\system32\srclient.dll
2015-02-11 23:01 . 2015-01-14 05:41        43008        ----a-w-        c:\windows\SysWow64\srclient.dll
2015-02-11 23:01 . 2015-01-09 02:03        3201536        ----a-w-        c:\windows\system32\win32k.sys
2015-02-08 23:45 . 2015-02-08 23:45        --------        d-----w-        c:\users\ulfilas\AppData\Roaming\LaserSoft Imaging
2015-02-08 23:25 . 2015-02-08 23:25        --------        d-----w-        c:\programdata\LaserSoft Imaging
2015-02-08 23:25 . 2015-02-08 23:25        --------        d-----w-        c:\program files\SilverFast Application
2015-02-04 02:05 . 2015-02-04 02:05        --------        d-----w-        c:\program files\VueScan
2015-02-04 01:01 . 2015-02-04 01:01        --------        d-----w-        c:\program files (x86)\Nikon
2015-02-04 00:20 . 2015-02-04 00:20        --------        d-----w-        c:\programdata\Nikon
2015-02-03 08:47 . 2002-12-04 18:54        6545        ----a-w-        c:\windows\SysWow64\NKScnUSD.dll
2015-02-01 22:43 . 2015-02-01 22:43        --------        d-----w-        c:\users\ulfilas\AppData\Roaming\Nikon
2015-02-01 22:37 . 1997-01-22 05:26        565760        ----a-w-        c:\windows\SysWow64\MSVCP50.DLL
2015-02-01 22:37 . 2002-01-05 20:10        61440        ----a-w-        c:\windows\SysWow64\mfc70deu.dll
2015-02-01 22:37 . 1997-01-30 19:00        51200        ----a-w-        c:\windows\SysWow64\Mfc42loc.dll
2015-02-01 22:37 . 1996-03-27 23:13        10656        ----a-w-        c:\windows\SysWow64\NKNSCN95.DLL
2015-02-01 22:37 . 2015-02-04 01:01        --------        d-----w-        c:\windows\SysWow64\Color
2015-02-01 22:37 . 2015-02-01 22:37        --------        d-----w-        c:\program files (x86)\Common Files\Nikon
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-12 10:38 . 2013-12-22 13:08        44088        ----a-w-        c:\windows\system32\drivers\avnetflt.sys
2015-02-12 10:38 . 2013-12-22 13:08        132120        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2015-02-12 10:38 . 2013-12-22 13:08        128536        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2015-02-12 02:03 . 2010-01-09 02:02        116773704        ----a-w-        c:\windows\system32\MRT.exe
2015-02-05 02:18 . 2012-05-05 14:11        701616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-05 02:18 . 2012-02-21 00:55        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-01-07 12:25 . 2015-01-07 12:25        114872        ----a-w-        c:\windows\system32\pdfcmon.dll
2014-12-31 11:14 . 2009-12-24 14:43        298120        ------w-        c:\windows\system32\MpSigStub.exe
2014-12-19 03:06 . 2015-01-15 05:51        210432        ----a-w-        c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-15 05:51        141312        ----a-w-        c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-15 05:51        52736        ----a-w-        c:\windows\system32\TSWbPrxy.exe
2014-12-06 04:17 . 2015-01-15 05:51        303616        ----a-w-        c:\windows\system32\nlasvc.dll
2014-12-06 03:50 . 2015-01-15 05:51        52224        ----a-w-        c:\windows\SysWow64\nlaapi.dll
2014-12-06 03:50 . 2015-01-15 05:51        156672        ----a-w-        c:\windows\SysWow64\ncsi.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}]
2014-10-10 15:03        37928        ----a-w-        c:\program files (x86)\PDF Architect 2\creator-ie-helper.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-02-19 18:14        297128        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{DEEB13D7-CEA9-45FB-B77C-E039BEC85221}"= "c:\program files (x86)\PDF Architect 2\creator-ie-plugin.dll" [2014-10-10 478760]
.
[HKEY_CLASSES_ROOT\clsid\{deeb13d7-cea9-45fb-b77c-e039bec85221}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter.1]
[HKEY_CLASSES_ROOT\TypeLib\{30CEDC3C-254F-4827-9A25-A4AA041826CC}]
[HKEY_CLASSES_ROOT\PDFIEPlugin.PDFIEConverter]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        152544        ----a-w-        c:\users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        152544        ----a-w-        c:\users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        152544        ----a-w-        c:\users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:18        120104        ----a-w-        c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Soft32 Updater.exe"="c:\users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe" [2011-10-19 163640]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
"AOL Fast Start"="c:\program files (x86)\AOL Desktop 9.7\AOL.EXE" [2012-01-31 42320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HostManager"="c:\program files (x86)\Common Files\AOL\1294882704\ee\AOLSoftware.exe" [2010-03-08 41800]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-10-11 60712]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-02-12 703280]
"Acrobat Assistant 7.0"="c:\program files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2015-01-19 126712]
.
c:\users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-10-6 110592]
Dropbox.lnk - c:\users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-2-11 42555824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Acrobat - Schnellstart.lnk - c:\windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe [2015-1-6 25214]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
R1 okorkylq;okorkylq;c:\windows\system32\drivers\okorkylq.sys;c:\windows\SYSNATIVE\drivers\okorkylq.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys;c:\windows\SYSNATIVE\drivers\HCW85BDA.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 UPnPService;UPnPService;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe;c:\program files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [x]
R3 USA19H;USA19H;c:\windows\system32\DRIVERS\USA19Hx64.sys;c:\windows\SYSNATIVE\DRIVERS\USA19Hx64.sys [x]
R3 USA19HP;USA19HP;c:\windows\system32\DRIVERS\USA19Hx64p.SYS;c:\windows\SYSNATIVE\DRIVERS\USA19Hx64p.SYS [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S1 {9d5747ee-0448-4681-8337-1555de75a3b6}Gw64;{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64;c:\windows\system32\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64.sys;c:\windows\SYSNATIVE\drivers\{9d5747ee-0448-4681-8337-1555de75a3b6}Gw64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys;c:\windows\SYSNATIVE\DRIVERS\cdrblock.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys;c:\windows\SYSNATIVE\DRIVERS\aksdf.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe;c:\windows\SYSNATIVE\hasplms.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 PDF Architect 2 Creator;PDF Architect 2 Creator;c:\program files (x86)\PDF Architect 2\creator-ws.exe;c:\program files (x86)\PDF Architect 2\creator-ws.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y62x64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-02-20 14:54        1084744        ----a-w-        c:\program files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-02-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 02:18]
.
2015-02-26 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2012-01-16 08:50]
.
2015-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 11:20]
.
2015-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-30 11:20]
.
2015-02-24 c:\windows\Tasks\MT66 Software Update.job
- c:\program files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2012-02-25 17:44]
.
2015-02-25 c:\windows\Tasks\System Speedupsch.job
- c:\program files (x86)\System Speedup\SystemSpeedup.exe [2014-06-15 16:22]
.
2015-02-24 c:\windows\Tasks\System Speedup_DEFAULT.job
- c:\program files (x86)\System Speedup\SystemSpeedup.exe [2014-06-15 16:22]
.
2015-02-25 c:\windows\Tasks\System Speedup_UPDATES.job
- c:\program files (x86)\System Speedup\SystemSpeedup.exe [2014-06-15 16:22]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2015-02-19 13:26        357376        ----a-w-        c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        185824        ----a-w-        c:\users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        185824        ----a-w-        c:\users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        185824        ----a-w-        c:\users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        185824        ----a-w-        c:\users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:19        137512        ----a-w-        c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 134416]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-01-30 1332296]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8d82658c-bf64-4670-95c2-87ac0d42a30e&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/04/2013&type=hp1000
IE: An vorhandene PDF-Datei anfügen
IE: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Auswahl in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Auswahl in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to DVD Converter
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: In vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Linkziel an vorhandene PDF-Datei anhängen
IE: Linkziel in Adobe PDF konvertieren
IE: Verknüpfungsziel in Adobe PDF konvertieren - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - c:\program files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\
FF - prefs.js: network.proxy.type - 2
FF - ExtSQL: !HIDDEN! 2012-05-25 00:58; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files (x86)\Searchqu Toolbar\Datamngr\FirefoxExtension
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
user_pref(extensions.autoDisableScopes,14);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{83c0e288-8fa0-43d3-acc7-c1e839d85abc} - c:\program files (x86)\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - (no file)
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Hardlock Gerätetreiber - c:\windows\system32\UNWISE.EXE
AddRemove-MyFreeCodec - c:\program files (x86)\MyFree Codec\1.0b beta\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.bmp"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.cr2"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.crw"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dcr"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dib"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.dng"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.emf"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-39457134-2311114567-1202830544-1000)
"Progid"="ACDSee 14.eps"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.erf"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.fpx"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.gif"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.hdr"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jfif"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpe"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-39457134-2311114567-1202830544-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.jpeg"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-39457134-2311114567-1202830544-1000)
"Progid"="ACDSee 14.jpg"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.kdc"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.mpv"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.mrw"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.nef"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.orf"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pcd"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.pef"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.png"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-39457134-2311114567-1202830544-1000)
@Denied: (2) (LocalSystem)
"Progid"="Photoshop.Image.9"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.raf"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.rle"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.smi"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.smil"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.sr2"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.srf"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tga"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tif"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.tiff"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttc"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee 14.ttf"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-39457134-2311114567-1202830544-1000)
@Denied: (2) (LocalSystem)
"Progid"="Applications\\Illustrator.exe"
.
[HKEY_USERS\S-1-5-21-39457134-2311114567-1202830544-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\hasplms.exe
c:\program files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-02-26  11:30:18 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-02-26 10:30
.
Vor Suchlauf: 23 Verzeichnis(se), 131.307.466.752 Bytes frei
Nach Suchlauf: 31 Verzeichnis(se), 139.139.248.128 Bytes frei
.
- - End Of File - - 28344B1C03D3D63EF771838D754D98CB
A36C5E4F47E84449FF07ED3517B43A31

schrauber 26.02.2015 18:04
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

ulfilas-bs 27.02.2015 00:34
MBAM ist jetzt durchgelaufen. Protokoll folgt weiter unten.

Beim Neustart machte der Rechner erhebliche Probleme. Beim ersten Versuch erhielt ich nur einen leeren (grüner Hintergrund) Bildschirm, beim zweiten Versuch dauerte es ca. 23 Minuten, bis sich meine Desktopsymbole zeigten.

Der Computer ist jetzt sehr langsam. Internetseiten tun sich auch nur äußerst langsam auf.

Ich fahre jetzt mit AdwCleaner fort.

Hier das MBAM-Protokoll:

HTML-Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Scan, 27.02.2015 00:10:47, SYSTEM, ULFILAS-PC2, Manual, Start: % 1 "% 2", Dauer: % 1 min 20 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, 189-Malwareerkennung,
Protection, 27.02.2015 00:14:16, SYSTEM, ULFILAS-PC2, Protection, Malware Protection, Starting,
Protection, 27.02.2015 00:14:16, SYSTEM, ULFILAS-PC2, Protection, Malware Protection, Started,
Protection, 27.02.2015 00:14:17, SYSTEM, ULFILAS-PC2, Protection, Malicious Website Protection, Starting,
Protection, 27.02.2015 00:17:00, SYSTEM, ULFILAS-PC2, Protection, Malware Protection, Starting,
Protection, 27.02.2015 00:17:00, SYSTEM, ULFILAS-PC2, Protection, Malware Protection, Started,
Protection, 27.02.2015 00:17:00, SYSTEM, ULFILAS-PC2, Protection, Malicious Website Protection, Starting,
Protection, 27.02.2015 00:18:41, SYSTEM, ULFILAS-PC2, Protection, Malicious Website Protection, Started,

(end)

Hier die Log-Datei von AdwCleaner:AdwCleaner Logfile:
Code:
# AdwCleaner v4.111 - Bericht erstellt 27/02/2015 um 00:41:18
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-02-18.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : ulfilas - ULFILAS-PC2
# Gestarted von : C:\Users\ulfilas\Downloads\AdwCleaner_4.111.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\Viewpoint
Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
Ordner Gelöscht : C:\Program Files (x86)\Systweak
Ordner Gelöscht : C:\Program Files (x86)\Viewpoint
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Plasmoo
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\ulfilas\AppData\Local\b1e
Ordner Gelöscht : C:\Users\ulfilas\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\ulfilas\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\ulfilas\AppData\Local\pdfforge
Ordner Gelöscht : C:\Users\ulfilas\AppData\Roaming\GrabPro
Ordner Gelöscht : C:\Users\ulfilas\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\ulfilas\AppData\Roaming\System Speedup
Ordner Gelöscht : C:\Users\ulfilas\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\ulfilas\AppData\Roaming\RHEng
Ordner Gelöscht : C:\Users\ulfilas\AppData\Roaming\ProgSense
Ordner Gelöscht : C:\Users\ulfilas\Documents\Updater
Ordner Gelöscht : C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Ordner Gelöscht : C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\invalidprefs.js
Datei Gelöscht : C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\searchplugins\BrowserDefender.xml
Datei Gelöscht : C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\user.js
Datei Gelöscht : C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oldielyrics.com_0.localstorage
Datei Gelöscht : C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oldielyrics.com_0.localstorage-journal
Datei Gelöscht : C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelöscht : C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage
Datei Gelöscht : C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
Datei Gelöscht : C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

***** [ Geplante Tasks ] *****

Task Gelöscht : Advanced System Protector
Task Gelöscht : BitGuard

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Schlüssel Gelöscht : HKCU\Software\e08b8de53bba46
Schlüssel Gelöscht : HKLM\SOFTWARE\e08b8de53bba46
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0C58B7D1-D415-492B-A149-E976156BD3B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\07011D6973D74D4683BA58A6A4934816
Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\System Speedup
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\ProgSense
Schlüssel Gelöscht : HKLM\SOFTWARE\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\MetaStream
Schlüssel Gelöscht : HKLM\SOFTWARE\System Speedup
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Viewpoint
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C5927BD-3F65-4207-8FB5-8EDF638A3511}_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;127.0.0.1:9421;<local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17631

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Before]

-\\ Mozilla Firefox v27.0 (de)

[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.Visibility", false);
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.firstlaunch", "0");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.guid", "%7B643147D2-ED94-A6A1-E051-C5D2474F85EF%7D");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.hiddenvisual", 0);
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar1", "%15%11");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar10", "%13");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar2", "%10%13%17%1B%13%12%13%14%17");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar3", "%13");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar4", "%13");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar5", "%13");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar6", "%13");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar7", "%13");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar8", "%13");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.SVar9", "%13");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var1", "62");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var10", "0");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var2", "304801074");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var3", "0");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var4", "0");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var5", "0");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var6", "0");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var7", "0");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var8", "0");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic.variables.Var9", "0");
[dz9z9wt9.default\prefs.js] - Zeile Gelöscht : user_pref("id_chatzum_softonic_installed_version", "1.0.20");

-\\ Google Chrome v40.0.2214.115

[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=e6eda7f7000000000000002511a156c2
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_sps&mntrId=E6ED582C80139263&affID=119357&tt=250613_gr4&tsp=4924
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_sps&mntrId=E6ED582C80139263&affID=119357&tt=250613_gr4&tsp=4924
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8d82658c-bf64-4670-95c2-87ac0d42a30e&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/04/2013&type=hp1000
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8d82658c-bf64-4670-95c2-87ac0d42a30e&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/04/2013&type=hp1000
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=8d82658c-bf64-4670-95c2-87ac0d42a30e&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=05/04/2013&type=hp1000
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP7FECF2A3-617E-4846-A470-20BE4BB563AC&q={searchTerms}&SSPV=
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E6ED002511A156C2&affID=127685&tsp=5206
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11412&l=dis&pf=V7&p2=%5EBBK%5EOSJ000%5EYY%5EDE&gct=&itbv=12.12.2.83&doi=2014-06-27&apn_uid=F5CBA5DE-64BB-4CD2-BE5C-A4B9165F4193&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=cr_35.0.1916.153&psv=&pt=tb&trgb=CR&q={searchTerms}
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11412&l=dis&pf=V7&p2=%5EBBK%5EOSJ000%5EYY%5EDE&gct=&itbv=12.12.2.83&doi=2014-06-27&apn_uid=F5CBA5DE-64BB-4CD2-BE5C-A4B9165F4193&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=cr_35.0.1916.153&psv=&pt=tb&trgb=CR&q={searchTerms}
[C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}

*************************

AdwCleaner[R0].txt - [22536 Bytes] - [27/02/2015 00:39:00]
AdwCleaner[S0].txt - [21979 Bytes] - [27/02/2015 00:41:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22039  Bytes] ##########
--- --- ---


Hier die von JRT:JRT Logfile:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by ulfilas on 27.02.2015 at  0:55:09,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update sizlsearch
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\util sizlsearch



~~~ Files

Successfully deleted: [File] "C:\Users\ulfilas\appdata\local\google\chrome\user data\default\local storage\http_static.boostsaves.com_0.localstorage"
Successfully deleted: [File] "C:\Users\ulfilas\appdata\local\google\chrome\user data\default\local storage\http_static.boostsaves.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\ulfilas\appdata\local\google\chrome\user data\default\local storage\https_static.boostsaves.com_0.localstorage"
Successfully deleted: [File] "C:\Users\ulfilas\appdata\local\google\chrome\user data\default\local storage\https_static.boostsaves.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ FireFox

Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"
Failed to delete: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433}"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.02.2015 at  1:01:11,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---




Hier FRST:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-02-2015 01
Ran by ulfilas (administrator) on ULFILAS-PC2 on 27-02-2015 01:04:52
Running from C:\Users\ulfilas\Downloads
Loaded Profiles: ulfilas (Available profiles: ulfilas & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1294882704\ee\aolsoftware.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Dropbox, Inc.) C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
(Thisisu) C:\Users\ulfilas\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [134416 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1294882704\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Soft32 Updater.exe] => C:\Users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe [163640 2011-10-19] (I.T.N.T.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [42320 2012-01-31] (AOL Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {B4977DFF-8AE5-44DC-8A42-C62F56960AA9} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default
FF SearchEngineOrder.3: Bing
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: ProxTube - Unblock YouTube - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\ich@maltegoetz.de [2014-02-07]
FF Extension: Viewtubes - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-04-20]
FF Extension: YouTube quality manager - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\youtubequality@rzll.xpi [2012-04-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-20]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2012-11-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-31]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-07]
FF Extension: No Name - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83} [Not Found]

Chrome:
=======
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-11-01]
CHR Extension: (Google Docs) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-01]
CHR Extension: (Google Drive) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-01]
CHR Extension: (Adblock Plus) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-22]
CHR Extension: (Google Search) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-07-01]
CHR Extension: (Google Wallet) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-01]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-28] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992048 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.)
S1 FNETURPX; C:\Windows\SysWOW64\drivers\FNETURPX.SYS [7040 2013-01-26] (FNet Co., Ltd.) [File not signed]
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-04-05] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-02-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 USA19H; C:\Windows\System32\DRIVERS\USA19Hx64.sys [740096 2007-10-30] (Keyspan)
S3 USA19HP; C:\Windows\System32\DRIVERS\USA19Hx64p.SYS [35840 2007-10-23] (Keyspan)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 okorkylq; \??\C:\Windows\system32\drivers\okorkylq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-27 01:04 - 2015-02-27 01:04 - 00000000 ____D () C:\Users\ulfilas\Downloads\FRST-OlderVersion
2015-02-27 01:01 - 2015-02-27 01:01 - 00001825 _____ () C:\Users\ulfilas\Desktop\JRT.txt
2015-02-27 00:54 - 2015-02-27 00:54 - 01388274 _____ (Thisisu) C:\Users\ulfilas\Downloads\JRT.exe
2015-02-27 00:35 - 2015-02-27 00:52 - 00000000 ____D () C:\AdwCleaner
2015-02-27 00:34 - 2015-02-27 00:34 - 02126848 _____ () C:\Users\ulfilas\Downloads\AdwCleaner_4.111.exe
2015-02-27 00:09 - 2015-02-27 00:24 - 00000955 _____ () C:\Users\ulfilas\Desktop\mbam.txt
2015-02-26 23:34 - 2015-02-27 00:45 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-26 23:34 - 2015-02-26 23:34 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-26 23:34 - 2015-02-26 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-26 23:29 - 2015-02-26 23:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ulfilas\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-26 23:29 - 2015-02-26 23:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ulfilas\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-02-26 11:30 - 2015-02-26 11:30 - 00039775 _____ () C:\ComboFix.txt
2015-02-25 12:35 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 12:35 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 20:30 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-24 20:30 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-24 20:30 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-24 18:48 - 2015-02-26 11:30 - 00000000 ____D () C:\Qoobox
2015-02-24 18:47 - 2015-02-26 11:28 - 00000000 ____D () C:\Windows\erdnt
2015-02-24 18:47 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (2).exe
2015-02-24 18:46 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (1).exe
2015-02-24 18:46 - 2015-02-24 18:46 - 05611903 ____R (Swearware) C:\Users\ulfilas\Downloads\ComboFix.exe
2015-02-24 09:45 - 2015-02-24 09:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ulfilas\Downloads\revosetup95.exe
2015-02-24 09:45 - 2015-02-24 09:45 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 01:28 - 2015-02-24 01:28 - 00000000 ____D () C:\Users\ulfilas\Desktop\VueScan Scans
2015-02-24 00:28 - 2015-02-25 14:12 - 00000000 ____D () C:\Users\ulfilas\Desktop\Anzeige Disco
2015-02-23 18:19 - 2015-02-23 18:20 - 00050197 _____ () C:\Users\ulfilas\Downloads\Addition.txt
2015-02-23 18:16 - 2015-02-27 01:04 - 02087936 _____ (Farbar) C:\Users\ulfilas\Downloads\FRST64.exe
2015-02-23 18:16 - 2015-02-27 01:04 - 00027479 _____ () C:\Users\ulfilas\Downloads\FRST.txt
2015-02-23 18:16 - 2015-02-27 01:04 - 00000000 ____D () C:\FRST
2015-02-23 17:23 - 2015-02-23 17:24 - 00002721 _____ () C:\Users\ulfilas\Downloads\software_removal_tool.log
2015-02-22 23:28 - 2015-02-22 23:32 - 00000000 ____D () C:\Users\ulfilas\Desktop\201+7756-2010-07-23
2015-02-22 23:26 - 2015-02-22 23:26 - 00000000 ____D () C:\Users\ulfilas\Desktop\2007_02
2015-02-22 23:25 - 2015-02-22 23:25 - 00000000 ____D () C:\Users\ulfilas\Desktop\201_35_v_L_20111222_Schloss
2015-02-22 23:24 - 2015-02-22 23:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\bw201-1
2015-02-20 14:03 - 2015-02-20 14:03 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-20 14:00 - 2015-02-20 14:00 - 03533008 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter (1).exe
2015-02-20 13:59 - 2015-02-20 14:01 - 03312648 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter.exe
2015-02-16 20:18 - 2015-02-16 20:18 - 00000000 ____D () C:\Users\ulfilas\Desktop\DatenblattE12
2015-02-16 14:55 - 2015-02-19 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-12 20:00 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 20:00 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 17:01 - 2015-02-12 17:02 - 06372800 _____ (Tim Kosse) C:\Users\ulfilas\Downloads\FileZilla_3.10.1.1_win32-setup.exe
2015-02-12 00:03 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 00:03 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 00:03 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 00:03 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 00:03 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 00:03 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 00:03 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 00:03 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 00:03 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 00:03 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 00:03 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 00:03 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 00:03 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 00:03 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 00:03 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 00:03 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 00:03 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 00:03 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 00:03 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 00:02 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 00:02 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 00:02 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 00:02 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 00:02 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 00:02 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 00:02 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 00:02 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 00:02 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 00:02 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 00:02 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 00:02 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 00:02 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 00:02 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 00:02 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 00:02 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 00:02 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 00:02 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-12 00:01 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 00:01 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 00:01 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 00:01 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 00:01 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 00:01 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 01:23 - 2015-02-11 01:23 - 04752438 _____ () C:\Users\ulfilas\Downloads\mt31345,1236865807,HK_uebersicht.bmp
2015-02-10 21:00 - 2015-02-10 21:02 - 00000000 ____D () C:\Users\ulfilas\Desktop\2015-02-1013.53.18
2015-02-10 14:29 - 2015-02-10 14:29 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller (1).exe
2015-02-09 00:45 - 2015-02-09 00:49 - 00000128 ____H () C:\ProgramData\V93GE
2015-02-09 00:45 - 2015-02-09 00:45 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\LaserSoft Imaging
2015-02-09 00:30 - 2015-02-09 00:30 - 17070168 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Documentation_de.exe
2015-02-09 00:26 - 2015-02-09 00:30 - 427688568 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Movies_de.exe
2015-02-09 00:26 - 2015-02-09 00:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\Program Files\SilverFast Application
2015-02-09 00:23 - 2015-02-09 00:24 - 45434944 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF-8.2.0r3(Nikon)_x64.exe
2015-02-04 03:05 - 2015-02-04 03:05 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2015-02-04 03:05 - 2015-02-04 03:05 - 00000000 ____D () C:\Program Files\VueScan
2015-02-04 03:04 - 2015-02-04 03:04 - 17367649 _____ () C:\Users\ulfilas\Downloads\Vuescan_9.4.60.zip
2015-02-04 03:04 - 2015-02-04 03:04 - 00000000 ____D () C:\Users\ulfilas\Downloads\Vuescan_9.4.60
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Scan 4
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\Program Files (x86)\Nikon
2015-02-04 01:48 - 2015-02-04 01:48 - 00003152 _____ () C:\Windows\System32\Tasks\{6726E861-BE61-476F-A0A6-B34BBB729385}
2015-02-04 01:45 - 2015-02-04 01:45 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (2).exe
2015-02-04 01:20 - 2015-02-04 01:20 - 00000000 ____D () C:\ProgramData\Nikon
2015-02-04 00:38 - 2015-02-04 00:38 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (1).exe
2015-02-04 00:37 - 2015-02-04 02:45 - 00000000 ____D () C:\Users\ulfilas\Desktop\Treiber Nikon Coolscan 5000 ED
2015-02-03 09:47 - 2002-12-04 19:54 - 00006545 _____ (Nikon Corporation) C:\Windows\SysWOW64\NKScnUSD.dll
2015-02-03 09:46 - 2015-02-03 09:46 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de.exe
2015-02-01 23:43 - 2015-02-01 23:43 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Nikon
2015-02-01 23:37 - 2015-02-04 02:01 - 00000000 ____D () C:\Windows\SysWOW64\Color
2015-02-01 23:37 - 2002-01-05 21:10 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2015-02-01 23:37 - 1997-01-30 20:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2015-02-01 23:37 - 1997-01-22 06:26 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP50.DLL
2015-02-01 23:37 - 1996-03-28 00:13 - 00010656 _____ (Nikon Inc.) C:\Windows\SysWOW64\NKNSCN95.DLL
2015-02-01 23:35 - 2015-02-01 23:35 - 00003046 _____ () C:\Windows\System32\Tasks\{DF64A0B2-4826-4E01-8091-D3A91ED4E841}
2015-01-30 02:23 - 2015-01-30 02:24 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-27 00:54 - 2010-12-30 02:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-27 00:52 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-27 00:52 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-27 00:50 - 2009-09-08 23:47 - 00704324 _____ () C:\Windows\system32\perfh007.dat
2015-02-27 00:50 - 2009-09-08 23:47 - 00152162 _____ () C:\Windows\system32\perfc007.dat
2015-02-27 00:50 - 2009-07-14 06:13 - 01634576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-27 00:49 - 2009-11-13 03:01 - 01069172 _____ () C:\Windows\WindowsUpdate.log
2015-02-27 00:44 - 2013-11-19 17:41 - 00000000 ___RD () C:\Users\ulfilas\Dropbox
2015-02-27 00:44 - 2013-11-19 17:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Dropbox
2015-02-27 00:43 - 2014-05-08 23:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa.job
2015-02-27 00:43 - 2012-12-03 13:31 - 00000000 ____D () C:\Users\ulfilas\Desktop\Verknüpfungen
2015-02-27 00:43 - 2012-01-16 13:11 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2015-02-27 00:43 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-27 00:42 - 2009-11-13 03:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-27 00:42 - 2009-09-03 10:10 - 01470946 _____ () C:\Windows\PFRO.log
2015-02-27 00:42 - 2009-07-14 05:51 - 00169796 _____ () C:\Windows\setupact.log
2015-02-27 00:21 - 2011-06-20 14:24 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{40457202-43A6-48A0-B73A-FD3D606DDC7E}
2015-02-27 00:19 - 2012-08-15 11:24 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Skype
2015-02-27 00:18 - 2012-05-05 15:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-27 00:10 - 2009-09-03 10:04 - 00000000 ____D () C:\Windows\oem
2015-02-26 21:03 - 2012-02-25 21:03 - 00000318 _____ () C:\Windows\Tasks\MT66 Software Update.job
2015-02-26 11:30 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-26 11:22 - 2009-07-14 03:34 - 00000248 _____ () C:\Windows\system.ini
2015-02-26 10:49 - 2009-12-24 14:37 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Adobe
2015-02-25 14:12 - 2010-04-02 14:09 - 06345216 ___SH () C:\Users\ulfilas\Desktop\Thumbs.db
2015-02-25 03:18 - 2014-07-01 09:16 - 00000280 _____ () C:\Windows\Tasks\System Speedupsch.job
2015-02-24 22:26 - 2014-12-04 22:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Beschriftung Bw 77
2015-02-24 18:57 - 2011-04-09 02:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\FileZilla
2015-02-23 18:49 - 2009-12-24 14:15 - 00114536 _____ () C:\Users\ulfilas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-23 18:49 - 2009-07-14 05:45 - 05037800 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files\Google
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-23 16:14 - 2009-09-03 09:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-23 16:14 - 2009-07-14 03:34 - 00000489 _____ () C:\Windows\win.ini
2015-02-23 15:45 - 2009-07-14 08:45 - 00000000 ____D () C:\Windows\ShellNew
2015-02-23 15:44 - 2009-12-24 15:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Google
2015-02-23 15:44 - 2009-09-03 10:07 - 00000000 ____D () C:\ProgramData\Google
2015-02-20 14:04 - 2011-05-08 13:47 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-20 10:35 - 2014-02-07 01:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-18 14:42 - 2013-04-30 12:11 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\MyPhoneExplorer
2015-02-13 08:30 - 2012-09-27 11:14 - 00000000 ____D () C:\Windows\rescache
2015-02-13 02:59 - 2013-11-19 17:27 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 12:35 - 2013-10-06 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON PhotoQuicker
2015-02-12 12:35 - 2011-06-23 20:06 - 00000000 ____D () C:\Program Files (x86)\EPSON
2015-02-12 12:35 - 2009-09-03 09:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-12 12:30 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-12 12:22 - 2012-07-23 18:41 - 00000000 ____D () C:\ProgramData\DatacardService
2015-02-12 12:15 - 2012-04-20 18:55 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Mozilla
2015-02-12 11:38 - 2013-12-22 14:08 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-12 03:11 - 2013-08-19 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:11 - 2012-10-18 18:11 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 03:11 - 2012-10-18 18:11 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-12 03:03 - 2010-01-09 03:02 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 17:23 - 2014-08-14 08:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 17:23 - 2013-12-22 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-09 00:26 - 2012-02-27 14:39 - 00030042 _____ () C:\Windows\DPINST.LOG
2015-02-09 00:00 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-05 05:49 - 2014-06-21 10:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa
2015-02-05 05:49 - 2010-12-30 02:43 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 03:18 - 2012-05-05 15:11 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 03:18 - 2012-05-05 15:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 03:18 - 2012-02-21 01:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 19:52 - 2011-06-07 02:12 - 00038400 ___SH () C:\Users\ulfilas\Documents\Thumbs.db
2015-02-04 19:49 - 2013-08-28 23:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Schriftverkehr

==================== Files in the root of some directories =======

2013-07-28 00:16 - 2014-07-23 00:21 - 0000149 _____ () C:\Users\ulfilas\AppData\Roaming\WB.CFG
2013-12-31 01:17 - 2014-01-03 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-28 09:16 - 2014-01-29 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-TTL.DAT
2011-06-27 22:15 - 2013-03-27 10:49 - 0003204 _____ () C:\Users\ulfilas\AppData\Roaming\wklnhst.dat
2012-03-08 18:46 - 2012-03-10 01:37 - 0001456 _____ () C:\Users\ulfilas\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2011-02-10 21:41 - 2014-12-12 14:35 - 0030720 _____ () C:\Users\ulfilas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-11 12:39 - 2010-02-11 12:40 - 0001643 _____ () C:\Users\ulfilas\AppData\Local\MyWinLockerInstaller.txt-20100211.log
2011-06-10 12:54 - 2012-04-27 14:02 - 0007658 _____ () C:\Users\ulfilas\AppData\Local\Resmon.ResmonCfg
2009-11-13 03:07 - 2009-11-13 03:10 - 0008031 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-09-03 09:44 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-02-09 00:45 - 2015-02-09 00:49 - 0000128 ____H () C:\ProgramData\V93GE

Some content of TEMP:
====================
C:\Users\ulfilas\AppData\Local\Temp\avgnt.exe
C:\Users\ulfilas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpercqqd.dll
C:\Users\ulfilas\AppData\Local\Temp\Quarantine.exe
C:\Users\ulfilas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 13:05

==================== End Of Log ============================
--- --- ---

--- --- ---



Vielleicht bin ich ja zu voreilig, aber ich möchte dich trotzdem darüber informieren, daß sich an den Werbeeinblendungen bei mir noch nicht geändert hat: Die Fenster poppen immer noch auf, Links funktionieren nicht richtig, sondern führen weiterhin zu dubiosen Seiten, die keiner sehen will, und Google Chrome ist sehr langsam.

Viele Grüße für heute

Wolfgang

schrauber 27.02.2015 15:17

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

ulfilas-bs 02.03.2015 13:34
Logfile ESET:

Code:

       
Code:

       
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3ade74a99987da4082e68375e1e509b1
# engine=22704
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-01 11:51:16
# local_time=2015-03-02 12:51:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1550374 96547498 0 0
# scanned=5091
# found=2
# cleaned=0
# scan_time=109
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=8BFB7B00E3A4E6BD83CEDD7A98459190270ECC71 ft=1 fh=6fe2e7156dcadca6 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3ade74a99987da4082e68375e1e509b1
# engine=22704
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-02 03:43:55
# local_time=2015-03-02 04:43:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1564333 96561457 0 0
# scanned=540022
# found=22
# cleaned=0
# scan_time=13642
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=8BFB7B00E3A4E6BD83CEDD7A98459190270ECC71 ft=1 fh=6fe2e7156dcadca6 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=6EDA4285A495C1A690CDD9A93BD440DCB275C970 ft=1 fh=6cd9e736b83741ee vn="Variante von Win32/InstallCore.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PDFCreator\message.exe"
sh=E993050FA3157F5CD308D48C4764DE785D11EF50 ft=0 fh=0000000000000000 vn="PHP/Agent.DD Trojaner" ac=I fn="C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\4cJi1NqS.php"
sh=2604195866F18197D1D1F4589AD2CEC422F6AED9 ft=0 fh=0000000000000000 vn="PHP/Agent.DD Trojaner" ac=I fn="C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\cCGtJRmK.php"
sh=9EBB34EB30CD7EC3901BA1477B12767235F1F9C9 ft=0 fh=0000000000000000 vn="PHP/Agent.DD Trojaner" ac=I fn="C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\count.php"
sh=2AB20B5FB718DC8D006F0F8A11C250FA44EED984 ft=1 fh=17b2900a6c3a46de vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ulfilas\Downloads\PDFCreator-2_0_1-setup.exe"
sh=129C160A9EFDC0DFA369F49A43B062CCAF0F2162 ft=1 fh=c0a8075e318a7835 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4]"
sh=E4333469F3070D049E4FDA053756B96B9F59569B ft=1 fh=5e9b3d881266bb41 vn="Win32/Distromatic evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4]"
sh=E4333469F3070D049E4FDA053756B96B9F59569B ft=1 fh=5e9b3d881266bb41 vn="Win32/Distromatic evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"


Ich muß allerdings dazusagen, daß der Ablauf des ESET Scans deutlich anders war als von AdminBot beschrieben.

Das Fenster "Bedrohungen erkannt" bzw. "Keine Bedrohungen gefunden" tat sich bei mir gar nicht auf. Insofern hatte ich den Button "Fertig stellen" auch nicht. Ich konnte Ende des Prozesses das letzte Info-Fenster nur wegklicken.

schrauber 02.03.2015 17:06
Den Rest von Oben bitte noch :)

ulfilas-bs 02.03.2015 17:56
Schön, daß du etwas geschrieben hast. Ich wollte nämlich vorhin meinen vorherigen Beitrag noch ändern, das ging aber nicht mehr, weil schon mehr als eine Stunde herum war.

Es hatte mir keine Ruhe gelassen, daß sich der Ablauf des ESET-Scanprogramms bei mir so ganz anders dargestellt hatte als von euch beschrieben.

Ich habe es daher noch einmal durchlaufen lassen, und diesmal entsprach auch alles der Beschreibung.

Hier nun zunächst der Inhalt des AKTUELLEN ESET-Logfiles:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3ade74a99987da4082e68375e1e509b1
# engine=22704
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-01 11:51:16
# local_time=2015-03-02 12:51:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1550374 96547498 0 0
# scanned=5091
# found=2
# cleaned=0
# scan_time=109
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=8BFB7B00E3A4E6BD83CEDD7A98459190270ECC71 ft=1 fh=6fe2e7156dcadca6 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3ade74a99987da4082e68375e1e509b1
# engine=22704
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-02 03:43:55
# local_time=2015-03-02 04:43:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1564333 96561457 0 0
# scanned=540022
# found=22
# cleaned=0
# scan_time=13642
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=8BFB7B00E3A4E6BD83CEDD7A98459190270ECC71 ft=1 fh=6fe2e7156dcadca6 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=6EDA4285A495C1A690CDD9A93BD440DCB275C970 ft=1 fh=6cd9e736b83741ee vn="Variante von Win32/InstallCore.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\PDFCreator\message.exe"
sh=E993050FA3157F5CD308D48C4764DE785D11EF50 ft=0 fh=0000000000000000 vn="PHP/Agent.DD Trojaner" ac=I fn="C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\4cJi1NqS.php"
sh=2604195866F18197D1D1F4589AD2CEC422F6AED9 ft=0 fh=0000000000000000 vn="PHP/Agent.DD Trojaner" ac=I fn="C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\cCGtJRmK.php"
sh=9EBB34EB30CD7EC3901BA1477B12767235F1F9C9 ft=0 fh=0000000000000000 vn="PHP/Agent.DD Trojaner" ac=I fn="C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\count.php"
sh=2AB20B5FB718DC8D006F0F8A11C250FA44EED984 ft=1 fh=17b2900a6c3a46de vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ulfilas\Downloads\PDFCreator-2_0_1-setup.exe"
sh=129C160A9EFDC0DFA369F49A43B062CCAF0F2162 ft=1 fh=c0a8075e318a7835 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4]"
sh=E4333469F3070D049E4FDA053756B96B9F59569B ft=1 fh=5e9b3d881266bb41 vn="Win32/Distromatic evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4]"
sh=E4333469F3070D049E4FDA053756B96B9F59569B ft=1 fh=5e9b3d881266bb41 vn="Win32/Distromatic evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=3ade74a99987da4082e68375e1e509b1
# engine=22713
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-02 02:28:28
# local_time=2015-03-02 03:28:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 1599406 96600130 0 0
# scanned=90178
# found=2
# cleaned=0
# scan_time=5968
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=8BFB7B00E3A4E6BD83CEDD7A98459190270ECC71 ft=1 fh=6fe2e7156dcadca6 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
Ob der sich nun inhaltlich vom ersten Logfile unterscheidet, kann ich nicht beurteilen.

Ich hoffe, ich habe dir damit jetzt nicht auch noch doppelte Arbeit gemacht.

Die Deinstallation des ESET-Scanners habe ich durchgeführt.

SecurityCheck vermeldet dies:

Code:
Results of screen317's Security Check version 0.99.96 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop                 
Microsoft Security Essentials 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 TuneUp Utilities 2014 
 TuneUp Utilities 2014 (de-DE) 
 TuneUp Utilities 2014 
 EasyCleaner   
 Java 7 Update 71 
 Java version 32-bit out of Date!
  Java 64-bit 8 Update 31 
 Adobe Flash Player 16.0.0.305 
 Adobe Reader XI 
 Mozilla Firefox 27.0 Firefox out of Date! 
 Mozilla Thunderbird (31.4.0)
 Google Chrome (40.0.2214.111)
 Google Chrome (40.0.2214.115)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Malwarebytes Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

Aktuelles FRST-Log:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by ulfilas (administrator) on ULFILAS-PC2 on 02-03-2015 18:07:05
Running from C:\Users\ulfilas\Downloads
Loaded Profiles: ulfilas (Available profiles: ulfilas & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Dropbox, Inc.) C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1294882704\ee\aolsoftware.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\ulfilas\Downloads\SecurityCheck (1).exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [134416 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1294882704\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Soft32 Updater.exe] => C:\Users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe [163640 2011-10-19] (I.T.N.T.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [42320 2012-01-31] (AOL Inc.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {B4977DFF-8AE5-44DC-8A42-C62F56960AA9} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default
FF SearchEngineOrder.3: Bing
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: ProxTube - Unblock YouTube - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\ich@maltegoetz.de [2014-02-07]
FF Extension: Viewtubes - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-04-20]
FF Extension: YouTube quality manager - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\youtubequality@rzll.xpi [2012-04-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-20]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2012-11-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-31]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-07]
FF Extension: No Name - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\extensions\{ADFA33FD-16F5-4355-8504-DF4D664CFE83} [Not Found]

Chrome:
=======
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-11-01]
CHR Extension: (Google Docs) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-01]
CHR Extension: (Google Drive) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-01]
CHR Extension: (Adblock Plus) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-02-22]
CHR Extension: (Google Search) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-01]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-07-01]
CHR Extension: (Google Wallet) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-01]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-28] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992048 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.)
S1 FNETURPX; C:\Windows\SysWOW64\drivers\FNETURPX.SYS [7040 2013-01-26] (FNet Co., Ltd.) [File not signed]
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-04-05] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 USA19H; C:\Windows\System32\DRIVERS\USA19Hx64.sys [740096 2007-10-30] (Keyspan)
S3 USA19HP; C:\Windows\System32\DRIVERS\USA19Hx64p.SYS [35840 2007-10-23] (Keyspan)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 okorkylq; \??\C:\Windows\system32\drivers\okorkylq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-02 18:07 - 2015-03-02 18:07 - 00027842 _____ () C:\Users\ulfilas\Downloads\FRST.txt
2015-03-02 18:06 - 2015-03-02 18:06 - 00000000 ____D () C:\Users\ulfilas\Downloads\FRST-OlderVersion
2015-03-02 17:56 - 2015-03-02 17:56 - 00852594 _____ () C:\Users\ulfilas\Downloads\SecurityCheck (1).exe
2015-03-02 17:53 - 2015-03-02 17:53 - 00852594 _____ () C:\Users\ulfilas\Downloads\SecurityCheck.exe
2015-03-02 00:53 - 2015-03-02 00:53 - 02347384 _____ (ESET) C:\Users\ulfilas\Downloads\esetsmartinstaller_deu (2).exe
2015-03-02 00:52 - 2015-03-02 00:52 - 02347384 _____ (ESET) C:\Users\ulfilas\Downloads\esetsmartinstaller_deu (1).exe
2015-03-02 00:46 - 2015-03-02 00:46 - 02347384 _____ (ESET) C:\Users\ulfilas\Downloads\esetsmartinstaller_deu.exe
2015-03-01 23:56 - 2015-03-01 23:56 - 00000000 ____D () C:\Users\ulfilas\Desktop\DSCF0047
2015-02-27 01:44 - 2015-02-27 01:44 - 00000000 ____D () C:\Users\ulfilas\Documents\Updater
2015-02-27 00:54 - 2015-02-27 00:54 - 01388274 _____ (Thisisu) C:\Users\ulfilas\Downloads\JRT.exe
2015-02-27 00:35 - 2015-02-27 00:52 - 00000000 ____D () C:\AdwCleaner
2015-02-27 00:34 - 2015-02-27 00:34 - 02126848 _____ () C:\Users\ulfilas\Downloads\AdwCleaner_4.111.exe
2015-02-26 23:34 - 2015-03-02 16:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-26 23:34 - 2015-02-26 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-26 23:29 - 2015-02-26 23:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ulfilas\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-26 23:29 - 2015-02-26 23:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ulfilas\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-02-26 11:30 - 2015-02-26 11:30 - 00039775 _____ () C:\ComboFix.txt
2015-02-25 12:35 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 12:35 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 20:30 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-24 20:30 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-24 20:30 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-24 18:48 - 2015-02-26 11:30 - 00000000 ____D () C:\Qoobox
2015-02-24 18:47 - 2015-02-26 11:28 - 00000000 ____D () C:\Windows\erdnt
2015-02-24 18:47 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (2).exe
2015-02-24 18:46 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (1).exe
2015-02-24 18:46 - 2015-02-24 18:46 - 05611903 ____R (Swearware) C:\Users\ulfilas\Downloads\ComboFix.exe
2015-02-24 09:45 - 2015-02-24 09:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ulfilas\Downloads\revosetup95.exe
2015-02-24 09:45 - 2015-02-24 09:45 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 01:28 - 2015-02-24 01:28 - 00000000 ____D () C:\Users\ulfilas\Desktop\VueScan Scans
2015-02-24 00:28 - 2015-02-25 14:12 - 00000000 ____D () C:\Users\ulfilas\Desktop\Anzeige Disco
2015-02-23 18:19 - 2015-02-23 18:20 - 00050197 _____ () C:\Users\ulfilas\Downloads\Addition.txt
2015-02-23 18:16 - 2015-03-02 18:07 - 00000000 ____D () C:\FRST
2015-02-23 18:16 - 2015-03-02 18:06 - 02092544 _____ (Farbar) C:\Users\ulfilas\Downloads\FRST64.exe
2015-02-23 17:23 - 2015-02-23 17:24 - 00002721 _____ () C:\Users\ulfilas\Downloads\software_removal_tool.log
2015-02-22 23:28 - 2015-02-22 23:32 - 00000000 ____D () C:\Users\ulfilas\Desktop\201+7756-2010-07-23
2015-02-22 23:26 - 2015-02-22 23:26 - 00000000 ____D () C:\Users\ulfilas\Desktop\2007_02
2015-02-22 23:25 - 2015-02-22 23:25 - 00000000 ____D () C:\Users\ulfilas\Desktop\201_35_v_L_20111222_Schloss
2015-02-22 23:24 - 2015-02-22 23:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\bw201-1
2015-02-20 14:03 - 2015-02-20 14:03 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-20 14:00 - 2015-02-20 14:00 - 03533008 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter (1).exe
2015-02-20 13:59 - 2015-02-20 14:01 - 03312648 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter.exe
2015-02-16 20:18 - 2015-02-27 12:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\DatenblattE12
2015-02-16 14:55 - 2015-02-19 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-12 20:00 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 20:00 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 17:01 - 2015-02-12 17:02 - 06372800 _____ (Tim Kosse) C:\Users\ulfilas\Downloads\FileZilla_3.10.1.1_win32-setup.exe
2015-02-12 00:03 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 00:03 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 00:03 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 00:03 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 00:03 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 00:03 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 00:03 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 00:03 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 00:03 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 00:03 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 00:03 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 00:03 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 00:03 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 00:03 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 00:03 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 00:03 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 00:03 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 00:03 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 00:03 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 00:02 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 00:02 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 00:02 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 00:02 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 00:02 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 00:02 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 00:02 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 00:02 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 00:02 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 00:02 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 00:02 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 00:02 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 00:02 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 00:02 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 00:02 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 00:02 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 00:02 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 00:02 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-12 00:01 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 00:01 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 00:01 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 00:01 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 00:01 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 00:01 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 01:23 - 2015-02-11 01:23 - 04752438 _____ () C:\Users\ulfilas\Downloads\mt31345,1236865807,HK_uebersicht.bmp
2015-02-10 21:00 - 2015-02-10 21:02 - 00000000 ____D () C:\Users\ulfilas\Desktop\2015-02-1013.53.18
2015-02-10 14:29 - 2015-02-10 14:29 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller (1).exe
2015-02-09 00:45 - 2015-02-09 00:49 - 00000128 ____H () C:\ProgramData\V93GE
2015-02-09 00:45 - 2015-02-09 00:45 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\LaserSoft Imaging
2015-02-09 00:30 - 2015-02-09 00:30 - 17070168 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Documentation_de.exe
2015-02-09 00:26 - 2015-02-09 00:30 - 427688568 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Movies_de.exe
2015-02-09 00:26 - 2015-02-09 00:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\Program Files\SilverFast Application
2015-02-09 00:23 - 2015-02-09 00:24 - 45434944 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF-8.2.0r3(Nikon)_x64.exe
2015-02-04 03:05 - 2015-02-04 03:05 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2015-02-04 03:05 - 2015-02-04 03:05 - 00000000 ____D () C:\Program Files\VueScan
2015-02-04 03:04 - 2015-02-04 03:04 - 17367649 _____ () C:\Users\ulfilas\Downloads\Vuescan_9.4.60.zip
2015-02-04 03:04 - 2015-02-04 03:04 - 00000000 ____D () C:\Users\ulfilas\Downloads\Vuescan_9.4.60
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Scan 4
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\Program Files (x86)\Nikon
2015-02-04 01:48 - 2015-02-04 01:48 - 00003152 _____ () C:\Windows\System32\Tasks\{6726E861-BE61-476F-A0A6-B34BBB729385}
2015-02-04 01:45 - 2015-02-04 01:45 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (2).exe
2015-02-04 01:20 - 2015-02-04 01:20 - 00000000 ____D () C:\ProgramData\Nikon
2015-02-04 00:38 - 2015-02-04 00:38 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (1).exe
2015-02-04 00:37 - 2015-02-04 02:45 - 00000000 ____D () C:\Users\ulfilas\Desktop\Treiber Nikon Coolscan 5000 ED
2015-02-03 09:47 - 2002-12-04 19:54 - 00006545 _____ (Nikon Corporation) C:\Windows\SysWOW64\NKScnUSD.dll
2015-02-03 09:46 - 2015-02-03 09:46 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de.exe
2015-02-01 23:43 - 2015-02-01 23:43 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Nikon
2015-02-01 23:37 - 2015-02-04 02:01 - 00000000 ____D () C:\Windows\SysWOW64\Color
2015-02-01 23:37 - 2002-01-05 21:10 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2015-02-01 23:37 - 1997-01-30 20:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2015-02-01 23:37 - 1997-01-22 06:26 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP50.DLL
2015-02-01 23:37 - 1996-03-28 00:13 - 00010656 _____ (Nikon Inc.) C:\Windows\SysWOW64\NKNSCN95.DLL
2015-02-01 23:35 - 2015-02-01 23:35 - 00003046 _____ () C:\Windows\System32\Tasks\{DF64A0B2-4826-4E01-8091-D3A91ED4E841}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-02 18:02 - 2009-11-13 03:01 - 01229737 _____ () C:\Windows\WindowsUpdate.log
2015-03-02 18:01 - 2009-09-08 23:47 - 00704324 _____ () C:\Windows\system32\perfh007.dat
2015-03-02 18:01 - 2009-09-08 23:47 - 00152162 _____ () C:\Windows\system32\perfc007.dat
2015-03-02 18:01 - 2009-07-14 06:13 - 01634576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-02 17:54 - 2010-12-30 02:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-02 17:18 - 2012-05-05 15:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-02 13:43 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-02 13:43 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-02 13:37 - 2014-05-08 23:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa.job
2015-03-02 13:37 - 2013-11-19 17:41 - 00000000 ___RD () C:\Users\ulfilas\Dropbox
2015-03-02 13:37 - 2013-11-19 17:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Dropbox
2015-03-02 13:37 - 2012-01-16 13:11 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2015-03-02 13:33 - 2009-11-13 03:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-02 13:33 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-02 13:33 - 2009-07-14 05:51 - 00170020 _____ () C:\Windows\setupact.log
2015-03-02 13:32 - 2009-09-03 10:10 - 01472590 _____ () C:\Windows\PFRO.log
2015-03-02 13:32 - 2009-07-14 04:20 - 00000000 __RSD () C:\Windows\Media
2015-03-02 03:16 - 2014-07-01 09:16 - 00000280 _____ () C:\Windows\Tasks\System Speedupsch.job
2015-03-02 02:00 - 2009-12-24 14:37 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Adobe
2015-03-02 01:02 - 2011-06-20 14:24 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{40457202-43A6-48A0-B73A-FD3D606DDC7E}
2015-02-27 12:24 - 2010-04-02 14:09 - 06384640 ___SH () C:\Users\ulfilas\Desktop\Thumbs.db
2015-02-27 12:22 - 2012-02-11 23:34 - 00006233 _____ () C:\Users\ulfilas\Sti_Trace.log
2015-02-27 10:44 - 2012-12-03 13:31 - 00000000 ____D () C:\Users\ulfilas\Desktop\Verknüpfungen
2015-02-27 00:19 - 2012-08-15 11:24 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Skype
2015-02-27 00:13 - 2009-09-03 10:04 - 00000000 ____D () C:\Windows\oem
2015-02-26 21:03 - 2012-02-25 21:03 - 00000318 _____ () C:\Windows\Tasks\MT66 Software Update.job
2015-02-26 11:30 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-26 11:22 - 2009-07-14 03:34 - 00000248 _____ () C:\Windows\system.ini
2015-02-24 22:26 - 2014-12-04 22:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Beschriftung Bw 77
2015-02-24 18:57 - 2011-04-09 02:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\FileZilla
2015-02-23 18:49 - 2009-12-24 14:15 - 00114536 _____ () C:\Users\ulfilas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-23 18:49 - 2009-07-14 05:45 - 05037800 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files\Google
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-23 16:14 - 2009-09-03 09:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-23 16:14 - 2009-07-14 03:34 - 00000489 _____ () C:\Windows\win.ini
2015-02-23 15:45 - 2009-07-14 08:45 - 00000000 ____D () C:\Windows\ShellNew
2015-02-23 15:44 - 2009-12-24 15:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Google
2015-02-23 15:44 - 2009-09-03 10:07 - 00000000 ____D () C:\ProgramData\Google
2015-02-20 14:04 - 2011-05-08 13:47 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-20 10:35 - 2014-02-07 01:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-18 14:42 - 2013-04-30 12:11 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\MyPhoneExplorer
2015-02-13 08:30 - 2012-09-27 11:14 - 00000000 ____D () C:\Windows\rescache
2015-02-13 02:59 - 2013-11-19 17:27 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 12:35 - 2013-10-06 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON PhotoQuicker
2015-02-12 12:35 - 2011-06-23 20:06 - 00000000 ____D () C:\Program Files (x86)\EPSON
2015-02-12 12:35 - 2009-09-03 09:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-12 12:30 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-12 12:22 - 2012-07-23 18:41 - 00000000 ____D () C:\ProgramData\DatacardService
2015-02-12 12:15 - 2012-04-20 18:55 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Mozilla
2015-02-12 11:38 - 2013-12-22 14:08 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-12 03:11 - 2013-08-19 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:11 - 2012-10-18 18:11 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 03:11 - 2012-10-18 18:11 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-12 03:03 - 2010-01-09 03:02 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 17:23 - 2014-08-14 08:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 17:23 - 2013-12-22 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-09 00:26 - 2012-02-27 14:39 - 00030042 _____ () C:\Windows\DPINST.LOG
2015-02-09 00:00 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-05 05:49 - 2014-06-21 10:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa
2015-02-05 05:49 - 2010-12-30 02:43 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 03:18 - 2012-05-05 15:11 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 03:18 - 2012-05-05 15:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 03:18 - 2012-02-21 01:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 19:52 - 2011-06-07 02:12 - 00038400 ___SH () C:\Users\ulfilas\Documents\Thumbs.db
2015-02-04 19:49 - 2013-08-28 23:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Schriftverkehr

==================== Files in the root of some directories =======

2013-07-28 00:16 - 2014-07-23 00:21 - 0000149 _____ () C:\Users\ulfilas\AppData\Roaming\WB.CFG
2013-12-31 01:17 - 2014-01-03 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-28 09:16 - 2014-01-29 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-TTL.DAT
2011-06-27 22:15 - 2013-03-27 10:49 - 0003204 _____ () C:\Users\ulfilas\AppData\Roaming\wklnhst.dat
2012-03-08 18:46 - 2012-03-10 01:37 - 0001456 _____ () C:\Users\ulfilas\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2011-02-10 21:41 - 2014-12-12 14:35 - 0030720 _____ () C:\Users\ulfilas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-11 12:39 - 2010-02-11 12:40 - 0001643 _____ () C:\Users\ulfilas\AppData\Local\MyWinLockerInstaller.txt-20100211.log
2011-06-10 12:54 - 2012-04-27 14:02 - 0007658 _____ () C:\Users\ulfilas\AppData\Local\Resmon.ResmonCfg
2009-11-13 03:07 - 2009-11-13 03:10 - 0008031 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-09-03 09:44 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-02-09 00:45 - 2015-02-09 00:49 - 0000128 ____H () C:\ProgramData\V93GE

Some content of TEMP:
====================
C:\Users\ulfilas\AppData\Local\Temp\avgnt.exe
C:\Users\ulfilas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfexods.dll
C:\Users\ulfilas\AppData\Local\Temp\Quarantine.exe
C:\Users\ulfilas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 13:05

==================== End Of Log ============================
--- --- ---

--- --- ---



Update:

Habe jetzt meinen Papierkorb geleert und einen Neustart gemacht.

Leider poppen die Werbeeinblendungen immer noch auf.

schrauber 03.03.2015 07:14
Java und Firefox updaten,.

Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir

C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir

C:\Program Files (x86)\PDFCreator\message.exe

C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\4cJi1NqS.php

C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\cCGtJRmK.php

C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\count.php

C:\Users\ulfilas\Downloads\PDFCreator-2_0_1-setup.exe

C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Frisches FRST log bitte. Noch Probleme? Wenn ja in welchem Browser?

ulfilas-bs 03.03.2015 14:06
Fixlog.txt von eben:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2015
Ran by ulfilas at 2015-03-03 13:52:11 Run:1
Running from C:\Users\ulfilas\Downloads
Loaded Profiles: ulfilas &  (Available profiles: ulfilas & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir

C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir

C:\Program Files (x86)\PDFCreator\message.exe

C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\4cJi1NqS.php

C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\cCGtJRmK.php

C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\count.php

C:\Users\ulfilas\Downloads\PDFCreator-2_0_1-setup.exe

C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]

C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
Emptytemp:
       
*****************

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir => Moved successfully.
C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir => Moved successfully.
C:\Program Files (x86)\PDFCreator\message.exe => Moved successfully.
C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\4cJi1NqS.php => Moved successfully.
C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\cCGtJRmK.php => Moved successfully.
C:\Users\ulfilas\Desktop\Websites\Website BIN\Backup-CD BIN\Backup09022014\htdocs\count.php => Moved successfully.
C:\Users\ulfilas\Downloads\PDFCreator-2_0_1-setup.exe => Moved successfully.
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll => Moved successfully.
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2]" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3]" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4]" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1]" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]" => File/Directory not found.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1] => Moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[2] => Moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[3] => Moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[4] => Moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1] => Moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1] => Moved successfully.
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1] => Moved successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
EmptyTemp: => Removed 1.2 GB temporary data.


The system needed a reboot.

==== End of Fixlog 13:53:12 ====

Aktuelles FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by ulfilas (administrator) on ULFILAS-PC2 on 03-03-2015 14:03:31
Running from C:\Users\ulfilas\Downloads
Loaded Profiles: ulfilas (Available profiles: ulfilas & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1294882704\ee\aolsoftware.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [134416 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1294882704\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-02-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Soft32 Updater.exe] => C:\Users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe [163640 2011-10-19] (I.T.N.T.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {B4977DFF-8AE5-44DC-8A42-C62F56960AA9} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default
FF SearchEngineOrder.3: Bing
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: ProxTube - Unblock YouTube - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\ich@maltegoetz.de [2014-02-07]
FF Extension: Viewtubes - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-04-20]
FF Extension: YouTube quality manager - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\youtubequality@rzll.xpi [2012-04-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-20]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2012-11-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-31]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-07]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]
CHR Extension: (Google Docs) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]
CHR Extension: (Google Drive) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-03-03]
CHR Extension: (YouTube) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-03]
CHR Extension: (Google Search) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-03]
CHR Extension: (Google Sheets) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]
CHR Extension: (Avira Browser Safety) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-03]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2015-03-03]
CHR Extension: (Skype Click to Call) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-03]
CHR Extension: (Gmail) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-28] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-02-12] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992048 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.)
S1 FNETURPX; C:\Windows\SysWOW64\drivers\FNETURPX.SYS [7040 2013-01-26] (FNet Co., Ltd.) [File not signed]
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-04-05] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 USA19H; C:\Windows\System32\DRIVERS\USA19Hx64.sys [740096 2007-10-30] (Keyspan)
S3 USA19HP; C:\Windows\System32\DRIVERS\USA19Hx64p.SYS [35840 2007-10-23] (Keyspan)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 okorkylq; \??\C:\Windows\system32\drivers\okorkylq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-03 13:52 - 2015-03-03 13:52 - 00000000 ____D () C:\Users\ulfilas\Downloads\FRST-OlderVersion
2015-03-03 13:26 - 2015-03-03 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-03 13:24 - 2015-03-03 13:24 - 48438352 _____ (Google Inc.) C:\Users\ulfilas\Downloads\ChromeStandaloneSetup64.exe
2015-03-03 12:58 - 2015-03-03 12:56 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-03 12:56 - 2015-03-03 12:56 - 00000000 ____D () C:\Program Files\Java
2015-03-03 12:54 - 2015-03-03 12:55 - 93427112 _____ (Oracle Corporation) C:\Users\ulfilas\Downloads\jre-8u31-windows-x64.exe
2015-03-03 12:51 - 2015-03-03 12:52 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller (2).exe
2015-03-02 18:07 - 2015-03-03 14:03 - 00027380 _____ () C:\Users\ulfilas\Downloads\FRST.txt
2015-03-01 23:56 - 2015-03-01 23:56 - 00000000 ____D () C:\Users\ulfilas\Desktop\DSCF0047
2015-02-27 01:44 - 2015-02-27 01:44 - 00000000 ____D () C:\Users\ulfilas\Documents\Updater
2015-02-27 00:54 - 2015-02-27 00:54 - 01388274 _____ (Thisisu) C:\Users\ulfilas\Downloads\JRT.exe
2015-02-27 00:35 - 2015-02-27 00:52 - 00000000 ____D () C:\AdwCleaner
2015-02-27 00:34 - 2015-02-27 00:34 - 02126848 _____ () C:\Users\ulfilas\Downloads\AdwCleaner_4.111.exe
2015-02-26 23:34 - 2015-03-03 13:58 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-26 23:34 - 2015-02-26 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-26 23:29 - 2015-02-26 23:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ulfilas\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-26 23:29 - 2015-02-26 23:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ulfilas\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-02-26 11:30 - 2015-02-26 11:30 - 00039775 _____ () C:\ComboFix.txt
2015-02-25 12:35 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 12:35 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 20:30 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-24 20:30 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-24 20:30 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-24 18:48 - 2015-02-26 11:30 - 00000000 ____D () C:\Qoobox
2015-02-24 18:47 - 2015-02-26 11:28 - 00000000 ____D () C:\Windows\erdnt
2015-02-24 18:47 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (2).exe
2015-02-24 18:46 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (1).exe
2015-02-24 18:46 - 2015-02-24 18:46 - 05611903 ____R (Swearware) C:\Users\ulfilas\Downloads\ComboFix.exe
2015-02-24 09:45 - 2015-03-03 13:10 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 09:45 - 2015-02-24 09:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ulfilas\Downloads\revosetup95.exe
2015-02-24 01:28 - 2015-02-24 01:28 - 00000000 ____D () C:\Users\ulfilas\Desktop\VueScan Scans
2015-02-24 00:28 - 2015-02-25 14:12 - 00000000 ____D () C:\Users\ulfilas\Desktop\Anzeige Disco
2015-02-23 18:19 - 2015-02-23 18:20 - 00050197 _____ () C:\Users\ulfilas\Downloads\Addition.txt
2015-02-23 18:16 - 2015-03-03 14:03 - 00000000 ____D () C:\FRST
2015-02-23 18:16 - 2015-03-03 13:52 - 02092544 _____ (Farbar) C:\Users\ulfilas\Downloads\FRST64.exe
2015-02-23 17:23 - 2015-02-23 17:24 - 00002721 _____ () C:\Users\ulfilas\Downloads\software_removal_tool.log
2015-02-22 23:28 - 2015-02-22 23:32 - 00000000 ____D () C:\Users\ulfilas\Desktop\201+7756-2010-07-23
2015-02-22 23:26 - 2015-02-22 23:26 - 00000000 ____D () C:\Users\ulfilas\Desktop\2007_02
2015-02-22 23:25 - 2015-02-22 23:25 - 00000000 ____D () C:\Users\ulfilas\Desktop\201_35_v_L_20111222_Schloss
2015-02-22 23:24 - 2015-02-22 23:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\bw201-1
2015-02-20 14:03 - 2015-02-20 14:03 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-20 14:00 - 2015-02-20 14:00 - 03533008 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter (1).exe
2015-02-20 13:59 - 2015-02-20 14:01 - 03312648 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter.exe
2015-02-16 20:18 - 2015-02-27 12:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\DatenblattE12
2015-02-16 14:55 - 2015-02-19 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-12 20:00 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 20:00 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 17:01 - 2015-02-12 17:02 - 06372800 _____ (Tim Kosse) C:\Users\ulfilas\Downloads\FileZilla_3.10.1.1_win32-setup.exe
2015-02-12 00:03 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 00:03 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 00:03 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 00:03 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 00:03 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 00:03 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 00:03 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 00:03 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 00:03 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 00:03 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 00:03 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 00:03 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 00:03 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 00:03 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 00:03 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 00:03 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 00:03 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 00:03 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 00:03 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 00:02 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 00:02 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 00:02 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 00:02 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 00:02 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 00:02 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 00:02 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 00:02 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 00:02 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 00:02 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 00:02 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 00:02 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 00:02 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 00:02 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 00:02 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 00:02 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 00:02 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 00:02 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-12 00:01 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 00:01 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 00:01 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 00:01 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 00:01 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 00:01 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 01:23 - 2015-02-11 01:23 - 04752438 _____ () C:\Users\ulfilas\Downloads\mt31345,1236865807,HK_uebersicht.bmp
2015-02-10 21:00 - 2015-02-10 21:02 - 00000000 ____D () C:\Users\ulfilas\Desktop\2015-02-1013.53.18
2015-02-10 14:29 - 2015-02-10 14:29 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller (1).exe
2015-02-09 00:45 - 2015-02-09 00:49 - 00000128 ____H () C:\ProgramData\V93GE
2015-02-09 00:45 - 2015-02-09 00:45 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\LaserSoft Imaging
2015-02-09 00:30 - 2015-02-09 00:30 - 17070168 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Documentation_de.exe
2015-02-09 00:26 - 2015-02-09 00:30 - 427688568 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Movies_de.exe
2015-02-09 00:26 - 2015-02-09 00:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\Program Files\SilverFast Application
2015-02-09 00:23 - 2015-02-09 00:24 - 45434944 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF-8.2.0r3(Nikon)_x64.exe
2015-02-04 03:05 - 2015-02-04 03:05 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2015-02-04 03:05 - 2015-02-04 03:05 - 00000000 ____D () C:\Program Files\VueScan
2015-02-04 03:04 - 2015-02-04 03:04 - 17367649 _____ () C:\Users\ulfilas\Downloads\Vuescan_9.4.60.zip
2015-02-04 03:04 - 2015-02-04 03:04 - 00000000 ____D () C:\Users\ulfilas\Downloads\Vuescan_9.4.60
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Scan 4
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\Program Files (x86)\Nikon
2015-02-04 01:48 - 2015-02-04 01:48 - 00003152 _____ () C:\Windows\System32\Tasks\{6726E861-BE61-476F-A0A6-B34BBB729385}
2015-02-04 01:45 - 2015-02-04 01:45 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (2).exe
2015-02-04 01:20 - 2015-02-04 01:20 - 00000000 ____D () C:\ProgramData\Nikon
2015-02-04 00:38 - 2015-02-04 00:38 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (1).exe
2015-02-04 00:37 - 2015-02-04 02:45 - 00000000 ____D () C:\Users\ulfilas\Desktop\Treiber Nikon Coolscan 5000 ED
2015-02-03 09:47 - 2002-12-04 19:54 - 00006545 _____ (Nikon Corporation) C:\Windows\SysWOW64\NKScnUSD.dll
2015-02-03 09:46 - 2015-02-03 09:46 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de.exe
2015-02-01 23:43 - 2015-02-01 23:43 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Nikon
2015-02-01 23:37 - 2015-02-04 02:01 - 00000000 ____D () C:\Windows\SysWOW64\Color
2015-02-01 23:37 - 2002-01-05 21:10 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2015-02-01 23:37 - 1997-01-30 20:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mfc42loc.dll
2015-02-01 23:37 - 1997-01-22 06:26 - 00565760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP50.DLL
2015-02-01 23:37 - 1996-03-28 00:13 - 00010656 _____ (Nikon Inc.) C:\Windows\SysWOW64\NKNSCN95.DLL
2015-02-01 23:35 - 2015-02-01 23:35 - 00003046 _____ () C:\Windows\System32\Tasks\{DF64A0B2-4826-4E01-8091-D3A91ED4E841}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-03 14:02 - 2009-11-13 03:01 - 01291901 _____ () C:\Windows\WindowsUpdate.log
2015-03-03 14:01 - 2009-09-08 23:47 - 00704324 _____ () C:\Windows\system32\perfh007.dat
2015-03-03 14:01 - 2009-09-08 23:47 - 00152162 _____ () C:\Windows\system32\perfc007.dat
2015-03-03 14:01 - 2009-07-14 06:13 - 01634576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-03 13:56 - 2013-11-19 17:41 - 00000000 ___RD () C:\Users\ulfilas\Dropbox
2015-03-03 13:56 - 2013-11-19 17:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Dropbox
2015-03-03 13:56 - 2010-04-02 14:09 - 06384640 ___SH () C:\Users\ulfilas\Desktop\Thumbs.db
2015-03-03 13:55 - 2014-05-08 23:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa.job
2015-03-03 13:55 - 2012-12-03 13:31 - 00000000 ____D () C:\Users\ulfilas\Desktop\Verknüpfungen
2015-03-03 13:55 - 2012-01-16 13:11 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2015-03-03 13:54 - 2010-12-30 02:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-03 13:54 - 2009-11-13 03:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-03 13:54 - 2009-09-03 10:10 - 01472772 _____ () C:\Windows\PFRO.log
2015-03-03 13:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-03 13:54 - 2009-07-14 05:51 - 00170132 _____ () C:\Windows\setupact.log
2015-03-03 13:52 - 2012-04-21 13:09 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-03-03 13:18 - 2012-05-05 15:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-03 12:58 - 2009-12-27 23:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-03 12:57 - 2014-10-27 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-03 12:56 - 2014-01-03 00:02 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-03 05:14 - 2013-04-30 12:11 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\MyPhoneExplorer
2015-03-03 05:14 - 2012-04-11 13:49 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-03-03 05:14 - 2012-01-16 13:11 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2015-03-03 05:14 - 2011-05-08 02:02 - 00000000 ____D () C:\ProgramData\Real
2015-03-03 05:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-03-03 03:16 - 2014-07-01 09:16 - 00000280 _____ () C:\Windows\Tasks\System Speedupsch.job
2015-03-03 02:00 - 2009-12-24 14:37 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Adobe
2015-03-03 01:43 - 2011-06-20 14:24 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{40457202-43A6-48A0-B73A-FD3D606DDC7E}
2015-03-03 01:05 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-03 01:05 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-02 21:03 - 2012-02-25 21:03 - 00000318 _____ () C:\Windows\Tasks\MT66 Software Update.job
2015-03-02 20:56 - 2013-08-28 23:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Schriftverkehr
2015-03-02 20:16 - 2009-12-24 14:15 - 00000000 ____D () C:\Users\ulfilas
2015-02-27 12:22 - 2012-02-11 23:34 - 00006233 _____ () C:\Users\ulfilas\Sti_Trace.log
2015-02-27 00:19 - 2012-08-15 11:24 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Skype
2015-02-27 00:13 - 2009-09-03 10:04 - 00000000 ____D () C:\Windows\oem
2015-02-26 11:30 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-26 11:22 - 2009-07-14 03:34 - 00000248 _____ () C:\Windows\system.ini
2015-02-24 22:26 - 2014-12-04 22:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Beschriftung Bw 77
2015-02-24 18:57 - 2011-04-09 02:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\FileZilla
2015-02-23 18:49 - 2009-12-24 14:15 - 00114536 _____ () C:\Users\ulfilas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-23 18:49 - 2009-07-14 05:45 - 05037800 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files\Google
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-23 16:14 - 2009-09-03 09:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-23 16:14 - 2009-07-14 03:34 - 00000489 _____ () C:\Windows\win.ini
2015-02-23 15:45 - 2009-07-14 08:45 - 00000000 ____D () C:\Windows\ShellNew
2015-02-23 15:44 - 2009-12-24 15:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Google
2015-02-23 15:44 - 2009-09-03 10:07 - 00000000 ____D () C:\ProgramData\Google
2015-02-20 14:04 - 2011-05-08 13:47 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-20 10:35 - 2014-02-07 01:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-13 08:30 - 2012-09-27 11:14 - 00000000 ____D () C:\Windows\rescache
2015-02-13 02:59 - 2013-11-19 17:27 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 12:35 - 2013-10-06 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON PhotoQuicker
2015-02-12 12:35 - 2011-06-23 20:06 - 00000000 ____D () C:\Program Files (x86)\EPSON
2015-02-12 12:35 - 2009-09-03 09:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-12 12:30 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-12 12:22 - 2012-07-23 18:41 - 00000000 ____D () C:\ProgramData\DatacardService
2015-02-12 12:15 - 2012-04-20 18:55 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Mozilla
2015-02-12 11:38 - 2013-12-22 14:08 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-12 03:11 - 2013-08-19 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:11 - 2012-10-18 18:11 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 03:11 - 2012-10-18 18:11 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-12 03:03 - 2010-01-09 03:02 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 17:23 - 2014-08-14 08:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-02-09 17:23 - 2013-12-22 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-02-09 00:26 - 2012-02-27 14:39 - 00030042 _____ () C:\Windows\DPINST.LOG
2015-02-09 00:00 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-05 05:49 - 2014-06-21 10:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa
2015-02-05 05:49 - 2010-12-30 02:43 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 03:18 - 2012-05-05 15:11 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 03:18 - 2012-05-05 15:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 03:18 - 2012-02-21 01:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 19:52 - 2011-06-07 02:12 - 00038400 ___SH () C:\Users\ulfilas\Documents\Thumbs.db

==================== Files in the root of some directories =======

2013-07-28 00:16 - 2014-07-23 00:21 - 0000149 _____ () C:\Users\ulfilas\AppData\Roaming\WB.CFG
2013-12-31 01:17 - 2014-01-03 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-28 09:16 - 2014-01-29 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-TTL.DAT
2011-06-27 22:15 - 2013-03-27 10:49 - 0003204 _____ () C:\Users\ulfilas\AppData\Roaming\wklnhst.dat
2012-03-08 18:46 - 2012-03-10 01:37 - 0001456 _____ () C:\Users\ulfilas\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2011-02-10 21:41 - 2014-12-12 14:35 - 0030720 _____ () C:\Users\ulfilas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-11 12:39 - 2010-02-11 12:40 - 0001643 _____ () C:\Users\ulfilas\AppData\Local\MyWinLockerInstaller.txt-20100211.log
2011-06-10 12:54 - 2012-04-27 14:02 - 0007658 _____ () C:\Users\ulfilas\AppData\Local\Resmon.ResmonCfg
2009-11-13 03:07 - 2009-11-13 03:10 - 0008031 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-09-03 09:44 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-02-09 00:45 - 2015-02-09 00:49 - 0000128 ____H () C:\ProgramData\V93GE

Some content of TEMP:
====================
C:\Users\ulfilas\AppData\Local\Temp\avgnt.exe
C:\Users\ulfilas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz1ofnf.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 13:05

==================== End Of Log ============================
--- --- ---



Ob jetzt alles wieder richtig läuft, muß ich noch austesten. Ich melde mich im Laufe des Tages.

schrauber 03.03.2015 16:44
ok :)

ulfilas-bs 04.03.2015 19:03
Hallo schrauber,

gestern hat es nun doch nicht mehr mit der Rückmeldung geklappt.

Ich habe zunächst alle installierten Browser ausprobiert. AOL und Internet Explorer liefen einwandfrei, Firefox und Google Chrome machten aber noch leichte Probleme, da dort immer noch - sehr vereinzelt - Werbeeinblendungen sichtbar wurden.

Firefox nutze ich eh so gut wie nie, von daher sind dort vorhandene Störenfriede für mich nicht sooo belastend.

Mein Standard-Browser ist Google Chrome. Für diesen installierte ich gestern noch Adblock Plus in den Erweiterungen, und seitdem ist dort auch Ruhe.

Ich hoffe, mit Adblock Plus keinen Fehler gemacht zu haben. Was denkst du darüber?

Ich gehe insgesamt aber davon aus, daß mein Computer dank deiner Hilfe von seinen Plagegeistern befreit wurde. Herzlichen Dank für deine Unterstützung. Bin ich dir/euch irgendetwas schuldig?

Kann ich, was meinen Computer betrifft, irgendetwas tun, um solche Vorkommnisse in Zukunft zu verhindern?

Abschließend noch eine Kleinigkeit:

Ich habe den Eindruck, mein Computer braucht jetzt länger, bis er betriebsbereit wird. Vom Eingeben meines Zugangs-Passworts bis zur Anzeige des Desktops vergeht mehr Zeit, als ich es gewohnt bin. Auch das Navigieren zwischen Internetseiten kommt mir ein bißchen länger vor.

Muß ich mir darüber Gedanken machen?

Etwas anders bei dieser Gelegenheit:

Wir haben uns in den letzten Tagen mit meinem Win7-Rechner beschäftigt. ICh habe hier noch einen weiteren Rechner stehen, der unter XP läuft.

Diesen benutze ich immer noch für diverse Dinge, u.a. für das Digitalisieren meiner alten Hi8-Videobänder.

Der Rechner ist grottenlangsam geworden. Es dauert Minuten, bis er hochfährt. Alles geht nur noch im Zeitlupentempo. Bin ich auch dieser eurer Seite am richtigen Ort, um dem XP-Rechner eine Verjüngungskur zu verpassen? Er muß sicherlich mal richtig durchgeforstet werden.

Viele Grüße

Wolfgang

schrauber 05.03.2015 07:12
Zitat:
Ich hoffe, mit Adblock Plus keinen Fehler gemacht zu haben. Was denkst du darüber?
ist korrekt so, kannste auch in Firefox installieren.

Poste bitte nochmal ein FRST log, ich schau mal wegen dem Speed, den XP können wir danach anschauen. Aber ich hoffe mal für dich dass der XP im Allgemeinen, ausser zu unsren Scans, offline bleibt.

ulfilas-bs 05.03.2015 14:22
Hier das FRST von heute:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by ulfilas (administrator) on ULFILAS-PC2 on 05-03-2015 14:13:16
Running from C:\Users\ulfilas\Downloads
Loaded Profiles: ulfilas & UpdatusUser (Available profiles: ulfilas & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1294882704\ee\aolsoftware.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ACD Systems International Inc.) C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeQV14.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nikon Inc.) C:\Program Files (x86)\Nikon\NkScan4\Nikon Scan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [134416 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1294882704\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Soft32 Updater.exe] => C:\Users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe [163640 2011-10-19] (I.T.N.T.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [42320 2012-01-31] (AOL Inc.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-39457134-2311114567-1202830544-1003\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\S-1-5-21-39457134-2311114567-1202830544-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [425984 2009-08-05] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll (pdfforge GmbH)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll (pdfforge GmbH)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {B4977DFF-8AE5-44DC-8A42-C62F56960AA9} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default
FF SearchEngineOrder.3: Bing
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-39457134-2311114567-1202830544-1003: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: ProxTube - Unblock YouTube - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\ich@maltegoetz.de [2014-02-07]
FF Extension: Viewtubes - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-04-20]
FF Extension: YouTube quality manager - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\youtubequality@rzll.xpi [2012-04-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-20]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2012-11-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-31]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-07]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]
CHR Extension: (Google Docs) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]
CHR Extension: (Google Drive) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-03]
CHR Extension: (YouTube) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-03]
CHR Extension: (Adblock Plus) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-04]
CHR Extension: (Google Search) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-03]
CHR Extension: (Google Sheets) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]
CHR Extension: (Avira Browser Safety) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-03]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2015-03-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-03]
CHR Extension: (Skype Click to Call) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-03]
CHR Extension: (Gmail) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-28] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.)
S1 FNETURPX; C:\Windows\SysWOW64\drivers\FNETURPX.SYS [7040 2013-01-26] (FNet Co., Ltd.) [File not signed]
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-04-05] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 USA19H; C:\Windows\System32\DRIVERS\USA19Hx64.sys [740096 2007-10-30] (Keyspan)
S3 USA19HP; C:\Windows\System32\DRIVERS\USA19Hx64p.SYS [35840 2007-10-23] (Keyspan)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 okorkylq; \??\C:\Windows\system32\drivers\okorkylq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-04 18:40 - 2015-03-04 18:44 - 00000000 ____D () C:\Users\ulfilas\Desktop\BIN Shop Modelle
2015-03-04 15:13 - 2015-03-04 15:13 - 00045783 _____ () C:\Users\ulfilas\Desktop\Backup Wolfgangs Handy 2015-03-04.mpb
2015-03-04 15:12 - 2015-03-04 16:26 - 00000000 ____D () C:\Users\ulfilas\Desktop\Handy-Sicherungskopie
2015-03-03 21:58 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:58 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:58 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 21:58 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-03 13:52 - 2015-03-03 13:52 - 00000000 ____D () C:\Users\ulfilas\Downloads\FRST-OlderVersion
2015-03-03 13:26 - 2015-03-03 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-03 13:24 - 2015-03-03 13:24 - 48438352 _____ (Google Inc.) C:\Users\ulfilas\Downloads\ChromeStandaloneSetup64.exe
2015-03-03 12:58 - 2015-03-03 12:56 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-03 12:56 - 2015-03-03 12:56 - 00000000 ____D () C:\Program Files\Java
2015-03-03 12:54 - 2015-03-03 12:55 - 93427112 _____ (Oracle Corporation) C:\Users\ulfilas\Downloads\jre-8u31-windows-x64.exe
2015-03-03 12:51 - 2015-03-03 12:52 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller (2).exe
2015-03-02 18:07 - 2015-03-05 14:13 - 00028744 _____ () C:\Users\ulfilas\Downloads\FRST.txt
2015-03-01 23:56 - 2015-03-01 23:56 - 00000000 ____D () C:\Users\ulfilas\Desktop\DSCF0047
2015-02-27 01:44 - 2015-02-27 01:44 - 00000000 ____D () C:\Users\ulfilas\Documents\Updater
2015-02-27 00:54 - 2015-02-27 00:54 - 01388274 _____ (Thisisu) C:\Users\ulfilas\Downloads\JRT.exe
2015-02-27 00:35 - 2015-02-27 00:52 - 00000000 ____D () C:\AdwCleaner
2015-02-27 00:34 - 2015-02-27 00:34 - 02126848 _____ () C:\Users\ulfilas\Downloads\AdwCleaner_4.111.exe
2015-02-26 23:34 - 2015-03-05 13:19 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-26 23:34 - 2015-02-26 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-26 23:29 - 2015-02-26 23:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ulfilas\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-26 11:30 - 2015-02-26 11:30 - 00039775 _____ () C:\ComboFix.txt
2015-02-25 12:35 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 12:35 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 20:30 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-24 20:30 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-24 20:30 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-24 18:48 - 2015-02-26 11:30 - 00000000 ____D () C:\Qoobox
2015-02-24 18:47 - 2015-02-26 11:28 - 00000000 ____D () C:\Windows\erdnt
2015-02-24 18:47 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (2).exe
2015-02-24 18:46 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (1).exe
2015-02-24 18:46 - 2015-02-24 18:46 - 05611903 ____R (Swearware) C:\Users\ulfilas\Downloads\ComboFix.exe
2015-02-24 09:45 - 2015-03-03 13:10 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 09:45 - 2015-02-24 09:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ulfilas\Downloads\revosetup95.exe
2015-02-24 01:28 - 2015-02-24 01:28 - 00000000 ____D () C:\Users\ulfilas\Desktop\VueScan Scans
2015-02-24 00:28 - 2015-02-25 14:12 - 00000000 ____D () C:\Users\ulfilas\Desktop\Anzeige Disco
2015-02-23 18:19 - 2015-02-23 18:20 - 00050197 _____ () C:\Users\ulfilas\Downloads\Addition.txt
2015-02-23 18:16 - 2015-03-05 14:13 - 00000000 ____D () C:\FRST
2015-02-23 18:16 - 2015-03-03 13:52 - 02092544 _____ (Farbar) C:\Users\ulfilas\Downloads\FRST64.exe
2015-02-23 17:23 - 2015-02-23 17:24 - 00002721 _____ () C:\Users\ulfilas\Downloads\software_removal_tool.log
2015-02-22 23:28 - 2015-02-22 23:32 - 00000000 ____D () C:\Users\ulfilas\Desktop\201+7756-2010-07-23
2015-02-22 23:26 - 2015-02-22 23:26 - 00000000 ____D () C:\Users\ulfilas\Desktop\2007_02
2015-02-22 23:25 - 2015-02-22 23:25 - 00000000 ____D () C:\Users\ulfilas\Desktop\201_35_v_L_20111222_Schloss
2015-02-22 23:24 - 2015-02-22 23:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\bw201-1
2015-02-20 14:03 - 2015-02-20 14:03 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-20 14:00 - 2015-02-20 14:00 - 03533008 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter (1).exe
2015-02-20 13:59 - 2015-02-20 14:01 - 03312648 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter.exe
2015-02-16 20:18 - 2015-02-27 12:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\DatenblattE12
2015-02-16 14:55 - 2015-02-19 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-12 20:00 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 20:00 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 17:01 - 2015-02-12 17:02 - 06372800 _____ (Tim Kosse) C:\Users\ulfilas\Downloads\FileZilla_3.10.1.1_win32-setup.exe
2015-02-12 00:03 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 00:03 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 00:03 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 00:03 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 00:03 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 00:03 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 00:03 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 00:03 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 00:03 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 00:03 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 00:03 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 00:03 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 00:03 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 00:03 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 00:03 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 00:03 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 00:03 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 00:03 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 00:03 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 00:02 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 00:02 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 00:02 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 00:02 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 00:02 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 00:02 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 00:02 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 00:02 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 00:02 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 00:02 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 00:02 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 00:02 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 00:02 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 00:02 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 00:02 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 00:02 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 00:02 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 00:02 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-12 00:01 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 00:01 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 00:01 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 00:01 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 00:01 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 00:01 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 01:23 - 2015-02-11 01:23 - 04752438 _____ () C:\Users\ulfilas\Downloads\mt31345,1236865807,HK_uebersicht.bmp
2015-02-10 21:00 - 2015-02-10 21:02 - 00000000 ____D () C:\Users\ulfilas\Desktop\2015-02-1013.53.18
2015-02-10 14:29 - 2015-02-10 14:29 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller (1).exe
2015-02-09 00:45 - 2015-02-09 00:49 - 00000128 ____H () C:\ProgramData\V93GE
2015-02-09 00:45 - 2015-02-09 00:45 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\LaserSoft Imaging
2015-02-09 00:30 - 2015-02-09 00:30 - 17070168 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Documentation_de.exe
2015-02-09 00:26 - 2015-02-09 00:30 - 427688568 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Movies_de.exe
2015-02-09 00:26 - 2015-02-09 00:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\Program Files\SilverFast Application
2015-02-09 00:23 - 2015-02-09 00:24 - 45434944 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF-8.2.0r3(Nikon)_x64.exe
2015-02-04 03:05 - 2015-02-04 03:05 - 00000985 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2015-02-04 03:05 - 2015-02-04 03:05 - 00000000 ____D () C:\Program Files\VueScan
2015-02-04 03:04 - 2015-02-04 03:04 - 17367649 _____ () C:\Users\ulfilas\Downloads\Vuescan_9.4.60.zip
2015-02-04 03:04 - 2015-02-04 03:04 - 00000000 ____D () C:\Users\ulfilas\Downloads\Vuescan_9.4.60
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nikon Scan 4
2015-02-04 02:01 - 2015-02-04 02:01 - 00000000 ____D () C:\Program Files (x86)\Nikon
2015-02-04 01:48 - 2015-02-04 01:48 - 00003152 _____ () C:\Windows\System32\Tasks\{6726E861-BE61-476F-A0A6-B34BBB729385}
2015-02-04 01:45 - 2015-02-04 01:45 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (2).exe
2015-02-04 01:20 - 2015-02-04 01:20 - 00000000 ____D () C:\ProgramData\Nikon
2015-02-04 00:38 - 2015-02-04 00:38 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de (1).exe
2015-02-04 00:37 - 2015-02-04 02:45 - 00000000 ____D () C:\Users\ulfilas\Desktop\Treiber Nikon Coolscan 5000 ED
2015-02-03 09:47 - 2002-12-04 19:54 - 00006545 _____ (Nikon Corporation) C:\Windows\SysWOW64\NKScnUSD.dll
2015-02-03 09:46 - 2015-02-03 09:46 - 15203632 _____ () C:\Users\ulfilas\Downloads\ns403de.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 14:11 - 2009-11-13 03:01 - 01543171 _____ () C:\Windows\WindowsUpdate.log
2015-03-05 14:04 - 2012-08-15 11:24 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Skype
2015-03-05 13:54 - 2010-12-30 02:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-05 13:18 - 2012-05-05 15:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-05 12:49 - 2009-09-08 23:47 - 00704324 _____ () C:\Windows\system32\perfh007.dat
2015-03-05 12:49 - 2009-09-08 23:47 - 00152162 _____ () C:\Windows\system32\perfc007.dat
2015-03-05 12:49 - 2009-07-14 06:13 - 01634576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-05 12:42 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-05 12:42 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-05 12:40 - 2014-08-14 08:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-05 12:40 - 2013-12-22 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-05 12:39 - 2013-11-19 17:41 - 00000000 ___RD () C:\Users\ulfilas\Dropbox
2015-03-05 12:39 - 2013-11-19 17:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Dropbox
2015-03-05 12:38 - 2014-05-08 23:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa.job
2015-03-05 12:38 - 2012-01-16 13:11 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2015-03-05 12:10 - 2009-11-13 03:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-05 12:10 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 12:10 - 2009-07-14 05:51 - 00171151 _____ () C:\Windows\setupact.log
2015-03-05 02:00 - 2009-12-24 14:37 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Adobe
2015-03-04 21:03 - 2012-02-25 21:03 - 00000318 _____ () C:\Windows\Tasks\MT66 Software Update.job
2015-03-04 20:10 - 2013-04-30 12:11 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\MyPhoneExplorer
2015-03-04 11:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-04 02:24 - 2011-06-20 14:24 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{40457202-43A6-48A0-B73A-FD3D606DDC7E}
2015-03-03 14:17 - 2009-12-24 15:43 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-03 13:56 - 2010-04-02 14:09 - 06384640 ___SH () C:\Users\ulfilas\Desktop\Thumbs.db
2015-03-03 13:55 - 2012-12-03 13:31 - 00000000 ____D () C:\Users\ulfilas\Desktop\Verknüpfungen
2015-03-03 13:54 - 2009-09-03 10:10 - 01472772 _____ () C:\Windows\PFRO.log
2015-03-03 13:52 - 2012-04-21 13:09 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-03-03 12:58 - 2009-12-27 23:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-03 12:57 - 2014-10-27 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-03 12:56 - 2014-01-03 00:02 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-03 05:14 - 2012-04-11 13:49 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-03-03 05:14 - 2012-01-16 13:11 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2015-03-03 05:14 - 2011-05-08 02:02 - 00000000 ____D () C:\ProgramData\Real
2015-03-03 05:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-03-03 03:16 - 2014-07-01 09:16 - 00000280 _____ () C:\Windows\Tasks\System Speedupsch.job
2015-03-02 20:56 - 2013-08-28 23:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Schriftverkehr
2015-03-02 20:16 - 2009-12-24 14:15 - 00000000 ____D () C:\Users\ulfilas
2015-02-27 12:22 - 2012-02-11 23:34 - 00006233 _____ () C:\Users\ulfilas\Sti_Trace.log
2015-02-27 00:13 - 2009-09-03 10:04 - 00000000 ____D () C:\Windows\oem
2015-02-26 11:30 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-26 11:22 - 2009-07-14 03:34 - 00000248 _____ () C:\Windows\system.ini
2015-02-24 22:26 - 2014-12-04 22:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Beschriftung Bw 77
2015-02-24 18:57 - 2011-04-09 02:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\FileZilla
2015-02-23 18:49 - 2009-12-24 14:15 - 00114536 _____ () C:\Users\ulfilas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-23 18:49 - 2009-07-14 05:45 - 05037800 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files\Google
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-23 16:14 - 2009-09-03 09:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-23 16:14 - 2009-07-14 03:34 - 00000489 _____ () C:\Windows\win.ini
2015-02-23 15:45 - 2009-07-14 08:45 - 00000000 ____D () C:\Windows\ShellNew
2015-02-23 15:44 - 2009-12-24 15:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Google
2015-02-23 15:44 - 2009-09-03 10:07 - 00000000 ____D () C:\ProgramData\Google
2015-02-20 14:04 - 2011-05-08 13:47 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-20 10:35 - 2014-02-07 01:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-13 08:30 - 2012-09-27 11:14 - 00000000 ____D () C:\Windows\rescache
2015-02-13 02:59 - 2013-11-19 17:27 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 12:35 - 2013-10-06 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON PhotoQuicker
2015-02-12 12:35 - 2011-06-23 20:06 - 00000000 ____D () C:\Program Files (x86)\EPSON
2015-02-12 12:35 - 2009-09-03 09:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-12 12:30 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-12 12:22 - 2012-07-23 18:41 - 00000000 ____D () C:\ProgramData\DatacardService
2015-02-12 12:15 - 2012-04-20 18:55 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Mozilla
2015-02-12 11:38 - 2013-12-22 14:08 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-12 03:11 - 2013-08-19 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:11 - 2012-10-18 18:11 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 03:11 - 2012-10-18 18:11 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-12 03:03 - 2010-01-09 03:02 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 00:26 - 2012-02-27 14:39 - 00030042 _____ () C:\Windows\DPINST.LOG
2015-02-09 00:00 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-05 05:49 - 2014-06-21 10:15 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa
2015-02-05 05:49 - 2010-12-30 02:43 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 03:18 - 2012-05-05 15:11 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 03:18 - 2012-05-05 15:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 03:18 - 2012-02-21 01:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-04 19:52 - 2011-06-07 02:12 - 00038400 ___SH () C:\Users\ulfilas\Documents\Thumbs.db
2015-02-04 02:01 - 2015-02-01 23:37 - 00000000 ____D () C:\Windows\SysWOW64\Color

==================== Files in the root of some directories =======

2013-07-28 00:16 - 2014-07-23 00:21 - 0000149 _____ () C:\Users\ulfilas\AppData\Roaming\WB.CFG
2013-12-31 01:17 - 2014-01-03 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-28 09:16 - 2014-01-29 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-TTL.DAT
2011-06-27 22:15 - 2013-03-27 10:49 - 0003204 _____ () C:\Users\ulfilas\AppData\Roaming\wklnhst.dat
2012-03-08 18:46 - 2012-03-10 01:37 - 0001456 _____ () C:\Users\ulfilas\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2011-02-10 21:41 - 2014-12-12 14:35 - 0030720 _____ () C:\Users\ulfilas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-11 12:39 - 2010-02-11 12:40 - 0001643 _____ () C:\Users\ulfilas\AppData\Local\MyWinLockerInstaller.txt-20100211.log
2011-06-10 12:54 - 2012-04-27 14:02 - 0007658 _____ () C:\Users\ulfilas\AppData\Local\Resmon.ResmonCfg
2009-11-13 03:07 - 2009-11-13 03:10 - 0008031 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-09-03 09:44 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-02-09 00:45 - 2015-02-09 00:49 - 0000128 ____H () C:\ProgramData\V93GE

Some content of TEMP:
====================
C:\Users\ulfilas\AppData\Local\Temp\avgnt.exe
C:\Users\ulfilas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpljbkhj.dll
C:\Users\ulfilas\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 13:05

==================== End Of Log ============================
--- --- ---



Ja, der XP hängt tatsächlich nicht am Internet.

schrauber 05.03.2015 21:09
Zitat:
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Soft32 Updater.exe] => C:\Users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe [163640 2011-10-19] (I.T.N.T.)
Kennst Du das?

ulfilas-bs 06.03.2015 11:52
Nein, sollte ich? Was ist das?

schrauber 06.03.2015 16:26
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Soft32 Updater.exe] => C:\Users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe [163640 2011-10-19] (I.T.N.T.)
C:\Users\ulfilas\AppData\Local\Soft32

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Frisches FRST log bitte.

ulfilas-bs 07.03.2015 10:00
Da ist es:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2015
Ran by ulfilas at 2015-03-07 09:56:24 Run:2
Running from C:\Users\ulfilas\Downloads
Loaded Profiles: ulfilas (Available profiles: ulfilas & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Soft32 Updater.exe] => C:\Users\ulfilas\AppData\Local\Soft32\Soft32 Updater\Soft32 Updater.exe [163640 2011-10-19] (I.T.N.T.) C:\Users\ulfilas\AppData\Local\Soft32
*****************

HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Soft32 Updater.exe => value deleted successfully.

==== End of Fixlog 09:56:24 ====

schrauber 07.03.2015 18:35
Das frische FRST log bitte noch. Bestehen noch probleme mit diesem Rechner?

ulfilas-bs 08.03.2015 16:31
Sorry, ich vergaß ...


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 01
Ran by ulfilas (administrator) on ULFILAS-PC2 on 08-03-2015 12:53:35
Running from C:\Users\ulfilas\Downloads
Loaded Profiles: ulfilas & UpdatusUser (Available profiles: ulfilas & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1294882704\ee\aolsoftware.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Adobe Photoshop CS2\Photoshop.exe
(ACD Systems International Inc.) C:\Program Files (x86)\ACD Systems\ACDSee\14.0\ACDSeeQV14.exe
(F.J. Wechselberger) C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe
() C:\Program Files (x86)\MyPhoneExplorer\DLL\adb.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [134416 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1294882704\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-03] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [42320 2012-01-31] (AOL Inc.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [42320 2012-01-31] (AOL Inc.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-39457134-2311114567-1202830544-1003\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\S-1-5-21-39457134-2311114567-1202830544-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [425984 2009-08-05] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-39457134-2311114567-1202830544-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-39457134-2311114567-1202830544-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-03] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-03] (Oracle Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-03-31] (RealPlayer)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll [2012-11-23] (MedienTeam66)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {B4977DFF-8AE5-44DC-8A42-C62F56960AA9} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default
FF SearchEngineOrder.3: Bing
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-39457134-2311114567-1202830544-1003: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-06-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-06-01] (Apple Inc.)
FF Extension: Avira Browser Safety - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: ProxTube - Unblock YouTube - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\ich@maltegoetz.de [2014-02-07]
FF Extension: Viewtubes - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-04-20]
FF Extension: YouTube quality manager - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\youtubequality@rzll.xpi [2012-04-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-20]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2012-11-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-31]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-07]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]
CHR Extension: (Google Docs) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]
CHR Extension: (Google Drive) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-03]
CHR Extension: (YouTube) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-03]
CHR Extension: (Adblock Plus) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-04]
CHR Extension: (Google Search) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-03]
CHR Extension: (Google Sheets) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]
CHR Extension: (Avira Browser Safety) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-03]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2015-03-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-03]
CHR Extension: (Skype Click to Call) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-03]
CHR Extension: (Google Wallet) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07]
CHR Extension: (Gmail) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-03]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-28] (Adobe Systems) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-03] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [992560 2015-03-03] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.)
S1 FNETURPX; C:\Windows\SysWOW64\drivers\FNETURPX.SYS [7040 2013-01-26] (FNet Co., Ltd.) [File not signed]
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-04-05] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 USA19H; C:\Windows\System32\DRIVERS\USA19Hx64.sys [740096 2007-10-30] (Keyspan)
S3 USA19HP; C:\Windows\System32\DRIVERS\USA19Hx64p.SYS [35840 2007-10-23] (Keyspan)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 okorkylq; \??\C:\Windows\system32\drivers\okorkylq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 12:37 - 2015-03-08 12:52 - 00000000 ____D () C:\Users\ulfilas\Desktop\USA-Flug H
2015-03-07 14:56 - 2015-03-07 14:56 - 01247572 _____ () C:\Users\ulfilas\Desktop\LH2037.psd
2015-03-04 18:40 - 2015-03-05 14:50 - 00000000 ____D () C:\Users\ulfilas\Desktop\BIN Shop Modelle
2015-03-04 15:13 - 2015-03-04 15:13 - 00045783 _____ () C:\Users\ulfilas\Desktop\Backup Wolfgangs Handy 2015-03-04.mpb
2015-03-04 15:12 - 2015-03-04 16:26 - 00000000 ____D () C:\Users\ulfilas\Desktop\Handy-Sicherungskopie
2015-03-03 21:58 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 21:58 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 21:58 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 21:58 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-03 13:52 - 2015-03-08 12:53 - 00000000 ____D () C:\Users\ulfilas\Downloads\FRST-OlderVersion
2015-03-03 13:26 - 2015-03-03 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-03 13:24 - 2015-03-03 13:24 - 48438352 _____ (Google Inc.) C:\Users\ulfilas\Downloads\ChromeStandaloneSetup64.exe
2015-03-03 12:58 - 2015-03-03 12:56 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-03-03 12:56 - 2015-03-03 12:56 - 00000000 ____D () C:\Program Files\Java
2015-03-03 12:54 - 2015-03-03 12:55 - 93427112 _____ (Oracle Corporation) C:\Users\ulfilas\Downloads\jre-8u31-windows-x64.exe
2015-03-03 12:51 - 2015-03-03 12:52 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller (2).exe
2015-03-02 18:07 - 2015-03-08 12:53 - 00030837 _____ () C:\Users\ulfilas\Downloads\FRST.txt
2015-03-01 23:56 - 2015-03-01 23:56 - 00000000 ____D () C:\Users\ulfilas\Desktop\DSCF0047
2015-02-27 01:44 - 2015-02-27 01:44 - 00000000 ____D () C:\Users\ulfilas\Documents\Updater
2015-02-27 00:54 - 2015-02-27 00:54 - 01388274 _____ (Thisisu) C:\Users\ulfilas\Downloads\JRT.exe
2015-02-27 00:35 - 2015-02-27 00:52 - 00000000 ____D () C:\AdwCleaner
2015-02-27 00:34 - 2015-02-27 00:34 - 02126848 _____ () C:\Users\ulfilas\Downloads\AdwCleaner_4.111.exe
2015-02-26 23:34 - 2015-03-08 10:09 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-26 23:34 - 2015-02-26 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-26 23:33 - 2015-02-26 23:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-26 23:33 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-26 23:33 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-26 23:29 - 2015-02-26 23:30 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\ulfilas\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-26 11:30 - 2015-02-26 11:30 - 00039775 _____ () C:\ComboFix.txt
2015-02-25 12:35 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 12:35 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 20:30 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-02-24 20:30 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-02-24 20:30 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-02-24 20:30 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-02-24 18:48 - 2015-02-26 11:30 - 00000000 ____D () C:\Qoobox
2015-02-24 18:47 - 2015-02-26 11:28 - 00000000 ____D () C:\Windows\erdnt
2015-02-24 18:47 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (2).exe
2015-02-24 18:46 - 2015-02-24 18:47 - 05611903 _____ (Swearware) C:\Users\ulfilas\Downloads\ComboFix (1).exe
2015-02-24 18:46 - 2015-02-24 18:46 - 05611903 ____R (Swearware) C:\Users\ulfilas\Downloads\ComboFix.exe
2015-02-24 09:45 - 2015-03-03 13:10 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-02-24 09:45 - 2015-02-24 09:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ulfilas\Downloads\revosetup95.exe
2015-02-24 01:28 - 2015-02-24 01:28 - 00000000 ____D () C:\Users\ulfilas\Desktop\VueScan Scans
2015-02-24 00:28 - 2015-02-25 14:12 - 00000000 ____D () C:\Users\ulfilas\Desktop\Anzeige Disco
2015-02-23 18:19 - 2015-02-23 18:20 - 00050197 _____ () C:\Users\ulfilas\Downloads\Addition.txt
2015-02-23 18:16 - 2015-03-08 12:53 - 02095104 _____ (Farbar) C:\Users\ulfilas\Downloads\FRST64.exe
2015-02-23 18:16 - 2015-03-08 12:53 - 00000000 ____D () C:\FRST
2015-02-23 17:23 - 2015-02-23 17:24 - 00002721 _____ () C:\Users\ulfilas\Downloads\software_removal_tool.log
2015-02-22 23:28 - 2015-02-22 23:32 - 00000000 ____D () C:\Users\ulfilas\Desktop\201+7756-2010-07-23
2015-02-22 23:26 - 2015-02-22 23:26 - 00000000 ____D () C:\Users\ulfilas\Desktop\2007_02
2015-02-22 23:25 - 2015-02-22 23:25 - 00000000 ____D () C:\Users\ulfilas\Desktop\201_35_v_L_20111222_Schloss
2015-02-22 23:24 - 2015-02-22 23:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\bw201-1
2015-02-20 14:03 - 2015-02-20 14:03 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-20 14:00 - 2015-02-20 14:00 - 03533008 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter (1).exe
2015-02-20 13:59 - 2015-02-20 14:01 - 03312648 _____ (DVDVideoSoft Ltd. ) C:\Users\ulfilas\Downloads\FreeYouTubeToMP3Converter.exe
2015-02-16 20:18 - 2015-02-27 12:24 - 00000000 ____D () C:\Users\ulfilas\Desktop\DatenblattE12
2015-02-16 14:55 - 2015-02-19 21:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-12 20:00 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 20:00 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 20:00 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-12 17:01 - 2015-02-12 17:02 - 06372800 _____ (Tim Kosse) C:\Users\ulfilas\Downloads\FileZilla_3.10.1.1_win32-setup.exe
2015-02-12 00:03 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-12 00:03 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-12 00:03 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-12 00:03 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-12 00:03 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-12 00:03 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-12 00:03 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-12 00:03 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-12 00:03 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-12 00:03 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-12 00:03 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-12 00:03 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-12 00:03 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-12 00:03 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-12 00:03 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-12 00:03 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-12 00:03 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-12 00:03 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-12 00:03 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-12 00:03 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-12 00:03 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 00:03 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 00:03 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-12 00:03 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-12 00:03 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-12 00:03 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-12 00:03 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-12 00:03 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-12 00:03 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-12 00:03 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-12 00:03 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-12 00:03 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-12 00:03 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-12 00:03 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-12 00:03 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-12 00:03 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-12 00:02 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 00:02 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-12 00:02 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-12 00:02 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-12 00:02 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-12 00:02 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-12 00:02 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 00:02 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-12 00:02 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 00:02 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-12 00:02 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-12 00:02 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 00:02 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-12 00:02 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 00:02 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 00:02 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-12 00:02 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-12 00:02 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 00:02 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 00:02 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-12 00:02 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-12 00:01 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-12 00:01 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-12 00:01 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-12 00:01 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-12 00:01 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-12 00:01 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-12 00:01 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 00:01 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-11 01:23 - 2015-02-11 01:23 - 04752438 _____ () C:\Users\ulfilas\Downloads\mt31345,1236865807,HK_uebersicht.bmp
2015-02-10 21:00 - 2015-02-10 21:02 - 00000000 ____D () C:\Users\ulfilas\Desktop\2015-02-1013.53.18
2015-02-10 14:29 - 2015-02-10 14:29 - 42096984 _____ (Apple Inc.) C:\Users\ulfilas\Downloads\QuickTimeInstaller (1).exe
2015-02-09 00:45 - 2015-02-09 00:49 - 00000128 ____H () C:\ProgramData\V93GE
2015-02-09 00:45 - 2015-02-09 00:45 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\LaserSoft Imaging
2015-02-09 00:30 - 2015-02-09 00:30 - 17070168 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Documentation_de.exe
2015-02-09 00:26 - 2015-02-09 00:30 - 427688568 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF8_Movies_de.exe
2015-02-09 00:26 - 2015-02-09 00:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\ProgramData\LaserSoft Imaging
2015-02-09 00:25 - 2015-02-09 00:25 - 00000000 ____D () C:\Program Files\SilverFast Application
2015-02-09 00:23 - 2015-02-09 00:24 - 45434944 _____ (LaserSoft Imaging AG) C:\Users\ulfilas\Downloads\SF-8.2.0r3(Nikon)_x64.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-08 12:54 - 2010-12-30 02:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-08 12:51 - 2012-08-15 11:24 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Skype
2015-03-08 12:18 - 2012-05-05 15:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-08 12:17 - 2009-11-13 03:01 - 01773623 _____ () C:\Windows\WindowsUpdate.log
2015-03-08 10:34 - 2011-06-20 14:24 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{40457202-43A6-48A0-B73A-FD3D606DDC7E}
2015-03-08 05:54 - 2014-05-08 23:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa.job
2015-03-08 02:00 - 2009-12-24 14:37 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Adobe
2015-03-08 00:38 - 2013-04-30 12:11 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\MyPhoneExplorer
2015-03-07 21:03 - 2012-02-25 21:03 - 00000318 _____ () C:\Windows\Tasks\MT66 Software Update.job
2015-03-07 20:01 - 2010-04-02 14:09 - 06426112 ___SH () C:\Users\ulfilas\Desktop\Thumbs.db
2015-03-07 17:41 - 2009-09-08 23:47 - 00704324 _____ () C:\Windows\system32\perfh007.dat
2015-03-07 17:41 - 2009-09-08 23:47 - 00152162 _____ () C:\Windows\system32\perfc007.dat
2015-03-07 17:41 - 2009-07-14 06:13 - 01634576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-07 12:00 - 2014-02-05 15:33 - 00003704 _____ () C:\Windows\System32\Tasks\Java Update Scheduler
2015-03-07 11:58 - 2012-12-03 13:31 - 00000000 ____D () C:\Users\ulfilas\Desktop\Verknüpfungen
2015-03-07 09:58 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-07 09:58 - 2009-07-14 05:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-07 09:51 - 2013-11-19 17:41 - 00000000 ___RD () C:\Users\ulfilas\Dropbox
2015-03-07 09:51 - 2013-11-19 17:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Dropbox
2015-03-07 09:51 - 2012-01-16 13:11 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2015-03-07 09:48 - 2009-11-13 03:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-03-07 09:48 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-07 09:48 - 2009-07-14 05:51 - 00171263 _____ () C:\Windows\setupact.log
2015-03-05 12:40 - 2014-08-14 08:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-05 12:40 - 2013-12-22 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-04 11:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-03-03 14:17 - 2009-12-24 15:43 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-03-03 13:54 - 2009-09-03 10:10 - 01472772 _____ () C:\Windows\PFRO.log
2015-03-03 13:52 - 2012-04-21 13:09 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-03-03 12:58 - 2009-12-27 23:18 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-03 12:57 - 2014-10-27 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-03-03 12:56 - 2014-01-03 00:02 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-03 05:14 - 2012-04-11 13:49 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2015-03-03 05:14 - 2012-01-16 13:11 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2015-03-03 05:14 - 2011-05-08 02:02 - 00000000 ____D () C:\ProgramData\Real
2015-03-03 05:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2015-03-02 20:56 - 2013-08-28 23:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Schriftverkehr
2015-03-02 20:16 - 2009-12-24 14:15 - 00000000 ____D () C:\Users\ulfilas
2015-02-27 12:22 - 2012-02-11 23:34 - 00006233 _____ () C:\Users\ulfilas\Sti_Trace.log
2015-02-27 00:13 - 2009-09-03 10:04 - 00000000 ____D () C:\Windows\oem
2015-02-26 11:30 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-02-26 11:22 - 2009-07-14 03:34 - 00000248 _____ () C:\Windows\system.ini
2015-02-24 22:26 - 2014-12-04 22:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Beschriftung Bw 77
2015-02-24 18:57 - 2011-04-09 02:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\FileZilla
2015-02-23 18:49 - 2009-12-24 14:15 - 00114536 _____ () C:\Users\ulfilas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-02-23 18:49 - 2009-07-14 05:45 - 05037800 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files\Google
2015-02-23 18:48 - 2009-09-03 10:07 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-23 16:14 - 2009-09-03 09:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-23 16:14 - 2009-07-14 03:34 - 00000489 _____ () C:\Windows\win.ini
2015-02-23 15:45 - 2009-07-14 08:45 - 00000000 ____D () C:\Windows\ShellNew
2015-02-23 15:44 - 2009-12-24 15:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Google
2015-02-23 15:44 - 2009-09-03 10:07 - 00000000 ____D () C:\ProgramData\Google
2015-02-20 14:04 - 2011-05-08 13:47 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-20 14:03 - 2011-05-08 13:47 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-02-20 10:35 - 2014-02-07 01:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-13 08:30 - 2012-09-27 11:14 - 00000000 ____D () C:\Windows\rescache
2015-02-13 02:59 - 2013-11-19 17:27 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-02-12 12:35 - 2013-10-06 11:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON PhotoQuicker
2015-02-12 12:35 - 2011-06-23 20:06 - 00000000 ____D () C:\Program Files (x86)\EPSON
2015-02-12 12:35 - 2009-09-03 09:34 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-12 12:30 - 2013-03-14 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-12 12:30 - 2013-03-14 03:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-12 12:22 - 2012-07-23 18:41 - 00000000 ____D () C:\ProgramData\DatacardService
2015-02-12 12:15 - 2012-04-20 18:55 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Mozilla
2015-02-12 11:38 - 2013-12-22 14:08 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-02-12 11:38 - 2013-12-22 14:08 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-02-12 03:11 - 2013-08-19 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 03:11 - 2012-10-18 18:11 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-02-12 03:11 - 2012-10-18 18:11 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-12 03:11 - 2012-10-18 18:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-02-12 03:03 - 2010-01-09 03:02 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-09 00:26 - 2012-02-27 14:39 - 00030042 _____ () C:\Windows\DPINST.LOG
2015-02-09 00:00 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2013-07-28 00:16 - 2014-07-23 00:21 - 0000149 _____ () C:\Users\ulfilas\AppData\Roaming\WB.CFG
2013-12-31 01:17 - 2014-01-03 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-28 09:16 - 2014-01-29 01:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-TTL.DAT
2011-06-27 22:15 - 2013-03-27 10:49 - 0003204 _____ () C:\Users\ulfilas\AppData\Roaming\wklnhst.dat
2012-03-08 18:46 - 2012-03-10 01:37 - 0001456 _____ () C:\Users\ulfilas\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2011-02-10 21:41 - 2014-12-12 14:35 - 0030720 _____ () C:\Users\ulfilas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-11 12:39 - 2010-02-11 12:40 - 0001643 _____ () C:\Users\ulfilas\AppData\Local\MyWinLockerInstaller.txt-20100211.log
2011-06-10 12:54 - 2012-04-27 14:02 - 0007658 _____ () C:\Users\ulfilas\AppData\Local\Resmon.ResmonCfg
2009-11-13 03:07 - 2009-11-13 03:10 - 0008031 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-09-03 09:44 - 2009-07-18 02:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-02-09 00:45 - 2015-02-09 00:49 - 0000128 ____H () C:\ProgramData\V93GE

Some content of TEMP:
====================
C:\Users\ulfilas\AppData\Local\Temp\avgnt.exe
C:\Users\ulfilas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyvnepw.dll
C:\Users\ulfilas\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-07 16:19

==================== End Of Log ============================
--- --- ---

--- --- ---


Viele Grüße

Wolfgang

Ich habe den Computer jetzt mal heruntergefahren und neugestartet. Es scheint alles in Ordnung zu sein.

schrauber 08.03.2015 19:20
Dann jetzt bitte FRST Logs und eine PRoblembeschreibung von dem XP Rechner. Für diesen hier:


http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

ulfilas-bs 11.03.2015 16:18
Doch - ein Problem gibt es noch mit dem Win7-Rechner.

Das Ding geht ständig aus. Das Ganze scheint wieder das Temperaturproblem zu sein, das im vergangenen Jahr auch schon auftrat.

Damals habe ich die Grafikkarte als Verursacher ausfindig gemacht. Mit einem bißchen neuer Wärmeleitpaste ging alles wieder ohne Probleme.

Seit einigen Wochen (allerdings noch weit vor dem Trojaner-Befall) sind die Ausfälle wieder da. Von jetzt auf gleich ist das Bild schwarz. Der Rechner läuft zwar noch, es geht aber kein Signal mehr zum Monitor und - falls eingeschaltet - ist der Ton weg und ein starken Brummen ist zu hören.

Einzige Chance ist dann nur, den Rechner per Ausschaltknopf abzuwürgen und ihn wieder hochzufahren.

Einigermaßen Abhilfe bringt momentan nur mein kleiner Tischventilator, der jetzt mit voller Kraft direkt in die Lüftungsöffnung des Rechners bläst.

Ist auch keine dauerhafte Lösung, ich weiß. Erstens macht das Ding Krach, zweitens kostet es Strom und drittens sitze ich hier ständig mit kalten Füßen, weil der Ventilator direkt im Fußraum steht.

Wie kann das sein, daß derselbe Fehler nach so kurzer Zeit schon wieder aufgetreten ist?

Ich habe jetzt deine letzte Anweisung noch nicht ausgeführt, weil ich nicht weiß, ob irgendeins der installierten Tools jetzt noch benötigt wird. Soll ich sie trotz Lüfterproblem jetzt löschen und wir wenden uns dem XP zu?

Viele Grüße

Wolfgang

schrauber 12.03.2015 08:58
Die Graka hat beim ersten Mal vllt nen Schuss abbekommen.Das ist ein Hardwarethema, da können unsere Tools, und auch ich, leider nicht helfen :)

ulfilas-bs 19.03.2015 11:18
Hallo schrauber,

das mit der Grafikkarte hatte ich auch schon befürchtet. Wie ärgerlich. Ich werde aber vorher nochmal neue Wärmeleitpaste einsetzen. Vielleicht bringt es was für die nächste Ziet, oder es war beim letzten Mal zu wenig.

Das ist jetzt der dritte Versuch, dir zu antworten. Beim ersten Mal ging prompt der Rechner zwischendurch wieder aus (dsa Temperaturproblem), beim zweiten Mal habe ich gleich vom XP aus geschrieben, aber die Mitteilung ging aus irgendeinem Grund nicht raus, obwohl ich eingeloggt war. Versuche ich es also wieder vom Win 7-Gerät.

Also: Deine Anweisungen habe ich soweit alle befolgt und schön alles gelöscht, was ich löschen sollte.

Malwarebytes vermeldet jetzt mehrmals am Tag, die Lizenz sei abgelaufen. Würdest zu dazu raten, die Vollversion zu kaufen? Handelt es sich bei den ganzen von dir vorgeschlagenen Programmen um Kaufversionen, oder ist da auch Shareware dabei?


So, jetzt zum XP:

Das Gerät ist natürlich auch nicht mehr soooo ganz neu, erfüllte aber immer noch seine Zwecke beim Digitaliseren meiner alten Videos. AUs diesem Grund brauche ich den Rechner auch noch.

Im Laufe der Zeit war er recht langsam geworden, bis er sich vor ca. zwei Jahren plötzlich gar nicht mehr starten ließ.

Um meine Daten zu retten, baute ich damals die beiden Festplatten aus, um sie vorübergehend als externe Festplatten anzuschließen, bis die Dateien auf eine neue externe Festplatte überspielt sind.

Das klappte aber nicht so, wie ich es erhofft hatte. Zuerst hatte ich gar keinen Zugriff auf die Dateien, dann nur auf einige, und die ganze Nummer war so wenig erfolgreich, daß ich die beiden Platten wieder in den XP einbaute.

Erstaunlicherweise ließ er sich wieder starten. Mit anderen Worten: Der Computer ist wieder lauffähig, alles geht aber gähnend langsam vonstatten. Vom Einschalten dauert es schon Minuten, bis der leere Desktop erscheint, dann weitere Minuten, bis sich die Symbole zeigen. Dann wieder braucht man unendlich viel Geduld, bis sich überhaupt etwas anklicken läßt. Insgesamt läuft also alles so ziemlich in Zeitlupe ab, was richtig an den Nerven zerrt.

FRST habe ich heute Nachmiitag drüberlaufen lassen, aber, wie gesagt, das Posten der Dateien hat nicht geklappt, weil meine ganze Mitteilung von vorhin nicht durchlief.

Ich werde den XP erst morgen (heute) wieder hochfahren. Zu dieser späten STunde dauert mir das jetzt zu lange.

Ich sende dir die beiden Dateien dann vom XP.

Viele Grüße und gute Nacht

Wolfgang

Hier nun die beiden FRST-Dateien:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Ulfilas57 (administrator) on ULFILAS on 18-03-2015 18:08:29
Running from C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads
Loaded Profiles: Ulfilas57 (Available profiles: Ulfilas57)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Programme\Windows Defender\MsMpEng.exe
(Wsys Co., Ltd.) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eSafe\eGdpSvc.exe
(America Online, Inc.) C:\Programme\Gemeinsame Dateien\aol\1186092089\ee\aolsoftware.exe
() C:\Programme\Winamp\winampa.exe
(Apple Inc.) C:\Programme\QuickTime\QTTask.exe
(SSC Localization Group) C:\Programme\SSC Service Utility\ssc_serv.exe
(Avira GmbH) C:\Programme\AntiVir PersonalEdition Classic\sched.exe
(Macrovision Corporation) C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe
(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
() C:\Programme\BrowseForTheCause\BrowseForTheCause.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(AVIRA GmbH) C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\NBHGui.exe
(AOL LLC) C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCD.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Logitech Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
() C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.exe
(C-Dilla Ltd) C:\WINDOWS\system32\drivers\CDAC11BA.EXE
() C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.bin
(Aladdin Knowledge Systems Ltd.) C:\WINDOWS\system32\hasplms.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
(InterVideo) C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe
() C:\WINDOWS\system32\PAStiSvc.exe
(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe
(Microsoft Corporation) C:\Programme\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Automatisch EPSON Stylus Photo R200 Series auf MARION] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE [99840 2003-09-11] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [HostManager] => C:\Programme\Gemeinsame Dateien\AOL\1186092089\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [101136 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [LGODDFU] => C:\Programme\lg_fwupdate\lgfw.exe blrun
HKLM\...\Run: [WinampAgent] => C:\Programme\Winamp\winampa.exe [36352 2008-08-04] ()
HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [417792 2009-09-05] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [198160 2009-09-11] (RealNetworks, Inc.)
HKLM\...\Run: [SSC Service Utility] => C:\Programme\SSC Service Utility\ssc_serv.exe [665600 2007-10-09] (SSC Localization Group)
HKLM\...\Run: [Google Updater] => C:\Programme\Google\Google Updater\GoogleUpdater.exe [161336 2011-09-09] (Google)
HKLM\...\Run: [ISUSPM] => C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe [213936 2006-03-20] (Macrovision Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [BrowseForTheCause] => C:\Programme\BrowseForTheCause\BrowseForTheCause.exe [3744104 2013-07-16] ()
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [SecurDisc] => C:\Programme\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-11-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Programme\Nero\Nero 7\InCD\InCD.exe [1057064 2007-11-26] (Nero AG)
HKU\S-1-5-21-484763869-630328440-839522115-1004\...\Run: [LightScribe Control Panel] => C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe [2363392 2009-11-20] (Hewlett-Packard Company)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [519584 2010-02-28] (Microsoft Corporation)
AppInit_DLLs: c:\dokume~1\alluse~1\anwend~1\browse~1\261519~1.190\{c16c1~1\browse~1.dll => c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll [2691536 2013-07-26] ()
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk
ShortcutTarget: InterVideo WinCinema Manager.lnk -> C:\Programme\Ulead Systems\Ulead DVD MovieFactory 6\Ulead DVD MovieFactory 6\Common\Bin\WinCinemaMgr.exe (No File)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (No File)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Startmenü\Programme\Autostart\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=adk&from=adk&uid=SAMSUNGXSP1604N_0651J1FW708193&ts=1373971175
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=adk&from=adk&uid=SAMSUNGXSP1604N_0651J1FW708193&ts=1373971175
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-484763869-630328440-839522115-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=54E00010DCFAF9B2&affID=119357&tsp=4945
HKU\S-1-5-21-484763869-630328440-839522115-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=adk&from=adk&uid=SAMSUNGXSP1604N_0651J1FW708193&ts=1373971175
HKU\S-1-5-21-484763869-630328440-839522115-1004\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=54E00010DCFAF9B2&affID=119357&tsp=4945
URLSearchHook: HKLM - Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Programme\Winamp Toolbar\winamptb.dll (AOL LLC.)
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=adk&from=adk&uid=SAMSUNGXSP1604N_0651J1FW708193&ts=0
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=adk&from=adk&uid=SAMSUNGXSP1604N_0651J1FW708193&ts=0
SearchScopes: HKLM -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
SearchScopes: HKU\S-1-5-21-484763869-630328440-839522115-1004 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-484763869-630328440-839522115-1004 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=54E00010DCFAF9B2&affID=119357&tsp=4945
SearchScopes: HKU\S-1-5-21-484763869-630328440-839522115-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=adk&from=adk&uid=SAMSUNGXSP1604N_0651J1FW708193&ts=0
SearchScopes: HKU\S-1-5-21-484763869-630328440-839522115-1004 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
BHO: No Name -> {02478D38-C3F9-4EFB-9B51-7695ECA05670} ->  No File
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-09-03] (Adobe Systems Incorporated)
BHO: Winamp Toolbar Loader -> {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} -> C:\Programme\Winamp Toolbar\winamptb.dll [2008-07-16] (AOL LLC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll [2013-08-20] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> c:\programme\google\googletoolbar1.dll [2007-01-19] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-01-14] (Google Inc.)
BHO: softonic-de3 Toolbar -> {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} -> C:\Programme\softonic-de3\prxtbsof1.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll [2013-08-20] (Oracle Corporation)
BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll [2007-01-19] (Google Inc.)
Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Programme\Winamp Toolbar\winamptb.dll [2008-07-16] (AOL LLC.)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\prxtbsof1.dll No File
Toolbar: HKU\S-1-5-21-484763869-630328440-839522115-1004 -> &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar1.dll [2007-01-19] (Google Inc.)
DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} hxxp://midasplayer.aol.de/midasa.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/hidinputmonitorx.ocx
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} hxxp://download.ebay.com/turbo_lister/DE/install.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} hxxp://king.aolsvc.de/ctl/kingcomie.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} hxxp://aolcc.aol.de/computercheckup/qdiagcc.cab
DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/A9.ocx
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1115727237102
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152046154312
DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/wmvhdrating.ocx
DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} hxxp://www.parallelgraphics.com/bin/cortvrml.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://office.dogcam.smalldog.com/activex/AxisCamControl.cab
DPF: {ABC1D8DE-CAB5-4FB7-BCD0-137BAB9F09DC} hxxp://www.aldisued-fotos-druck.de/upload/aldi_sued_bilduebertragung.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game14.zylomgames.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll [2005-04-27] (Haufe Mediengruppe)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll [2008-07-30] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Winsock: Catalog9 01 C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork1.dll [8704] ()
Winsock: Catalog9 02 C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork1.dll [8704] ()
Winsock: Catalog9 22 C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork1.dll [8704] ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{388DB4AB-8D7B-4BA2-946F-3BDE1F6619F0}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{3ECE9A19-5146-4846-BBB2-E014515541B5}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{D6A749A3-AC13-4E2F-9449-37FA7FD3624B}: [NameServer] 50.7.75.18,107.6.133.6
StartMenuInternet: IEXPLORE.EXE - C:\Programme\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=adk&from=adk&uid=SAMSUNGXSP1604N_0651J1FW708193&ts=1373971175

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2010-01-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-04-26] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll [2009-10-23] ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-01-03] (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Programme\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-09] (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nppl3260.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 -> c:\programme\real\realone player\Netscape6\nprjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nprpjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-23]

Chrome:
=======
CHR Profile: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Delta Toolbar) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-07-21]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\BabSolution\CR\Delta.crx [2013-07-16]
StartMenuInternet: chrome.exe - C:\Programme\Google\Chrome\Application\chrome.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=adk&from=adk&uid=SAMSUNGXSP1604N_0651J1FW708193&ts=1373971175

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-06-27] (Adobe Systems) [File not signed]
R2 AntiVirScheduler; C:\Programme\AntiVir PersonalEdition Classic\sched.exe [47656 2006-11-13] (Avira GmbH) [File not signed]
R2 AntiVirService; C:\Programme\AntiVir PersonalEdition Classic\avguard.exe [200744 2006-11-24] (AVIRA GmbH) [File not signed]
R2 AOL ACS; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)
R2 BrowserDefendert; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2847696 2013-07-26] ()
R2 C-DillaCdaC11BA; C:\WINDOWS\system32\drivers\CDAC11BA.EXE [39936 2008-12-14] (C-Dilla Ltd) [File not signed]
R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 cvhsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [822504 2013-04-22] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2010-02-20] (Acresso Software Inc.)
S2 gupdate1c9871269d85f5e; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S2 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-09] (Google)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [2562048 2008-04-24] (Aladdin Knowledge Systems Ltd.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545568 2009-10-28] (Apple Inc.)
R2 IviRegMgr; C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe [112152 2007-01-04] (InterVideo)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182184 2013-08-20] (Oracle Corporation)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2009-11-20] (Hewlett-Packard Company) [File not signed]
S3 Macromedia Licensing Service; C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2007-09-10] () [File not signed]
S3 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)
S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [143436 2006-03-09] (NVIDIA Corporation) [File not signed]
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [339456 2006-06-02] (O&O Software GmbH) [File not signed]
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4640000 2010-01-09] (Microsoft Corporation)
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 sftlist; C:\Programme\Microsoft Application Virtualization Client\sftlist.exe [523944 2013-06-26] (Microsoft Corporation)
R3 sftvsa; C:\Programme\Microsoft Application Virtualization Client\sftvsa.exe [207528 2013-06-26] (Microsoft Corporation)
R2 STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [53248 2005-01-14] () [File not signed]
R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-01-18] (Ulead Systems, Inc.)
S3 UPnPService; C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.) [File not signed]
R2 WinDefend; C:\Programme\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
R2 WsysSvc; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eSafe\eGdpSvc.exe [301120 2013-08-16] (Wsys Co., Ltd.)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [X]
S3 McComponentHostService; "C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe" [X]
S2 WebCake Desktop Updater; "C:\Programme\WebCake\WebCakeDesktop.Updater.exe" "C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\WebCake\WebCakeDesktop.exe"

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aksfridge; C:\WINDOWS\System32\DRIVERS\aksfridge.sys [350720 2008-03-18] (Aladdin Knowledge Systems Ltd.)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [238976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
S3 akshhl; C:\WINDOWS\System32\DRIVERS\akshhl.sys [46336 2007-07-23] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [14976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [695852 2003-01-10] (Realtek Semiconductor Corp.) [File not signed]
R1 avgio; C:\Programme\AntiVir PersonalEdition Classic\avgio.sys [7296 2006-11-22] (AVIRA GmbH) [File not signed]
R3 avgntflt; C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys [45104 2006-11-24] (AVIRA GmbH)
S3 BENDER; C:\WINDOWS\System32\drivers\bender.sys [200320 2005-08-22] (Pinnacle Systems) [File not signed]
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-05-14] (Avanquest Software) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cdrblock; C:\WINDOWS\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 giveio; C:\WINDOWS\system32\giveio.sys [5248 2009-05-15] () [File not signed]
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [586240 2008-02-11] (Aladdin Knowledge Systems Ltd.)
R0 hotcore; C:\WINDOWS\System32\drivers\hotcore.sys [18208 2005-10-14] (Paragon Software Group) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [38440 2007-11-26] (Nero AG)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]
S3 KMWDFilter; C:\WINDOWS\System32\Drivers\KMWDFilter.SYS [17024 2007-03-29] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171008 2005-06-02] (Pinnacle Systems GmbH) [File not signed]
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [3650368 2006-03-09] (NVIDIA Corporation) [File not signed]
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation      )
R3 Sftfs; C:\WINDOWS\System32\DRIVERS\Sftfsxp.sys [587944 2013-06-26] (Microsoft Corporation)
R3 Sftplay; C:\WINDOWS\System32\DRIVERS\Sftplayxp.sys [213288 2013-06-26] (Microsoft Corporation)
R3 Sftredir; C:\WINDOWS\System32\DRIVERS\Sftredirxp.sys [23208 2013-06-26] (Microsoft Corporation)
R3 Sftvol; C:\WINDOWS\System32\DRIVERS\Sftvolxp.sys [19112 2013-06-26] (Microsoft Corporation)
R1 SSHDRV85; C:\WINDOWS\system32\drivers\SSHDRV85.sys [78848 2007-03-28] () [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [32000 2008-07-10] (Apple, Inc.) [File not signed]
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S2 adfs; No ImagePath
S3 GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 NTACCESS; \??\I:\NTACCESS.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\I:\NTGLM7X.sys [X]
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 17:59 - 2015-03-18 18:05 - 00004961 _____ () C:\WINDOWS\KB2916036.log
2015-03-18 17:59 - 2015-03-18 18:05 - 00004961 _____ () C:\WINDOWS\KB2868626.log
2015-03-18 17:59 - 2015-03-18 18:05 - 00004958 _____ () C:\WINDOWS\KB2922229.log
2015-03-18 17:58 - 2015-03-18 18:05 - 00057791 _____ () C:\WINDOWS\KB2936068-IE7.log
2015-03-18 17:55 - 2015-03-18 18:00 - 00004957 _____ () C:\WINDOWS\KB2898715.log
2015-03-18 17:50 - 2015-03-18 18:00 - 00004958 _____ () C:\WINDOWS\KB2929961.log
2015-03-18 17:49 - 2015-03-18 18:00 - 00005573 _____ () C:\WINDOWS\KB2909212.log
2015-03-18 17:48 - 2015-03-18 18:00 - 00005475 _____ () C:\WINDOWS\KB2930275.log
2015-03-18 17:46 - 2015-03-18 18:00 - 00004954 _____ () C:\WINDOWS\KB2862152.log
2015-03-18 17:41 - 2015-03-18 18:00 - 00005006 _____ () C:\WINDOWS\KB2876331.log
2015-03-18 17:38 - 2015-03-18 17:59 - 00005020 _____ () C:\WINDOWS\KB2893294.log
2015-03-18 17:36 - 2015-03-18 17:36 - 00000000 ____D () C:\WINDOWS\LastGood
2015-03-18 17:35 - 2015-03-18 17:59 - 00005036 _____ () C:\WINDOWS\KB2892075.log
2015-03-18 17:25 - 2015-03-18 18:08 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 18:17 - 2013-07-08 11:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp
2015-03-18 18:12 - 2005-05-10 13:54 - 00000254 _____ () C:\WINDOWS\wiadebug.log
2015-03-18 18:05 - 2005-05-10 13:14 - 01664599 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-18 17:34 - 2009-06-30 02:32 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-18 17:24 - 2009-06-30 02:32 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-18 17:21 - 2013-08-10 14:43 - 00000322 ____H () C:\WINDOWS\Tasks\MP Scheduled Scan.job
2015-03-18 17:21 - 2005-05-10 13:54 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-03-18 17:21 - 2005-05-10 13:52 - 00000000 ___RD () C:\Programme
2015-03-18 17:19 - 2013-07-16 12:01 - 00001874 _____ () C:\WINDOWS\Tasks\Plus-HD-2.3-chromeinstaller.job
2015-03-18 17:19 - 2013-07-16 12:01 - 00001186 _____ () C:\WINDOWS\Tasks\Plus-HD-2.3-codedownloader.job
2015-03-18 17:19 - 2013-07-16 11:46 - 00001186 _____ () C:\WINDOWS\Tasks\Plus-HD-2.5-codedownloader.job
2015-03-18 17:19 - 2013-07-16 11:44 - 00001872 _____ () C:\WINDOWS\Tasks\Plus-HD-2.5-chromeinstaller.job
2015-03-18 17:19 - 2012-01-31 15:19 - 00000314 _____ () C:\WINDOWS\Tasks\GlaryInitialize.job
2015-03-18 17:19 - 2006-04-11 13:20 - 00050257 _____ () C:\WINDOWS\system32\nvapps.xml
2015-03-18 17:18 - 2013-07-16 11:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\eSafe
2015-03-18 17:18 - 2006-07-28 22:12 - 00700437 _____ () C:\WINDOWS\system32\OODBS.lor
2015-03-18 17:18 - 2005-05-10 13:02 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-18 17:18 - 2001-08-18 12:00 - 00013050 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-18 15:13 - 2006-12-24 16:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
2015-03-18 14:01 - 2009-03-24 02:33 - 00001014 _____ () C:\WINDOWS\Tasks\Google Software Updater.job
2015-03-18 12:01 - 2005-05-10 13:06 - 00032622 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-17 19:00 - 2011-05-23 13:50 - 00000254 _____ () C:\WINDOWS\Tasks\RMSchedule.job
2015-03-17 02:06 - 2005-05-10 13:06 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Temp
2015-02-24 04:23 - 2009-10-03 00:46 - 00246920 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-07-16 11:05 - 2013-07-16 11:05 - 0000000 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\sversion.ini
2013-07-16 11:05 - 2013-07-16 11:05 - 0002048 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\user60.rdb
2014-01-22 14:43 - 2014-03-20 23:33 - 0006144 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-16 11:45 - 2013-07-16 11:45 - 0000150 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\contentDATs.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\SecurityScan_Release.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\jre-6u34-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\GetCC.dll
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\jre-7u25-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\plus-hd-2-5-de.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\SendMsg.dll
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\vbmz10.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---





Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Ulfilas57 at 2015-03-18 18:19:37
Running from C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira AntiVir PersonalEdition Classic (Enabled - Out of date) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic (Enabled - Out of date) {AD166499-45F9-482A-A743-FDD3350758C7}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 5.0 Sprint (HKLM\...\{D1696920-9794-4BBC-8A30-7A88763DE5A2}) (Version: 5.0.0.33417 - ABBYY Software House)
ABBYY FineReader 6.0 (HKLM\...\{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}) (Version: 6.0.759.29421 - ABBYY Software House)
ACD PhotoStitcher (HKLM\...\{306F0DE6-CB05-4D35-A71A-1F30AF009FE4}) (Version: 1.00.0000 - ACD Systems Ltd.)
ACDSee 3.1 (SR-1) Standard (HKLM\...\{39F068BC-CE2C-4564-81E2-8E19219F9A65}) (Version: 3.1.1 - ACD Systems Ltd)
Adobe Acrobat 5.0 (HKLM\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Dreamweaver CS3 (HKLM\...\Adobe_25db75244653b42cb93dc27939d1c0e) (Version: 9.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.8) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
Ahead NeroVision Express (HKLM\...\NeroVision!UninstallKey) (Version:  - )
Any Video Converter 3.0.7 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
AOL Coach Version 1.0(Build:20040229.1 de) (HKLM\...\AOLCoach de) (Version:  - )
AOL Deinstallation (HKLM\...\AOL Deinstallation) (Version:  - )
Apple Application Support (HKLM\...\{3FA365DF-2D68-45ED-8F83-8C8A33E65143}) (Version: 1.1.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}) (Version: 2.6.0.32 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ASAPI Update (HKLM\...\ASAPI Update) (Version:  - )
Ashampoo ClipFinder HD 2.06 (HKLM\...\Ashampoo ClipFinder HD_is1) (Version: 2.0.6 - ashampoo GmbH & Co. KG)
AVCHD converter (HKLM\...\{5796F3D8-2679-4C14-94D4-5FA852D553E1}) (Version: 3.00.000 - Thomson Canopus)
Avira AntiVir PersonalEdition Classic (HKLM\...\AntiVir PersonalEdition Classic) (Version:  - Avira GmbH)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version:  - AVM Berlin)
Browse for the Cause (HKLM\...\BrowseForTheCause) (Version:  - ) <==== ATTENTION
BrowserDefender (HKLM\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - ) <==== ATTENTION
Camera RAW Plug-In for EPSON Creativity Suite (HKLM\...\{93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}) (Version: 2.2.0.0 - )
CDDRV_Installer (Version: 1.00.0000 - Logitech Inc.) Hidden
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Colin McRae Rally 2 (HKLM\...\{19B72AA9-985A-11D4-9C8A-00D0B75D1498}) (Version:  - )
Core FTP LE 1.3c (HKLM\...\Core FTP LE 1.3c) (Version:  - )
Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Direct Show Ogg Vorbis Filter (remove only) (HKLM\...\OggDS) (Version:  - )
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1319 - CyberLink Corporation)
EasyCleaner (HKLM\...\{F5346614-B7C4-4E94-826A-E2363155233D}) (Version: 2.0.6.380 - ToniArts)
EDIUS 5 Settings (HKLM\...\{03B1C701-5B73-4a25-BB9B-9F5178349E7B}) (Version:  - )
EDIUS 5(SetupManager) (HKLM\...\{FA8B6532-78E9-490B-B97D-32379E16810E}) (Version: 5.01 - Thomson Canopus)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 14.3.20130522 - Landesfinanzdirektion Thüringen)
ElsterFormular 2008/2009 (HKLM\...\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}) (Version: 10.2.1.0 - Steuerverwaltung des Bundes und der Länder)
EPSON Attach To Email (HKLM\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Copy Utility 3 (HKLM\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.0.1.0 - )
EPSON Easy Photo Print (HKLM\...\{3D78F2A2-C893-4ABD-B5FE-AD7011837755}) (Version: 1.5.0.0 - )
EPSON File Manager (HKLM\...\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}) (Version: 1.3.0.0 - )
EPSON Print CD (HKLM\...\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version: 1.60.000 - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
EPSON Scan Assistant (HKLM\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
EPSON Smart Panel (HKLM\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version:  - )
EPSON Web-To-Page (HKLM\...\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
FDRTools Basic 2.3.2 (HKLM\...\{1173A73A-A1BF-494D-AD21-AD1E72ED4AA3}) (Version: 2.3.2 - AGS Technik)
File Opener Pro (HKLM\...\fileopenerpro) (Version:  - FileOpenerPro) <==== ATTENTION
Flamingo 2.0 (HKLM\...\{C475527D-AB5C-47D8-8C25-85CA3E42B5A4}) (Version: 2.0.30724.0 - Robert McNeel & Associates)
fotofunXXL 4.60 (HKLM\...\{592ED299-14EF-4C0F-92B4-B627CD5A2EBE}_is1) (Version:  - fotofunXXL)
Foto-Mosaik 4.1.0 (HKLM\...\Foto-Mosaik_is1) (Version:  - Steffen Schirmer)
Franzis Font Viewer 2.0 (HKLM\...\Franzis Font Viewer 2.0) (Version:  - )
G DATA PowerPartition Manager 2006 (HKLM\...\{B42E4F9E-20A9-4ADA-8D35-198A52D72A4F}) (Version:  - )
GEONExT 1.11 (HKLM\...\GEONExT_is1) (Version: 1.11 - GEONExT Group)
Glary Utilities 2.41.0.1358 (HKLM\...\Glary Utilities_is1) (Version: 2.41.0.1358 - Glarysoft Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Desktop Search (HKLM\...\Google Desktop) (Version: - - Google)
Google Earth (HKLM\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google SketchUp 6 (HKLM\...\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}) (Version: 6.0.01337 - Google)
Google SketchUp 6 (Version: 6.4.112 - Google) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - )
Google Update Helper (Version: 1.3.21.165 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Hollywood FX 5.5 Additional Effects (HKLM\...\Hollywood FX 5.5 Additional Effects) (Version:  - )
Hollywood FX Pack 26 - Extra FX (HKLM\...\Hollywood FX Pack 26 - Extra FX) (Version:  - )
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
Hotfix für Windows Internet Explorer 7 (KB947864) (HKLM\...\KB947864-IE7) (Version: 1 - Microsoft Corporation)
Hotfix für Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version:  - Microsoft Corporation)
Hotfix für Windows XP (KB2158563) (HKLM\...\KB2158563) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB970653-v3) (HKLM\...\KB970653-v3) (Version: 3 - Microsoft Corporation)
Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
Intel(R) Processor Frequency ID Utility (HKLM\...\{B772E270-02DF-4B70-9FA8-1383BBB81FDD}) (Version: 7.20.0000 - Intel(R) Corporation)
Intel(R) Programm für Prozessor-IDs (HKLM\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 3.7.0005 - Intel Corporation)
InterVideo DeviceService (HKLM\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
InterVideo DVDCopy5 (HKLM\...\{C167A588-87AA-47BF-A88E-5B0F9A14480D}) (Version: 5.0-B4.152 - InterVideo Inc.)
InterVideo WinDVD 8 (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.109 - InterVideo Inc.)
iTunes (HKLM\...\{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}) (Version: 9.0.2.25 - Apple Inc.)
iZotope VST Plug-ins (HKLM\...\iZotope VST Plug-ins_is1) (Version: 1.00 - iZotope, Inc.)
J2SE Runtime Environment 5.0 Update 4 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150040}) (Version: 1.5.0.40 - Sun Microsystems, Inc.)
Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java(TM) 6 Update 29 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.290 - Oracle)
KhalSetup (Version: 3.30.165 - Logitech) Hidden
LabelEditor (HKLM\...\LabelEditor) (Version:  - )
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
Lexware buchhalter 2006 (HKLM\...\{59846070-BEE0-45DB-A05E-8F5F22D7DF8B}) (Version: 11.00 - Lexware)
Lexware buchhalter 2006 (Version: 11.00 - Lexware) Hidden
Lexware Dao 350 Dao 360 (Version: 1.00 - Lexware) Hidden
LG ODD Auto Firmware Update (HKLM\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LightScribe Diagnostic Utility (HKLM\...\{3754D55C-585E-4BC5-A182-4B70FABBFDB7}) (Version: 1.18.10.2 - LightScribe)
LightScribe System Software (HKLM\...\{7EACD74C-147F-478C-9389-F9F52EE3C88A}) (Version: 1.18.10.2 - LightScribe)
LightScribe Template Labeler (HKLM\...\{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}) (Version: 1.18.5.1 - LightScribe)
Logitech SetPoint (HKLM\...\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}) (Version: 3.3 - Logitech)
LuminanceHDR 2.0.2-pre1 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version:  - LuminanceHDR Dev Team)
Macromedia Director 7G (HKLM\...\Macromedia Director 7G) (Version:  - )
Macromedia Director 7G Multiuser Server (HKLM\...\Macromedia Director 7G Multiuser Server) (Version:  - )
Macromedia Fireworks 2 (HKLM\...\Macromedia Fireworks 2) (Version: 2 - Macromedia)
MAGIX Music Manager (D) (HKLM\...\MAGIX Music Manager D) (Version: 1.1.1.692 - MAGIX AG)
MAGIX Xtreme Foto Designer 6 6.0.27.0 (D) (HKLM\...\MAGIX Xtreme Foto Designer 6 D) (Version: 6.0.27.0 - MAGIX AG)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 2.0.181.2 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Home and Student 2010 - Deutsch (HKLM\...\{90140011-0061-0407-0000-0000000FF1CE}) (Version: 14.0.5130.5001 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 8.0 Support DLLs (HKLM\...\{342F5437-C87D-4BB5-89B9-B23E16C6A395}) (Version: 1.0.0 - McNeel & Associates)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{3AC54383-31D1-4907-961B-B12CBB1D0AE8}) (Version: 2.6.0.29 - Apple Inc.)
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
Mufin MusicFinder Base 1.5.3.255 (D) (HKLM\...\Mufin MusicFinder Base D) (Version: 1.5.3.255 - MAGIX AG)
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51031}) (Version: 7.03.0920 - Nero AG)
NewBlue Effects for EDIUS 5 (HKLM\...\NewBlue Effects for EDIUS 5) (Version:  - )
Nikon Message Center (HKLM\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Scan (HKLM\...\{9AE4AC96-A5F4-4F19-9D13-066C8B3CE034}) (Version: 4.0 - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
O&O Defrag Professional Edition (HKLM\...\{53480370-6CA2-47EC-BC05-02B4B9271C31}) (Version: 8.5.1788 - O&O Software GmbH)
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Perf2480P_2580P Ref. Handbuch (HKLM\...\Perf2480P_2580P Ref. Handbuch) (Version:  - )
Picture Control Utility (HKLM\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.2 - Nikon)
Pixie registration fix (HKLM\...\{8ACE0437-ABC8-42EE-A165-D5ADD81A1BD3}) (Version: 1.00.0000 - )
Plus-HD-2.3 (HKLM\...\Plus-HD-2.3) (Version: 1.27.153.8 - Plus HD) <==== ATTENTION
Plus-HD-2.5 (HKLM\...\Plus-HD-2.5) (Version: 1.27.153.5 - Plus HD) <==== ATTENTION
Poedit (HKLM\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.4.3 - Vaclav Slavik)
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3409.a - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version:  - )
proDAD Heroglyph PEARL Edition 2.0 (HKLM\...\proDAD-Heroglyph-2.0) (Version:  - )
proDAD Mercalli 1.0 (HKLM\...\proDAD-Mercalli-1.0) (Version:  - )
proDAD Vitascene 1.0 (HKLM\...\proDAD-Vitascene-1.0) (Version:  - )
QuickTime (HKLM\...\{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}) (Version: 7.64.17.73 - Apple Inc.)
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
Realtek RTL8139/810x Fast Ethernet NIC Driver Setup (HKLM\...\{97AA0C55-AFAD-4126-B21C-F1318FB6DADA}) (Version:  - )
Safari (HKLM\...\{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}) (Version: 5.31.21.10 - Apple Inc.)
ScanToWeb (HKLM\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version:  - )
SecurDisc Viewer (HKLM\...\{BE90CE58-41DE-4708-9291-A9D1D49B1031}) (Version: 7.03.0749 - Nero AG)
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2360131) (HKLM\...\KB2360131-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2416400) (HKLM\...\KB2416400-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2482017) (HKLM\...\KB2482017-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2497640) (HKLM\...\KB2497640-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2530548) (HKLM\...\KB2530548-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2544521) (HKLM\...\KB2544521-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2559049) (HKLM\...\KB2559049-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2586448) (HKLM\...\KB2586448-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2618444) (HKLM\...\KB2618444-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2647516) (HKLM\...\KB2647516-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2675157) (HKLM\...\KB2675157-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2699988) (HKLM\...\KB2699988-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2722913) (HKLM\...\KB2722913-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2846071) (HKLM\...\KB2846071-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2862772) (HKLM\...\KB2862772-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2879017) (HKLM\...\KB2879017-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127) (HKLM\...\KB938127-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653) (HKLM\...\KB939653-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615) (HKLM\...\KB942615-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533) (HKLM\...\KB944533-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759) (HKLM\...\KB950759-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838) (HKLM\...\KB953838-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390) (HKLM\...\KB956390-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215) (HKLM\...\KB958215-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714) (HKLM\...\KB960714-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260) (HKLM\...\KB961260-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027) (HKLM\...\KB963027-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897) (HKLM\...\KB969897-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB972260) (HKLM\...\KB972260-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB974455) (HKLM\...\KB974455-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB976325) (HKLM\...\KB976325-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB978207) (HKLM\...\KB978207-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB982381) (HKLM\...\KB982381-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Encoder (KB2447961) (HKLM\...\KB2447961_WM9L) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Encoder (KB954156) (HKLM\...\KB954156_WM9L) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Encoder (KB979332) (HKLM\...\KB979332_WM9L) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 10 (KB911565) (Version:  - Microsoft Corporation) Hidden
Sicherheitsupdate für Windows Media Player 10 (KB917734) (HKLM\...\KB917734_WMP10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 10 (KB936782) (HKLM\...\KB936782_WMP10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 11 (KB936782) (HKLM\...\KB936782_WMP11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2279986) (HKLM\...\KB2279986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296199) (HKLM\...\KB2296199) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2436673) (HKLM\...\KB2436673) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2510581) (HKLM\...\KB2510581) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276) (HKLM\...\KB2536276) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2660465) (HKLM\...\KB2660465) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB938464) (HKLM\...\KB938464) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB938464-v2) (HKLM\...\KB938464-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376) (HKLM\...\KB951376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951698) (HKLM\...\KB951698) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB953839) (HKLM\...\KB953839) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954211) (HKLM\...\KB954211) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954459) (HKLM\...\KB954459) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954600) (HKLM\...\KB954600) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956391) (HKLM\...\KB956391) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956841) (HKLM\...\KB956841) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957095) (HKLM\...\KB957095) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958690) (HKLM\...\KB958690) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960715) (HKLM\...\KB960715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961371-v2) (HKLM\...\KB961371-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961373) (HKLM\...\KB961373) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB968537) (HKLM\...\KB968537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969898) (HKLM\...\KB969898) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971961) (HKLM\...\KB971961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973346) (HKLM\...\KB973346) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977165) (HKLM\...\KB977165) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981349) (HKLM\...\KB981349) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981957) (HKLM\...\KB981957) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)
softonic-de3 Toolbar (HKLM\...\softonic-de3 Toolbar) (Version: 6.8.5.1 - softonic-de3) <==== ATTENTION
SSC Service Utility v4.30 (HKLM\...\SSC Service Utility_is1) (Version:  - SSC Localization Group)
StarOffice 6.0 (HKLM\...\StarOffice 6.0) (Version: 6.0 - Sun Microsystems, Inc.)
StPaint Ver.1.5.1.2 (HKLM\...\StPaint_is1) (Version: 1.5.1.2 - Texnai Inc.)
StuffIt Standard (HKLM\...\InstallShield_{40ABF1E0-8B6F-4D32-B343-E19FA2F04B3C}) (Version: 9.0.0.21 - Allume Systems, Inc.)
StuffIt Standard (Version: 9.0.0.21 - Allume Systems, Inc.) Hidden
Text-To-Speech-Runtime (HKLM\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Trust WB-1200p Mini Webcam (HKLM\...\InstallShield_{434890AA-2E4F-48B6-8417-6E1AB735F55F}) (Version: 1.0.4.7 - Ihr Firmenname)
Trust WB-1200p Mini Webcam (Version: 1.0.4.7 - Ihr Firmenname) Hidden
Update for Zip Opener (HKU\S-1-5-21-484763869-630328440-839522115-1004\...\DSite) (Version:  - ) <==== ATTENTION
Update für Windows Internet Explorer 7 (KB976749) (HKLM\...\KB976749-IE7) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 7 (KB980182) (HKLM\...\KB980182-IE7) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Vasco da Gama 4 HDPro (HKLM\...\{05BBF12D-565E-4212-8BDD-C482C72866DD}) (Version: 4.00.0000 - MotionStudios)
ViewNX (HKLM\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.1.1 - Nikon)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
VisualBee for Microsoft PowerPoint (HKU\S-1-5-21-484763869-630328440-839522115-1004\...\VisualBee for Microsoft PowerPoint) (Version: V3.9 - VisualBee.com)
WaveLab Lite (HKLM\...\WaveLab Lite) (Version:  - )
WebFldrs XP (Version: 9.50.5318 - Microsoft Corporation) Hidden
Wichtiges Update für Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
Winamp (HKLM\...\Winamp) (Version: 5.541  - Nullsoft, Inc)
Winamp Toolbar for Internet Explorer (HKLM\...\Winamp Toolbar) (Version: 5.1.28.2 - AOL LLC) <==== ATTENTION
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.8 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.5.0540.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Encoder 9-Reihe (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)
WinDVD (Version: 8.0-B6.109 - InterVideo Inc.) Hidden
WinZip (HKLM\...\WinZip) (Version:  - )
Wordslinger Deluxe (HKLM\...\Wordslinger Deluxe) (Version: 1.0.0 - Zylom Games)
Zip Opener Packages (HKU\S-1-5-21-484763869-630328440-839522115-1004\...\Zip Opener Packages) (Version:  - ) <==== ATTENTION
Zip Opener Packages 63 (HKU\S-1-5-21-484763869-630328440-839522115-1004\...\Zip Opener Packages 63) (Version:  - ) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

29-12-2014 13:59:54 Systemprüfpunkt
02-02-2015 00:04:18 Installiert Nikon Scan
02-02-2015 00:07:07 Konfiguriert Nikon Scan
04-02-2015 00:50:38 Systemprüfpunkt
11-02-2015 11:52:45 Systemprüfpunkt
16-03-2015 15:35:10 Systemprüfpunkt
17-03-2015 16:17:54 Systemprüfpunkt
18-03-2015 17:35:20 Software Distribution Service 3.0

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2001-08-18 12:00 - 2006-02-02 12:04 - 00000847 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1      localhost
127.0.0.1      localhost


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Programme\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize.job => C:\Programme\Glary Utilities\initialize.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Programme\Windows Defender\MpCmdRun.exe
Task: C:\WINDOWS\Tasks\Plus-HD-2.3-chromeinstaller.job => C:\Programme\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe/installcrx /agentregpath='Plus-HD-2.3' /extensionfilepath C:\Programme\Plus-HD-2.3\33426.crx' /appid=33426 /srcid='000195' /subid='0' /zdata='0' /bic=9B4A5AFA438F4659AF339D65CDDCDF9DIE /verifier=0a9df7a5033f1c8d477693a2bf6bc1b0 /installerversion=1_27_153 /installerfullversion=1.27.153.8 /installationtime=1373972393 /statsdomain=http:/stats.datasrvstats.com /errorsdomain=http:/errors.datasrvstats.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-2.3-codedownloader.job => C:\Programme\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe±/reinstallapp /agentregpath='Plus-HD-2.3' /appid=33426 /srcid='000195' /subid='0' /zdata='0' /bic=9B4A5AFA438F4659AF339D65CDDCDF9DIE /verifier=0a9df7a5033f1c8d477693a2bf6bc1b0 /installerversion=1_27_153 /installerfullversion=1.27.153.8 /installationtime=1373972393 /statsdomain=http:/stats.datasrvstats.com /errorsdomain=http:/errors.datasrvstats.com /codedownloaddomain=http:/app-static.crossrider.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-2.5-chromeinstaller.job => C:\Programme\Plus-HD-2.5\Plus-HD-2.5-chromeinstaller.exe/installcrx /agentregpath='Plus-HD-2.5' /extensionfilepath C:\Programme\Plus-HD-2.5\33438.crx' /appid=33438 /srcid='000055' /subid='0' /zdata='0' /bic=9B4A5AFA438F4659AF339D65CDDCDF9DIE /verifier=0a9df7a5033f1c8d477693a2bf6bc1b0 /installerversion=1_27_153 /installerfullversion=1.27.153.5 /installationtime=1373971403 /statsdomain=http:/stats.myserverstat.com /errorsdomain=http:/errors.myserverstat.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\Plus-HD-2.5-codedownloader.job => C:\Programme\Plus-HD-2.5\Plus-HD-2.5-codedownloader.exe±/reinstallapp /agentregpath='Plus-HD-2.5' /appid=33438 /srcid='000055' /subid='0' /zdata='0' /bic=9B4A5AFA438F4659AF339D65CDDCDF9DIE /verifier=0a9df7a5033f1c8d477693a2bf6bc1b0 /installerversion=1_27_153 /installerfullversion=1.27.153.5 /installationtime=1373971403 /statsdomain=http:/stats.myserverstat.com /errorsdomain=http:/errors.myserverstat.com /codedownloaddomain=http:/app-static.crossrider.com <==== ATTENTION
Task: C:\WINDOWS\Tasks\RMSchedule.job => C:\Programme\Registry Mechanic\RegMech.exe

==================== Loaded Modules (whitelisted) ==============

2013-08-10 14:47 - 2013-07-26 11:10 - 02691536 _____ () c:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll
2005-05-27 22:27 - 2005-05-27 22:27 - 00008704 _____ () C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork1.dll
2008-12-14 17:35 - 2002-07-04 09:38 - 00053248 _____ () C:\Programme\ArcSoft\PhotoImpression 5\share\pihook.dll
2013-09-03 14:54 - 2013-09-03 14:54 - 00301056 _____ () C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
2005-05-10 14:24 - 2006-03-09 14:29 - 00466944 _____ () C:\WINDOWS\system32\nvshell.dll
2008-08-04 00:02 - 2008-08-04 00:02 - 00036352 _____ () C:\Programme\Winamp\winampa.exe
2013-08-10 14:47 - 2013-07-26 11:10 - 02691536 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll
2006-12-24 16:54 - 2006-12-05 16:57 - 00315432 _____ () C:\Programme\AntiVir PersonalEdition Classic\sqlite3.dll
2013-07-16 11:39 - 2013-07-16 11:39 - 03744104 _____ () C:\Programme\BrowseForTheCause\BrowseForTheCause.exe
2009-11-19 10:20 - 2009-11-19 10:20 - 02121728 _____ () C:\Programme\Gemeinsame Dateien\LightScribe\QtCore4.dll
2009-11-19 10:20 - 2009-11-19 10:20 - 07745536 _____ () C:\Programme\Gemeinsame Dateien\LightScribe\QtGui4.dll
2009-11-19 10:20 - 2009-11-19 10:20 - 00135168 _____ () C:\Programme\Gemeinsame Dateien\LightScribe\plugins\imageformats\qjpeg4.dll
2013-08-10 14:47 - 2013-07-26 11:11 - 02847696 _____ () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe
2005-05-10 14:25 - 2008-04-14 03:22 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2012-08-10 15:51 - 2013-07-16 12:32 - 00985088 _____ () C:\Programme\OpenOffice.org 3\program\libxml2.dll
2010-01-05 14:33 - 2007-05-14 03:54 - 00272024 ____N () C:\Programme\CyberLink\Shared Files\RichVideo.exe
2006-09-17 12:28 - 2005-01-14 08:32 - 00053248 _____ () C:\WINDOWS\System32\PAStiSvc.exe
2013-11-13 14:04 - 2013-11-06 09:26 - 04055504 _____ () C:\Programme\Google\Chrome\Application\31.0.1650.48\pdf.dll
2013-11-13 14:04 - 2013-11-06 09:26 - 00399312 _____ () C:\Programme\Google\Chrome\Application\31.0.1650.48\ppGoogleNaClPluginChrome.dll
2013-11-13 14:03 - 2013-11-06 09:25 - 01619408 _____ () C:\Programme\Google\Chrome\Application\31.0.1650.48\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57:zylomtest
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57:zylomtr{000HQ7FF-AD7A-3FG1-IB2C-219EDFQMGVVE}
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57:zylomtr{000HQ7FF-AD7A-3FG2-117O-24P094HPUVVP}
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57:zylomtr{000HQ7FF-AD7A-3FG3-8AT4-258NF6K78VVT}
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57:zylomtr{000HQ7FF-AD7A-3FG3-USK1-22JKKIT3EVV6}
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57:zylomtr{000HQ7FF-AD7A-3FG4-D1JD-22NQ5L514VV8}
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie:zylomtest
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie:zylomtr{000HQ7FF-AD7A-3FG1-IB2C-219EDFQMGVVE}
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie:zylomtr{000HQ7FF-AD7A-3FG2-117O-24P094HPUVVP}
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie:zylomtr{000HQ7FF-AD7A-3FG3-8AT4-258NF6K78VVT}
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie:zylomtr{000HQ7FF-AD7A-3FG3-USK1-22JKKIT3EVV6}
AlternateDataStreams: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie:zylomtr{000HQ7FF-AD7A-3FG4-D1JD-22NQ5L514VV8}
AlternateDataStreams: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-484763869-630328440-839522115-1004\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 50.7.75.18 - 107.6.133.6

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-484763869-630328440-839522115-500 - Administrator - Enabled)
ASPNET (S-1-5-21-484763869-630328440-839522115-1005 - Limited - Enabled)
Gast (S-1-5-21-484763869-630328440-839522115-501 - Limited - Enabled)
Hilfeassistent (S-1-5-21-484763869-630328440-839522115-1000 - Limited - Enabled)
SUPPORT_388945a0 (S-1-5-21-484763869-630328440-839522115-1002 - Limited - Disabled)
Ulfilas57 (S-1-5-21-484763869-630328440-839522115-1004 - Administrator - Enabled) => %SystemDrive%\Dokumente und Einstellungen\Ulfilas57.ULFILAS

==================== Faulty Device Manager Devices =============

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Druckeranschluss (LPT3)
Description: Druckeranschluss
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standardanschlusstypen)
Service: Parport
Problem: : Windows cannot determine the settings for this device. Consult the documentation that came with this device and use the Resource tab to set the configuration. (Code 34)
Resolution: The device requires manual configuration. See the hardware documentation or contact the hardware vendor for instructions on manually configuring the device. After you configure the device itself, you can use the "Resources" tab in Device Manager to configure the resource settings in Windows.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2015 05:16:14 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=15:app=OfficeVirt 9014006104070000:tid=EDC}
Der Client konnte keine Verbindung mit Application Virtualization Server herstellen (Rückgabecode 24604E0A-40000194).

Error: (03/18/2015 05:16:13 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=15:app=OfficeVirt 9014006104070000:tid=EDC}
Application Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/HomeStudentC2R/de-de/14.0.4763.1000/HomeStudentC2R.de-de_14.0.6114.5002.sft' herstellen (Rückgabecode 24604E0A-40000194, ursprünglicher Rückgabecode 24604E0A-40000194).

Error: (03/18/2015 11:05:51 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0061-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. BITS wird den Vorgang wiederholen, sobald der Adapter über eine Verbindung verfügt.

Error: (03/18/2015 02:04:04 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Error: (03/17/2015 02:04:04 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Error: (03/16/2015 03:32:13 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Error: (03/16/2015 03:25:02 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0061-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. BITS wird den Vorgang wiederholen, sobald der Adapter über eine Verbindung verfügt.

Error: (02/11/2015 11:37:41 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Error: (02/11/2015 11:29:17 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0061-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. BITS wird den Vorgang wiederholen, sobald der Adapter über eine Verbindung verfügt.

Error: (02/04/2015 02:18:14 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL


System errors:
=============
Error: (03/18/2015 05:14:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WebCake Desktop Updater" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (03/18/2015 05:14:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Zeitüberschreitung (30000 ms) beim Warten auf eine Transaktionsrückmeldung von Dienst Akamai.

Error: (03/18/2015 05:14:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/18/2015 05:14:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Wsys Service" wurde nicht ordnungsgemäß gestartet.

Error: (03/18/2015 05:19:43 PM) (Source: 0) (EventID: 2) (User: )
Description:

Error: (03/18/2015 03:16:25 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht, eine Verbindung herzustellen.

Error: (03/16/2015 03:17:30 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Verbindung nicht möglich: Es konnte keine Verbindung mit dem Dienst "Automatische Updates" hergestellt werden, daher können Updates nicht nach dem angegebenen Zeitplan heruntergeladen und installiert werden. Es wird weiterhin versucht, eine Verbindung herzustellen.

Error: (03/16/2015 03:14:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WebCake Desktop Updater" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (03/16/2015 03:14:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/16/2015 03:14:53 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Wsys Service" wurde nicht ordnungsgemäß gestartet.


Microsoft Office Sessions:
=========================
Error: (03/18/2015 05:16:14 PM) (Source: Application Virtualization Client) (EventID: 3008) (User: )
Description: {hap=15:app=OfficeVirt 9014006104070000:tid=EDC}
24604E0A-40000194

Error: (03/18/2015 05:16:13 PM) (Source: Application Virtualization Client) (EventID: 5009) (User: )
Description: {hap=15:app=OfficeVirt 9014006104070000:tid=EDC}
hxxp://c2r.microsoft.com/HomeStudentC2R/de-de/14.0.4763.1000/HomeStudentC2R.de-de_14.0.6114.5002.sft24604E0A-4000019424604E0A-40000194

Error: (03/18/2015 11:05:51 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0061-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. BITS wird den Vorgang wiederholen, sobald der Adapter über eine Verbindung verfügt.

Error: (03/18/2015 02:04:04 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Error: (03/17/2015 02:04:04 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Error: (03/16/2015 03:32:13 PM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Error: (03/16/2015 03:25:02 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0061-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. BITS wird den Vorgang wiederholen, sobald der Adapter über eine Verbindung verfügt.

Error: (02/11/2015 11:37:41 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Error: (02/11/2015 11:29:17 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0061-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. BITS wird den Vorgang wiederholen, sobald der Adapter über eine Verbindung verfügt.

Error: (02/04/2015 02:18:14 AM) (Source: MPSampleSubmission) (EventID: 5000) (User: )
Description: mptelemetry8024402cendsearchsearch1.1.1593.0mpsigdwn.dll1.1.1593.0windows defenderNILNILNIL

Die Kiste quält sich wirklich! Ist extrem schlimm...

schrauber 19.03.2015 21:04
Das ist alles Freeware, MBAM als Freeware nutzen. NUr EMsisoft als AV Empfehlung ist keine Freeware.


Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Browse for the Cause

    BrowserDefender

    Delta Chrome Toolbar

    File Opener Pro

    Plus-HD-2.3

    Plus-HD-2.5

    softonic-de3 Toolbar

    Update for Zip Opener

    Winamp Toolbar for Internet Explorer (HKLM\...\Winamp Toolbar) (Version: 5.1.28.2 - AOL LLC) <==== ATTENTION

    Zip Opener Packages

    Zip Opener Packages 63


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
    Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die Endbenutzer-Lizenz.
    Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls etwas schief geht.
    Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
    Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es eine Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

ulfilas-bs 20.03.2015 16:24
Das war jetzt aber eine richtige schwere Geburt! Der Rechner hat sich mit Händen und Füßen gewehrt, daß es ihm an den Kragen geht. Hat alles unheimlich lange gedauert, aber wir sind zumindest jetzt schon mal einen Schritt weiter.

"Browse Defender" habe ich in meiner Liste nicht entdecken können.

Ich habe aber bei dieser Gelegenheit gleich noch einige Programme entfernt, die ich sowieso seit Jahren nicht mehr benutzt habe.

Hoffe, es war nichts Lebenswichtiges dabei ...

Dreamweaver CS3 hätte ich auch gern gelöscht, ging aber nicht. Auch nicht mit dem eigenen Deinstallationsprogramm. Was kann man da tun?

Hier nun das Logfile von Combofix:

Combofix Logfile:
Code:
ComboFix 15-03-14.03 - Ulfilas57 20.03.2015  15:51:22.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.49.1031.18.511.184 [GMT 1:00]
ausgeführt von:: c:\dokumente und einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *Enabled/Outdated* {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
c:\dokumente und einstellungen\Ulfilas57 - Kopie\WINDOWS
c:\dokumente und einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\337
c:\dokumente und einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\ACD Systems\ACDSee\ImageDB.ddf
C:\index.htm
c:\programme\D
C:\Thumbs.db
c:\windows\$msi31uninstall_kb893803v2$
c:\windows\$msi31uninstall_kb893803v2$\msi.dll
c:\windows\$msi31uninstall_kb893803v2$\msiexec.exe
c:\windows\$msi31uninstall_kb893803v2$\msihnd.dll
c:\windows\$msi31uninstall_kb893803v2$\msimsg.dll
c:\windows\$msi31uninstall_kb893803v2$\msisip.dll
c:\windows\$msi31uninstall_kb893803v2$\reg00013
c:\windows\$msi31uninstall_kb893803v2$\reg00014
c:\windows\$msi31uninstall_kb893803v2$\reg00015
c:\windows\$msi31uninstall_kb893803v2$\reg00016
c:\windows\$msi31uninstall_kb893803v2$\reg00017
c:\windows\$msi31uninstall_kb893803v2$\reg00018
c:\windows\$msi31uninstall_kb893803v2$\reg00019
c:\windows\$msi31uninstall_kb893803v2$\reg00020
c:\windows\$msi31uninstall_kb893803v2$\reg00021
c:\windows\$msi31uninstall_kb893803v2$\reg00022
c:\windows\$msi31uninstall_kb893803v2$\reg00023
c:\windows\$msi31uninstall_kb893803v2$\reg00024
c:\windows\$msi31uninstall_kb893803v2$\reg00025
c:\windows\$msi31uninstall_kb893803v2$\reg00026
c:\windows\$msi31uninstall_kb893803v2$\reg00027
c:\windows\$msi31uninstall_kb893803v2$\reg00028
c:\windows\$msi31uninstall_kb893803v2$\reg00029
c:\windows\$msi31uninstall_kb893803v2$\reg00030
c:\windows\$msi31uninstall_kb893803v2$\reg00031
c:\windows\$msi31uninstall_kb893803v2$\reg00032
c:\windows\$msi31uninstall_kb893803v2$\reg00033
c:\windows\$msi31uninstall_kb893803v2$\reg00034
c:\windows\$msi31uninstall_kb893803v2$\reg00035
c:\windows\$msi31uninstall_kb893803v2$\reg00036
c:\windows\$msi31uninstall_kb893803v2$\reg00037
c:\windows\$msi31uninstall_kb893803v2$\reg00038
c:\windows\$msi31uninstall_kb893803v2$\reg00039
c:\windows\$msi31uninstall_kb893803v2$\reg00040
c:\windows\$msi31uninstall_kb893803v2$\reg00041
c:\windows\$msi31uninstall_kb893803v2$\reg00042
c:\windows\$msi31uninstall_kb893803v2$\reg00043
c:\windows\$msi31uninstall_kb893803v2$\reg00044
c:\windows\$msi31uninstall_kb893803v2$\reg00045
c:\windows\$msi31uninstall_kb893803v2$\reg00046
c:\windows\$msi31uninstall_kb893803v2$\reg00047
c:\windows\$msi31uninstall_kb893803v2$\reg00048
c:\windows\$msi31uninstall_kb893803v2$\reg00051
c:\windows\$msi31uninstall_kb893803v2$\reg00052
c:\windows\$msi31uninstall_kb893803v2$\reg00053
c:\windows\$msi31uninstall_kb893803v2$\reg00054
c:\windows\$msi31uninstall_kb893803v2$\reg00055
c:\windows\$msi31uninstall_kb893803v2$\reg00056
c:\windows\$msi31uninstall_kb893803v2$\reg00057
c:\windows\$msi31uninstall_kb893803v2$\reg00058
c:\windows\$msi31uninstall_kb893803v2$\reg00059
c:\windows\$msi31uninstall_kb893803v2$\reg00060
c:\windows\$msi31uninstall_kb893803v2$\reg00061
c:\windows\$msi31uninstall_kb893803v2$\reg00062
c:\windows\$msi31uninstall_kb893803v2$\reg00063
c:\windows\$msi31uninstall_kb893803v2$\reg00064
c:\windows\$msi31uninstall_kb893803v2$\reg00065
c:\windows\$msi31uninstall_kb893803v2$\reg00066
c:\windows\$msi31uninstall_kb893803v2$\reg00067
c:\windows\$msi31uninstall_kb893803v2$\reg00068
c:\windows\$msi31uninstall_kb893803v2$\reg00069
c:\windows\$msi31uninstall_kb893803v2$\reg00070
c:\windows\$msi31uninstall_kb893803v2$\reg00071
c:\windows\$msi31uninstall_kb893803v2$\reg00072
c:\windows\$msi31uninstall_kb893803v2$\reg00073
c:\windows\$msi31uninstall_kb893803v2$\reg00074
c:\windows\$msi31uninstall_kb893803v2$\reg00075
c:\windows\$msi31uninstall_kb893803v2$\reg00076
c:\windows\$msi31uninstall_kb893803v2$\reg00077
c:\windows\$msi31uninstall_kb893803v2$\reg00078
c:\windows\$msi31uninstall_kb893803v2$\reg00079
c:\windows\$msi31uninstall_kb893803v2$\reg00080
c:\windows\$msi31uninstall_kb893803v2$\reg00081
c:\windows\$msi31uninstall_kb893803v2$\reg00082
c:\windows\$msi31uninstall_kb893803v2$\reg00083
c:\windows\$msi31uninstall_kb893803v2$\reg00084
c:\windows\$msi31uninstall_kb893803v2$\reg00085
c:\windows\$msi31uninstall_kb893803v2$\reg00086
c:\windows\$msi31uninstall_kb893803v2$\reg00087
c:\windows\$msi31uninstall_kb893803v2$\reg00088
c:\windows\$msi31uninstall_kb893803v2$\reg00089
c:\windows\$msi31uninstall_kb893803v2$\reg00090
c:\windows\$msi31uninstall_kb893803v2$\reg00091
c:\windows\$msi31uninstall_kb893803v2$\reg00092
c:\windows\$msi31uninstall_kb893803v2$\reg00093
c:\windows\$msi31uninstall_kb893803v2$\reg00094
c:\windows\$msi31uninstall_kb893803v2$\reg00095
c:\windows\$msi31uninstall_kb893803v2$\reg00096
c:\windows\$msi31uninstall_kb893803v2$\reg00097
c:\windows\$msi31uninstall_kb893803v2$\reg00098
c:\windows\$msi31uninstall_kb893803v2$\reg00099
c:\windows\$msi31uninstall_kb893803v2$\reg00100
c:\windows\$msi31uninstall_kb893803v2$\reg00101
c:\windows\$msi31uninstall_kb893803v2$\reg00102
c:\windows\$msi31uninstall_kb893803v2$\reg00103
c:\windows\$msi31uninstall_kb893803v2$\reg00104
c:\windows\$msi31uninstall_kb893803v2$\reg00105
c:\windows\$msi31uninstall_kb893803v2$\reg00106
c:\windows\$msi31uninstall_kb893803v2$\reg00107
c:\windows\$msi31uninstall_kb893803v2$\reg00108
c:\windows\$msi31uninstall_kb893803v2$\reg00109
c:\windows\$msi31uninstall_kb893803v2$\reg00110
c:\windows\$msi31uninstall_kb893803v2$\reg00111
c:\windows\$msi31uninstall_kb893803v2$\reg00112
c:\windows\$msi31uninstall_kb893803v2$\reg00113
c:\windows\$msi31uninstall_kb893803v2$\reg00114
c:\windows\$msi31uninstall_kb893803v2$\reg00115
c:\windows\$msi31uninstall_kb893803v2$\reg00116
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.exe
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.inf
c:\windows\$msi31uninstall_kb893803v2$\spuninst\spuninst.txt
c:\windows\$msi31uninstall_kb893803v2$\spuninst\updspapi.dll
c:\windows\IsUn0407.exe
c:\windows\msdownld.tmp
c:\windows\system32\cseDVH.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\SET9A7.tmp
c:\windows\system32\SET9A8.tmp
c:\windows\system32\SET9A9.tmp
c:\windows\system32\SET9AA.tmp
c:\windows\system32\SET9AB.tmp
c:\windows\system32\SET9AF.tmp
c:\windows\UA000081.DLL
c:\windows\unin0407.exe
c:\windows\wininit.ini
c:\windows\wmsysprx.prx
.
.
(((((((((((((((((((((((  Dateien erstellt von 2015-02-20 bis 2015-03-20  ))))))))))))))))))))))))))))))
.
.
2015-03-20 10:17 . 2015-03-20 10:17        62576        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Windows Defender\Definition Updates\{DFB3C55F-D3C6-4F28-BAC6-137B1762CB87}\offreg.dll
2015-03-20 09:54 . 2015-02-16 04:21        9041640        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Windows Defender\Definition Updates\{DFB3C55F-D3C6-4F28-BAC6-137B1762CB87}\mpengine.dll
2015-03-20 01:30 . 2015-03-20 01:30        0        ----a-w-        c:\windows\system32\sho80.tmp
2015-03-20 01:01 . 2015-03-20 01:01        --------        d-----w-        c:\dokumente und einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\ABBYY
2015-03-20 01:01 . 2015-03-20 01:01        --------        d-----w-        c:\dokumente und einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\ABBYY
2015-03-19 23:07 . 2015-03-19 23:07        --------        d-----w-        c:\programme\VS Revo Group
2015-03-19 11:18 . 2015-03-19 11:18        0        ----a-w-        c:\windows\system32\sho3AD.tmp
2015-03-18 16:31 . 2014-02-26 23:28        13312        -c----w-        c:\windows\system32\dllcache\xp_eos.exe
2015-03-18 16:31 . 2014-02-26 23:28        13312        ------w-        c:\windows\system32\xp_eos.exe
2015-03-18 16:25 . 2015-03-18 17:20        --------        d-----w-        C:\FRST
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-24 03:23 . 2009-10-02 23:46        246920        ------w-        c:\windows\system32\MpSigStub.exe
2015-02-16 04:21 . 2006-12-25 17:00        9041640        ----a-w-        c:\dokumente und einstellungen\All Users\Anwendungsdaten\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-02-01 23:08 . 2015-02-01 23:08        17        ----a-w-        c:\windows\system32\sho1C.tmp
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe" [2009-11-20 2363392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-03-09 7561216]
"Automatisch EPSON Stylus Photo R200 Series auf MARION"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE" [2003-09-11 99840]
"HostManager"="c:\programme\Gemeinsame Dateien\AOL\1186092089\ee\AOLSoftware.exe" [2006-09-26 50736]
"nwiz"="nwiz.exe" [2006-03-09 1519616]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 101136]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2009-09-05 417792]
"TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2009-09-11 198160]
"SSC Service Utility"="c:\programme\SSC Service Utility\ssc_serv.exe" [2007-10-09 665600]
"ISUSPM"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 213936]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2013-03-12 253816]
"NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\programme\Nero\Nero 7\InCD\NBHGui.exe" [2007-11-26 1629480]
"InCD"="c:\programme\Nero\Nero 7\InCD\InCD.exe" [2007-11-26 1057064]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2010-02-28 519584]
.
c:\dokumente und einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\
OpenOffice.org 3.4.1.lnk - c:\programme\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
Adobe Gamma Loader.exe.lnk - c:\programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe [2005-5-11 110592]
Logitech SetPoint.lnk - c:\programme\Logitech\SetPoint\SetPoint.exe [2009-3-29 688128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"ISUSPM"="c:\programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe" -scheduler
"TkBellExe"="c:\programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe"  -osboot
"RemoteControl"=c:\programme\CyberLink\PowerDVD\PDVDServ.exe
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" -atboottime
"AOLDialer"=c:\programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\AOL 9.0\\waol.exe"=
"c:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe"=
"c:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe"=
"c:\\Programme\\Gemeinsame Dateien\\aol\\1186092089\\ee\\aolsoftware.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Programme\\Codemasters\\Colin McRae Rally 2\\CMR2Network.exe"=
"c:\\Programme\\Codemasters\\Colin McRae Rally 2\\CMR2.exe"=
"c:\\Programme\\Bonjour\\mDNSResponder.exe"=
"c:\\Programme\\InterVideo\\DVD8\\WinDVD.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\E_DUPA20.EXE"=
"c:\\Programme\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Dokumente und Einstellungen\\Ulfilas57\\Lokale Einstellungen\\Anwendungsdaten\\Akamai\\netsession_win.exe"=
"c:\\Programme\\Google\\Chrome\\Application\\chrome.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1947:TCP"= 1947:TCP:HASP SRM
"1947:UDP"= 1947:UDP:HASP SRM
.
R2 gupdate1c9871269d85f5e;Google Update Service (gupdate1c9871269d85f5e);c:\programme\Google\Update\GoogleUpdate.exe [2015-03-18 107848]
R2 WebCake Desktop Updater;WebCake Desktop Updater;c:\programme\WebCake\WebCakeDesktop.Updater.exe [x]
R3 BENDER;Pinnacle AV/DV2 Capture;c:\windows\system32\drivers\bender.sys [2005-08-22 200320]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\magix\Common\Database\bin\fbserver.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\programme\McAfee Security Scan\2.0.181\McCHSvc.exe [x]
R3 SetupNTGLM7X;SetupNTGLM7X;I:\NTGLM7X.sys [x]
R3 UPnPService;UPnPService;c:\programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe [2006-12-14 544768]
S0 hotcore;hotcore;c:\windows\system32\drivers\hotcore.sys [2005-10-14 18208]
S1 cdrblock;cdrblock;c:\windows\system32\DRIVERS\cdrblock.sys [2008-05-30 27704]
S1 SSHDRV85;SSHDRV85;c:\windows\system32\drivers\SSHDRV85.sys [2007-03-28 78848]
S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe  -run [x]
S2 WinDefend;Windows Defender;c:\programme\Windows Defender\MsMpEng.exe [2006-11-03 13592]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-11-20 13:28        451872        ----a-w-        c:\programme\Gemeinsame Dateien\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-18 16:30        1061704        ----a-w-        c:\programme\Google\Chrome\Application\41.0.2272.89\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-12-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
2015-03-20 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
- c:\windows\system32\xp_eos.exe [2015-03-18 23:28]
.
2015-03-20 c:\windows\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
- c:\windows\system32\xp_eos.exe [2015-03-18 23:28]
.
2015-03-20 c:\windows\Tasks\GlaryInitialize.job
- c:\programme\Glary Utilities\initialize.exe [2012-01-31 08:50]
.
2015-03-20 c:\windows\Tasks\Google Software Updater.job
- c:\programme\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-24 17:08]
.
2015-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-02-04 16:18]
.
2015-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2009-02-04 16:18]
.
2015-03-20 c:\windows\Tasks\MP Scheduled Scan.job
- c:\programme\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=54E00010DCFAF9B2&affID=119357&tsp=4945
mStart Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=adk&from=adk&uid=SAMSUNGXSP1604N_0651J1FW708193&ts=1373971175
LSP: c:\programme\Google\Google Desktop Search\GoogleDesktopNetwork1.dll
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{388DB4AB-8D7B-4BA2-946F-3BDE1F6619F0}: NameServer = 50.7.75.18,107.6.133.6
TCP: Interfaces\{3ECE9A19-5146-4846-BBB2-E014515541B5}: NameServer = 50.7.75.18,107.6.133.6
TCP: Interfaces\{D6A749A3-AC13-4E2F-9449-37FA7FD3624B}: NameServer = 50.7.75.18,107.6.133.6
Handler: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - c:\programme\Haufe\HaufeReader\HRInstmon.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} - hxxp://midasplayer.aol.de/midasa.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://king.aolsvc.de/ctl/kingcomie.cab
DPF: {ABC1D8DE-CAB5-4FB7-BCD0-137BAB9F09DC} - hxxp://www.aldisued-fotos-druck.de/upload/aldi_sued_bilduebertragung.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game14.zylomgames.com/activex/zylomgamesplayer.cab
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - c:\programme\softonic-de3\prxtbsof1.dll
Toolbar-{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - c:\programme\softonic-de3\prxtbsof1.dll
HKLM-Run-LGODDFU - c:\programme\lg_fwupdate\lgfw.exe
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk - c:\programme\Ulead Systems\Ulead DVD MovieFactory 6\Ulead DVD MovieFactory 6\Common\Bin\WinCinemaMgr.exe
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk - c:\programme\McAfee Security Scan\2.0.181\SSScheduler.exe
AddRemove-Adobe Photoshop 6.0 - c:\windows\ISUN0407.EXE
AddRemove-Adobe SVG Viewer - c:\windows\IsUn0407.exe
AddRemove-Macromedia Director 7G - c:\progra~1\MACROM~1\DIRECT~1\UNWISE.EXE
AddRemove-Macromedia Director 7G Multiuser Server - c:\progra~1\MACROM~1\DIRECT~2\UNWISE.EXE
AddRemove-Macromedia Fireworks 2 - c:\windows\IsUn0407.exe
AddRemove-MAGIX Music Manager D - c:\magix\Music_Manager\instslct.exe
AddRemove-MAGIX Speed 2 D - c:\programme\MAGIX\Speed2_burnR_mxcdr\unwise.exe
AddRemove-MAGIX Xtreme Foto Designer 6 D - c:\programme\MAGIX\Xtreme_Foto_Designer_6\unwise.exe
AddRemove-McAfee Security Scan - c:\programme\McAfee Security Scan\uninstall.exe
AddRemove-Mufin MusicFinder Base D - c:\programme\MAGIX\Mufin MusicFinder\unwise.exe
AddRemove-NewBlue Effects for EDIUS 5 - c:\programme\NewBlue\NewBlue Effects for EDIUS 5\Uninstall.exe
AddRemove-proDAD-Heroglyph-2.0 - c:\programme\proDAD\Heroglyph-2.0\uninstall.exe
AddRemove-proDAD-Mercalli-1.0 - c:\programme\proDAD\Mercalli-1.0\uninstall.exe
AddRemove-proDAD-Vitascene-1.0 - c:\programme\proDAD\Vitascene-1.0\uninstall.exe
AddRemove-StPaint_is1 - c:\programme\Texnai\StPaint\unins000.exe
AddRemove-StreetPlugin - c:\programme\Learn2.com\StRunner\stuninst.exe
AddRemove-WaveLab Lite - c:\programme\Steinberg\WaveLab Lite\Unwise.exe
AddRemove-{7020FC34-6E04-4858-924D-354B28CB2402}_is1 - c:\programme\LuminanceHDR\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2015-03-20 16:12
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="81731018060566BC46D7E2EBD0FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E6675D575E7D6A3B9808A9C6AECB7A5D1407BA7FD869164D679407A24B3DBB445C0655E7D09175493FEFA75680FDEC0A62D142F06C809BCC53D519F705C37F9CE6AAADD6BA4A1C453AEF2F3563ADC8E3873E7C8601615206CAB967B441156C56B9ACCCD0E31BF1598145FEE266617242614F7EB6F87F97CA0C0B0046D44ED0245D90C8B55296D9F8DCBB524E574682F595B7C69F14BED8EBB88B48208D2D90FC10BB0AE57DF54C5B470536EBFDAE271A7B92A969032C1886235AF9B72894A29A42FCD0CAD114D67CEC3410B2120FA0099CDB4FBAEB736CF3D580A085598B917A9B802CCBAE711899B3C2941F427FC5623B7632C0E8667F598CE51E0847BCFD5F73DA835AE73045372F0C4F30ACBEFD0CC9A6A42C887C9019B8DB26408D771A4F598390E7C69AA51B2CD11F69E9AA472D6E96C7B14C4E71DCFD92C134B9AFAC948CD5DFEA861C9752A73836537F4AB33206D39409AB9A8792B4A14E6E50F9923E8512555F56C309AA54469CF7ECC5E64B204FD6708EC2CDEAE9027CFAC8123B1C6AD9A441DAC580381AE8ABE8226B1B6C015EAE27D3CDD3DA5E9351EB0DD7A7C59BB5D8952D7B94D19172133884A91FCD9E3A0E724DE3B81C859824D87C4D7196A8914FE258DDF0128A14557EEC18D16CA401BE1CC153B5AA08B7A2D76999C2A9D73CB9B3DB8E5857876948D7A8EC2907F233DC6E6A0E9449C3F9CD0A1B87DA6422E79D952D511D473EEC19627887AEA11E37D63C75ABB1FC484E7A0ECD860DEAB6ADD51BB30F29C7997E444212E600856C566FD806E3810D5B07D18C30A8C1A776090F5CCAD1760439649DA01DB1CD3F593D411DB0168987F25BCF2D63A472497558CB73434B97E9EC46CBA6B7AFDD9D15FC36E57F42E3BFBDE5C41D01D6AF41FE5F607EE04E2E2FBE30C907F1CD09B5030D0E14F1113FC61C23561092BD9B470F45F821DBD1F5C8E592E472521D3D5FBA445D8C784ADCF921F77DBA18FA6F5359161101DFF338725342C2A1D052F9B687E10C37F9DB14F29628865604D6F4A44140FC498DF2D62DA87757515BC6561BE806558150594F95F9E09121BC3B8B3EE098DF28F7B3C538BCCDEE4052777C3292B7C85AC9F60C85F8AE955C9DB7A66506D43451A8BC8D1E98C628310A84A7636CDE4AB8A7105DABF984D8CD767F4D24B291C8FA19BBC829FC47F4ECCB33A8DA11C912939F21683695B779BF89681B489BCEBFDEBC7FAA68DB161EBF566DE60950A8AB68DDCCE716980568FE0FEDBFE42A6E8CBC747DF4AED9E0BBF6D8BE5A21AE127737FDD82C008209E85CAFAF7DCFFCB87AD61A4B0192D3B63E6978D8909CE17FA806942F93ED08C616300D"
.
Zeit der Fertigstellung: 2015-03-20  16:17:59
ComboFix-quarantined-files.txt  2015-03-20 15:17
.
Vor Suchlauf: 26 Verzeichnis(se), 40.282.746.880 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 41.251.352.576 Bytes frei
.
WindowsXP-KB310994-SP2-Home-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - A583E122567A0423A59E7ED207705F22
--- --- ---
72B8CE41AF0DE751C946802B3ED844B4
[/HTML]

Viele Grüße

Wolfgang

schrauber 21.03.2015 11:09
Erstmal machen wir die Malware runter :)

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

ulfilas-bs 21.03.2015 15:41
Hallo Schrauber,

ich habe jetzt auf dem XP MBAM laufen lassen. Das Programm hat auch so einiges gefunden, irritiert hat es mich dann aber, dass der weitere Ablauf nicht so war, wie in der Anleitung beschrieben und wie ich es vom Win7-Rechner her kenne:

Nachdem die Übeltäter ermittelt waren, hatte ich gar keine Chance, sie in Quarantäne zu verschieben.

Die Benutzeroberfläche von MBAM sah völlig anders aus, und ich wurde auch nur gefragt, ob die Fundstücke gelöscht werden sollen oder nicht. Ich habe mich für das Löschen entschieden - hoffe, das war richtig so.

Dies ist jetzt nur ein kleiner Zwischenbericht. Ich komme vermutlich erst wieder am Mittwoch dazu, mich mit diesem Computer zu befassen.

Soll ich dann MBAM noch einmal durchlaufen lassen oder von irgendwoher eine andere Version herunterladen?

Viele Grüße

Wolfgang

schrauber 22.03.2015 07:59
nee, einfach mit dem Rest weiter machen :)

ulfilas-bs 26.03.2015 00:44
Hallo Schrauber,

das (verlängerte) Wochenende ist rum und wir können uns wieder um den Problemrechner kümmern.

Hier die MBAM-Datei vom letzten Freitag:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 21.03.2015
Suchlauf-Zeit: 13:39:32
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.03.21.04
Rootkit Datenbank: v2015.02.25.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Ulfilas57

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 418103
Verstrichene Zeit: 1 Std, 9 Min, 51 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)


Weiter geht's mit AdwCleaner. Hier muß ich dazusagen, daß das Programm gar nichts gefunden hat. Ich habe aber trotzdem auf "Löschen" geklickt, und das war sicher auch gut so.

Hier das Ergebnis:

Code:
# AdwCleaner v4.113 - Bericht erstellt 25/03/2015 um 15:13:25
# Aktualisiert 22/03/2015 von Xplode
# Datenbank : 2015-03-23.1 [Server]
# Betriebssystem : Microsoft Windows XP Service Pack 3 (x86)
# Benutzername : Ulfilas57 - ULFILAS
# Gestarted von : C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads\AdwCleaner_4.113.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Trymedia
Ordner Gelöscht : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
Ordner Gelöscht : C:\Programme\AskTBar
Ordner Gelöscht : C:\Programme\Conduit
Ordner Gelöscht : C:\Programme\registry mechanic
Ordner Gelöscht : C:\Programme\Uniblue
Ordner Gelöscht : C:\Programme\Viewpoint
Datei Gelöscht : C:\WINDOWS\system32\conduitEngine.tmp

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DivX\DivX Codec\Produkte registrieren.lnk
Verknüpfung Desinfiziert : C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKCU\Software\5e28bd9e76fbd17
Schlüssel Gelöscht : HKLM\SOFTWARE\5e28bd9e76fbd17
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
Schlüssel Gelöscht : HKCU\Software\qtrax
Schlüssel Gelöscht : HKCU\Software\visualbee
Schlüssel Gelöscht : HKCU\Software\BrowseForTheCause
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Desksvc
Schlüssel Gelöscht : HKLM\SOFTWARE\eSafeSecControl
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\MetaStream
Schlüssel Gelöscht : HKLM\SOFTWARE\omigaplusSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\VBMZ
Schlüssel Gelöscht : HKLM\SOFTWARE\Viewpoint
Schlüssel Gelöscht : HKLM\SOFTWARE\visualbee
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DSite
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VisualBee for Microsoft PowerPoint
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WsysControl
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowseForTheCause

***** [ Internetbrowser ] *****

-\\ Internet Explorer v7.0.6000.21376


-\\ Google Chrome v41.0.2272.101


*************************

AdwCleaner[R0].txt - [6887 Bytes] - [25/03/2015 15:05:38]
AdwCleaner[S0].txt - [7352 Bytes] - [25/03/2015 15:13:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7411  Bytes] ##########


Jetzt JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.6 (03.22.2015:1)
OS: Microsoft Windows XP x86
Ran by Ulfilas57 on 25.03.2015 at 16:15:35,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\isuspm



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\babylon"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\dsite"
Successfully deleted: [Folder] "C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\qtrax"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.03.2015 at 16:23:00,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST ist in Arbeit.

Da ist es:




FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Ulfilas57 (administrator) on ULFILAS on 25-03-2015 16:40:45
Running from C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads
Loaded Profiles: Ulfilas57 (Available profiles: Ulfilas57)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Programme\Windows Defender\MsMpEng.exe
(Avira GmbH) C:\Programme\AntiVir PersonalEdition Classic\sched.exe
(AVIRA GmbH) C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
(AOL LLC) C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
(Aladdin Knowledge Systems Ltd.) C:\WINDOWS\system32\hasplms.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
(InterVideo) C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
() C:\WINDOWS\system32\PAStiSvc.exe
(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbam.exe
(America Online, Inc.) C:\Programme\Gemeinsame Dateien\aol\1186092089\ee\aolsoftware.exe
(Apple Inc.) C:\Programme\QuickTime\QTTask.exe
(SSC Localization Group) C:\Programme\SSC Service Utility\ssc_serv.exe
(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\NBHGui.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCD.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe
(Logitech Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.bin
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Automatisch EPSON Stylus Photo R200 Series auf MARION] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE [99840 2003-09-11] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [HostManager] => C:\Programme\Gemeinsame Dateien\AOL\1186092089\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [101136 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [417792 2009-09-05] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [198160 2009-09-11] (RealNetworks, Inc.)
HKLM\...\Run: [SSC Service Utility] => C:\Programme\SSC Service Utility\ssc_serv.exe [665600 2007-10-09] (SSC Localization Group)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [SecurDisc] => C:\Programme\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-11-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Programme\Nero\Nero 7\InCD\InCD.exe [1057064 2007-11-26] (Nero AG)
HKU\S-1-5-21-484763869-630328440-839522115-1004\...\Run: [LightScribe Control Panel] => C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe [2363392 2009-11-20] (Hewlett-Packard Company)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [519584 2010-02-28] (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Startmenü\Programme\Autostart\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-484763869-630328440-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-484763869-630328440-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-09-03] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll [2013-08-20] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> c:\programme\google\googletoolbar1.dll [2007-01-19] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-01-14] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll [2013-08-20] (Oracle Corporation)
BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} hxxp://midasplayer.aol.de/midasa.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/hidinputmonitorx.ocx
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} hxxp://download.ebay.com/turbo_lister/DE/install.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} hxxp://king.aolsvc.de/ctl/kingcomie.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} hxxp://aolcc.aol.de/computercheckup/qdiagcc.cab
DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/A9.ocx
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1115727237102
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152046154312
DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/wmvhdrating.ocx
DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} hxxp://www.parallelgraphics.com/bin/cortvrml.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://office.dogcam.smalldog.com/activex/AxisCamControl.cab
DPF: {ABC1D8DE-CAB5-4FB7-BCD0-137BAB9F09DC} hxxp://www.aldisued-fotos-druck.de/upload/aldi_sued_bilduebertragung.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game14.zylomgames.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll [2005-04-27] (Haufe Mediengruppe)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll [2008-07-30] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{388DB4AB-8D7B-4BA2-946F-3BDE1F6619F0}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{3ECE9A19-5146-4846-BBB2-E014515541B5}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{D6A749A3-AC13-4E2F-9449-37FA7FD3624B}: [NameServer] 50.7.75.18,107.6.133.6

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2010-01-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-04-26] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll [2009-10-23] ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-01-03] (DivX, Inc)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Programme\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-09] (Google)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nppl3260.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 -> c:\programme\real\realone player\Netscape6\nprjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nprpjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-23]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=54E00010DCFAF9B2&affID=119357&tsp=4945"
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\41.0.2272.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\41.0.2272.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Zylom Plugin) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\programme\real\realone player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\programme\real\realone player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\programme\real\realone player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Profile: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
StartMenuInternet: chrome.exe - Chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-06-27] (Adobe Systems) [File not signed]
R2 AntiVirScheduler; C:\Programme\AntiVir PersonalEdition Classic\sched.exe [47656 2006-11-13] (Avira GmbH) [File not signed]
R2 AntiVirService; C:\Programme\AntiVir PersonalEdition Classic\avguard.exe [200744 2006-11-24] (AVIRA GmbH) [File not signed]
R2 AOL ACS; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)
R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2010-02-20] (Acresso Software Inc.)
S2 gupdate1c9871269d85f5e; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S2 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-09] (Google)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [2562048 2008-04-24] (Aladdin Knowledge Systems Ltd.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545568 2009-10-28] (Apple Inc.)
R2 IviRegMgr; C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe [112152 2007-01-04] (InterVideo)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182184 2013-08-20] (Oracle Corporation)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2009-11-20] (Hewlett-Packard Company) [File not signed]
S3 Macromedia Licensing Service; C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2007-09-10] () [File not signed]
R2 MBAMScheduler; C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)
S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [143436 2006-03-09] (NVIDIA Corporation) [File not signed]
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [339456 2006-06-02] (O&O Software GmbH) [File not signed]
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [53248 2005-01-14] () [File not signed]
R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-01-18] (Ulead Systems, Inc.)
S3 UPnPService; C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.) [File not signed]
R2 WinDefend; C:\Programme\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [X]
S3 McComponentHostService; "C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aksfridge; C:\WINDOWS\System32\DRIVERS\aksfridge.sys [350720 2008-03-18] (Aladdin Knowledge Systems Ltd.)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [238976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
S3 akshhl; C:\WINDOWS\System32\DRIVERS\akshhl.sys [46336 2007-07-23] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [14976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [695852 2003-01-10] (Realtek Semiconductor Corp.) [File not signed]
R1 avgio; C:\Programme\AntiVir PersonalEdition Classic\avgio.sys [7296 2006-11-22] (AVIRA GmbH) [File not signed]
R3 avgntflt; C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys [45104 2006-11-24] (AVIRA GmbH)
S3 BENDER; C:\WINDOWS\System32\drivers\bender.sys [200320 2005-08-22] (Pinnacle Systems) [File not signed]
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-05-14] (Avanquest Software) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cdrblock; C:\WINDOWS\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 giveio; C:\WINDOWS\system32\giveio.sys [5248 2009-05-15] () [File not signed]
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [586240 2008-02-11] (Aladdin Knowledge Systems Ltd.)
R0 hotcore; C:\WINDOWS\System32\drivers\hotcore.sys [18208 2005-10-14] (Paragon Software Group) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [38440 2007-11-26] (Nero AG)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]
S3 KMWDFilter; C:\WINDOWS\System32\Drivers\KMWDFilter.SYS [17024 2007-03-29] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171008 2005-06-02] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-25] (Malwarebytes Corporation)
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [3650368 2006-03-09] (NVIDIA Corporation) [File not signed]
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation      )
R1 SSHDRV85; C:\WINDOWS\system32\drivers\SSHDRV85.sys [78848 2007-03-28] () [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [32000 2008-07-10] (Apple, Inc.) [File not signed]
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S2 adfs; No ImagePath
S3 catchme; \??\C:\DOKUME~1\ULFILA~1.ULF\LOKALE~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 NTACCESS; \??\I:\NTACCESS.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\I:\NTGLM7X.sys [X]
U3 TlntSvr; No ImagePath
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 16:23 - 2015-03-25 16:23 - 00001003 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\JRT.txt
2015-03-25 15:04 - 2015-03-25 15:14 - 00000000 ____D () C:\AdwCleaner
2015-03-25 14:38 - 2015-03-25 14:38 - 00090112 _____ () C:\WINDOWS\Minidump\Mini032515-01.dmp
2015-03-21 14:59 - 2015-03-21 14:59 - 00001220 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\mbam.txt
2015-03-21 13:39 - 2015-03-25 15:22 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-21 13:35 - 2015-03-21 13:35 - 00000761 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-21 13:35 - 2015-03-21 13:35 - 00000000 ____D () C:\Programme\Malwarebytes Anti-Malware
2015-03-21 13:35 - 2015-03-21 13:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes Anti-Malware
2015-03-21 13:35 - 2015-03-21 13:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2015-03-21 13:35 - 2015-03-17 06:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-21 13:35 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-20 16:25 - 2015-03-20 16:25 - 00090112 _____ () C:\WINDOWS\Minidump\Mini032015-01.dmp
2015-03-20 16:18 - 2015-03-25 14:10 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-03-20 16:18 - 2015-03-20 16:18 - 00022647 _____ () C:\ComboFix.txt
2015-03-20 16:18 - 2015-03-20 16:18 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-03-20 15:29 - 2015-03-20 15:29 - 00000000 _RSHD () C:\cmdcons
2015-03-20 15:29 - 2013-07-17 11:57 - 00000211 _____ () C:\Boot.bak
2015-03-20 15:29 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr
2015-03-20 15:24 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-03-20 15:24 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-03-20 15:24 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-03-20 15:20 - 2015-03-20 16:18 - 00000000 ____D () C:\Qoobox
2015-03-20 15:20 - 2015-03-20 15:20 - 00000000 ___RD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Verwaltung
2015-03-20 15:19 - 2015-03-20 16:14 - 00000000 ____D () C:\WINDOWS\erdnt
2015-03-20 02:30 - 2015-03-20 02:30 - 00000000 _____ () C:\WINDOWS\system32\sho80.tmp
2015-03-20 02:01 - 2015-03-20 02:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\ABBYY
2015-03-20 02:01 - 2015-03-20 02:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\ABBYY
2015-03-20 00:08 - 2015-03-20 00:08 - 00000901 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\Revo Uninstaller.lnk
2015-03-20 00:07 - 2015-03-20 00:07 - 00000000 ____D () C:\Programme\VS Revo Group
2015-03-19 23:39 - 2015-03-25 15:21 - 00000230 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2015-03-19 23:39 - 2015-03-20 01:18 - 00000224 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-03-19 12:18 - 2015-03-19 12:18 - 00000000 _____ () C:\WINDOWS\system32\sho3AD.tmp
2015-03-19 12:17 - 2015-03-19 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2015-03-19 12:17 - 2015-03-19 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2015-03-19 12:16 - 2015-03-19 12:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2015-03-19 12:14 - 2015-03-19 12:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2015-03-19 12:13 - 2015-03-19 12:14 - 00124766 _____ () C:\WINDOWS\KB2900986.log
2015-03-19 11:45 - 2015-03-19 11:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2015-03-19 11:45 - 2015-03-19 11:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2015-03-19 11:45 - 2015-03-19 11:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2015-03-19 11:44 - 2015-03-19 11:44 - 00123275 _____ () C:\WINDOWS\KB2964358-IE7.log
2015-03-19 11:44 - 2015-03-19 11:44 - 00121716 _____ () C:\WINDOWS\KB2904266.log
2015-03-19 11:44 - 2015-03-19 11:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2015-03-19 11:43 - 2015-03-19 11:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2015-03-19 11:43 - 2015-03-19 11:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2015-03-19 11:39 - 2015-03-19 11:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2015-03-19 11:27 - 2015-03-19 11:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2015-03-19 11:24 - 2015-03-19 11:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2015-03-19 11:23 - 2015-03-19 11:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2015-03-19 11:22 - 2015-03-19 11:23 - 00004702 _____ () C:\WINDOWS\KB2934207.log
2015-03-19 11:06 - 2015-03-19 11:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2015-03-19 11:00 - 2015-03-19 11:10 - 00004724 _____ () C:\WINDOWS\KB2914368.log
2015-03-18 17:59 - 2015-03-19 12:17 - 00136251 _____ () C:\WINDOWS\KB2922229.log
2015-03-18 17:59 - 2015-03-19 12:17 - 00135985 _____ () C:\WINDOWS\KB2868626.log
2015-03-18 17:59 - 2015-03-19 12:16 - 00137166 _____ () C:\WINDOWS\KB2916036.log
2015-03-18 17:58 - 2015-03-19 12:15 - 00225180 _____ () C:\WINDOWS\KB2936068-IE7.log
2015-03-18 17:55 - 2015-03-19 11:46 - 00129285 _____ () C:\WINDOWS\KB2898715.log
2015-03-18 17:50 - 2015-03-19 11:45 - 00127948 _____ () C:\WINDOWS\KB2929961.log
2015-03-18 17:49 - 2015-03-19 11:45 - 00128870 _____ () C:\WINDOWS\KB2909212.log
2015-03-18 17:48 - 2015-03-19 11:44 - 00128338 _____ () C:\WINDOWS\KB2930275.log
2015-03-18 17:46 - 2015-03-19 11:43 - 00127371 _____ () C:\WINDOWS\KB2862152.log
2015-03-18 17:41 - 2015-03-19 11:39 - 00127939 _____ () C:\WINDOWS\KB2876331.log
2015-03-18 17:38 - 2015-03-19 11:27 - 00127269 _____ () C:\WINDOWS\KB2893294.log
2015-03-18 17:35 - 2015-03-19 11:24 - 00010021 _____ () C:\WINDOWS\KB2892075.log
2015-03-18 17:31 - 2014-02-27 00:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2015-03-18 17:31 - 2014-02-27 00:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2015-03-18 17:25 - 2015-03-25 16:41 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-25 16:43 - 2013-07-08 11:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp
2015-03-25 16:24 - 2009-06-30 02:32 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-25 16:18 - 2013-07-08 11:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS
2015-03-25 15:22 - 2006-04-11 13:20 - 00050257 _____ () C:\WINDOWS\system32\nvapps.xml
2015-03-25 15:22 - 2001-08-18 12:00 - 00013050 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-25 15:21 - 2013-08-10 14:43 - 00000322 ____H () C:\WINDOWS\Tasks\MP Scheduled Scan.job
2015-03-25 15:21 - 2012-01-31 15:19 - 00000314 _____ () C:\WINDOWS\Tasks\GlaryInitialize.job
2015-03-25 15:21 - 2009-06-30 02:32 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-25 15:19 - 2005-05-10 13:54 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-25 15:19 - 2005-05-10 13:14 - 01896081 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-25 15:18 - 2005-05-10 13:54 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-03-25 15:18 - 2005-05-10 13:02 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-25 15:17 - 2006-07-28 22:12 - 00704802 _____ () C:\WINDOWS\system32\OODBS.lor
2015-03-25 15:17 - 2005-05-10 13:06 - 00032640 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-25 15:16 - 2013-07-08 11:53 - 00000190 ___SH () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\ntuser.ini
2015-03-25 15:14 - 2013-07-08 12:05 - 00000889 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Internet Explorer.lnk
2015-03-25 15:14 - 2013-07-08 11:53 - 00000000 ___RD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme
2015-03-25 15:13 - 2009-09-11 17:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
2015-03-25 15:13 - 2005-05-10 13:52 - 00000000 ___RD () C:\Programme
2015-03-25 14:01 - 2009-03-24 02:33 - 00001014 _____ () C:\WINDOWS\Tasks\Google Software Updater.job
2015-03-21 13:35 - 2005-05-10 13:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-03-20 16:15 - 2005-05-10 13:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-03-20 16:12 - 2001-08-18 12:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-03-20 16:10 - 2012-10-18 19:19 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57 - Kopie
2015-03-20 15:29 - 2005-05-10 13:49 - 00000327 __RSH () C:\boot.ini
2015-03-20 15:08 - 2005-05-10 13:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Dokumente
2015-03-20 14:55 - 2005-05-10 13:52 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Microsoft Shared
2015-03-20 14:53 - 2013-07-16 11:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\SoftGrid Client
2015-03-20 14:38 - 2005-05-10 13:46 - 00000000 ____D () C:\WINDOWS\Media
2015-03-20 14:37 - 2005-05-10 13:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü
2015-03-20 14:37 - 2005-05-10 13:00 - 00000037 _____ () C:\WINDOWS\vbaddin.ini
2015-03-20 14:37 - 2005-05-10 13:00 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung
2015-03-20 13:38 - 2005-05-10 19:20 - 00000000 ____D () C:\Programme\Adobe
2015-03-20 12:15 - 2010-09-30 02:01 - 00000232 _____ () C:\WINDOWS\setupact.log
2015-03-20 12:15 - 2010-09-19 02:10 - 00483947 _____ () C:\WINDOWS\setupapi.log
2015-03-20 02:30 - 2005-05-10 13:28 - 00000000 ___HD () C:\Programme\InstallShield Installation Information
2015-03-20 02:20 - 2005-05-11 18:19 - 00000000 ____D () C:\Programme\StarOffice6.0
2015-03-20 02:17 - 2009-11-05 23:21 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Nikon
2015-03-20 02:17 - 2005-05-10 13:46 - 00000000 ____D () C:\WINDOWS\twain_32
2015-03-20 02:15 - 2013-07-21 23:05 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\elsterformular
2015-03-20 02:15 - 2010-01-23 02:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ElsterFormular
2015-03-20 02:15 - 2010-01-23 02:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
2015-03-20 01:42 - 2008-02-12 11:05 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Lexware
2015-03-19 23:52 - 2013-08-19 22:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-19 23:32 - 2005-05-10 13:51 - 02173272 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-19 23:31 - 2009-01-20 22:53 - 00000000 ____D () C:\Programme\Microsoft Silverlight
2015-03-19 12:17 - 2010-10-14 08:30 - 00110424 _____ () C:\WINDOWS\updspapi.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00382167 _____ () C:\WINDOWS\tsoc.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00326488 _____ () C:\WINDOWS\comsetup.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00200945 _____ () C:\WINDOWS\ntdtcsetup.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00158616 _____ () C:\WINDOWS\iis6.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00055404 _____ () C:\WINDOWS\ocmsn.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00050058 _____ () C:\WINDOWS\msgsocm.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00001374 _____ () C:\WINDOWS\imsins.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2015-03-19 12:17 - 2010-09-30 02:00 - 01001616 _____ () C:\WINDOWS\FaxSetup.log
2015-03-19 12:17 - 2010-09-30 02:00 - 00478872 _____ () C:\WINDOWS\ocgen.log
2015-03-19 12:15 - 2007-11-15 12:14 - 00000000 ____D () C:\WINDOWS\system32\de-de
2015-03-19 11:54 - 2006-09-23 17:20 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-03-19 11:44 - 2007-11-15 12:15 - 00000000 ____D () C:\WINDOWS\ie7updates
2015-03-19 11:44 - 2007-02-25 02:33 - 01010274 _____ () C:\WINDOWS\system32\TZLog.log
2015-03-19 11:36 - 2005-05-10 13:52 - 01037108 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-19 11:26 - 2010-06-05 02:01 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight
2015-03-18 18:25 - 2001-08-18 12:00 - 00001607 _____ () C:\WINDOWS\win.ini
2015-03-18 15:13 - 2006-12-24 16:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
2015-02-26 21:20 - 2005-05-15 22:51 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-02-24 04:23 - 2009-10-03 00:46 - 00246920 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2013-07-16 11:05 - 2013-07-16 11:05 - 0000000 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\sversion.ini
2014-01-22 14:43 - 2014-03-20 23:33 - 0006144 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-16 11:45 - 2013-07-16 11:45 - 0000150 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\contentDATs.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\SecurityScan_Release.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\jre-6u34-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\jre-8u40-windows-au.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\Quarantine.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Eine Frage muß ich zu später Stunde nochmal nachschieben:

Malwarebytes scheint ja im Hintergrund fleißig zu arbeiten. Bin ich im Internet unterwegs, schiebt sich gelegentlich eine Mitteilung wie diese in der unteren rechten Ecke ins Bild:

http://www.ulfilas.com/screenshot11.jpg

Was mache ich jetzt damit?

Was bedeutet der Klick auf "Website ausschließen"?

Bedeutet es, daß die betreffende Seite von den bösartigen Webseiten ausgeschlossen wird - also auf meinem Computer trotz eventueller Bösartigkeit zugelassen wird,

oder bedeutet es, daß diese Website von meinem Computer - eben wegen ihrer Bösartigkeit - ausgeschlossen wird?

Soll ich auf den Button klicken oder nicht? Welche Folgen hat das?

Viele Grüße

Wolfgang

schrauber 26.03.2015 17:01
Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

ulfilas-bs 27.03.2015 13:52
Hallo schrauber,

hier erstmal das Logfile von ESET:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0f9855dd284956449760ec9b9593bf32
# engine=23106
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-27 06:05:03
# local_time=2015-03-27 07:05:03 (+0100, Westeuropäische Normalzeit)
# country="Germany"
# lang=1031
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode_1=''
# compatibility_mode=5889 16768381 100 100 260373947 272952167 0 259599899
# scanned=180796
# found=21
# cleaned=21
# scan_time=22608
sh=A47739F27C4BC8FD3A48B4A90B40679DF1218E1B ft=1 fh=ab4f3351c96b3042 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Programme\Conduit\Community Alerts\Alert.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Programme\Conduit\Community Alerts\Alert0.dll.vir"
sh=664270A860DDB3D6F23F617D0615070330A71A30 ft=1 fh=192f7aaecaa32147 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Programme\Conduit\Community Alerts\Alert1.dll.vir"
sh=8EE9FB5AE2B8B6679E36388F102438C3C72C628E ft=1 fh=fc1817d8cca0d243 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2431245\softonic-de3AutoUpdaterHelper.exe"
sh=AE26A672D0734284CFC53D242A869B83A7A0BB8D ft=1 fh=da686261c9e49394 vn="Variante von Win32/ELEX.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\eIntaller\ED3891BEC4B84a3a9730B9FBBB79989F\eXQ1.exe"
sh=86F4A2A9C66724E499140797B8084D2C7547BCA7 ft=1 fh=04cca46dbcea1f9f vn="Variante von Win32/bProtector.J evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP1997\A0558226.dll"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2007\A0559538.exe"
sh=E2BA5F8A7BD2BAF32FF31730BAD873C8E7957030 ft=1 fh=6e8622963c31f56a vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2007\A0559539.dll"
sh=338FBBF5F419C05107D03784377D1FB3E61AAFA1 ft=1 fh=9a3f1daaaa0a9c05 vn="Variante von Win32/Toolbar.CrossRider.J evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559799.exe"
sh=36FDCF73AFF3EA15630E224B851E9909B8288FB7 ft=1 fh=22744f4eab4dfa31 vn="Variante von Win32/Toolbar.CrossRider.J evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559800.exe"
sh=86648001D3C88F2AB7B24A8018DFD4E73B723039 ft=1 fh=f0b6a644bc4190fc vn="Variante von Win32/Toolbar.CrossRider.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559801.exe"
sh=0809B4057118CB899FC65C75DE3E2A90184A09FD ft=1 fh=c665df4e3722a3d5 vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559803.exe"
sh=EB9D3CEF9128A1C72AC7F6A7CF2B823B07D531B1 ft=1 fh=fc8658803adbc66e vn="Variante von Win32/Toolbar.CrossRider.J evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559804.exe"
sh=7E40D545B49A2C59872C71B356281B370C56D8C3 ft=1 fh=99381f849597a4a7 vn="Variante von Win32/Toolbar.CrossRider.J evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559805.exe"
sh=6224EE7DE648CA49068DC21267AA8CD906DB748E ft=1 fh=b7ad1807371aa6a9 vn="Variante von Win32/Toolbar.CrossRider.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559806.exe"
sh=46EA5817C1F7423F6ABE96EAF8855E165E84F225 ft=1 fh=475f0b63b93a5b39 vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559807.exe"
sh=2A19E8791533376D8F930704C7487B990BE5B7CD ft=1 fh=a0530847b5c3752d vn="Win32/DownWare.E evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2020\A0560850.exe"
sh=9F82BB5DC8D4EC6B8B2BB47CB6C329B8AF1C14CE ft=1 fh=c92ed1f3ca58c043 vn="Win32/InstallCore.AZ evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2025\A0561615.exe"
sh=A47739F27C4BC8FD3A48B4A90B40679DF1218E1B ft=1 fh=ab4f3351c96b3042 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565770.dll"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565771.dll"
sh=664270A860DDB3D6F23F617D0615070330A71A30 ft=1 fh=192f7aaecaa32147 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565772.dll"

Rest folgt.

Grüße, Wolfgang

SecurityCheck:

Code:
Results of screen317's Security Check version 0.99.97 
 Windows XP Service Pack 3 x86 
 Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Avira AntiVir PersonalEdition Classic 
`````````Anti-malware/Other Utilities Check:`````````
 Windows Defender   
 EasyCleaner   
 Java(TM) 6 Update 29 
 Java 7 Update 25 
 Java version 32-bit out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
  Java 64-bit 8 Update 31 
 Adobe Reader 10.1.8 Adobe Reader out of Date! 
 Google Chrome (41.0.2272.101)
````````Process Check: objlist.exe by Laurent```````` 
 Windows Defender MSMpEng.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Avira Antivir avguard.exe
 Malwarebytes Anti-Malware mbamscheduler.exe 
 Windows Defender MsMpEng.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 
````````````````````End of Log``````````````````````
Beim Scannen mit FRST kommt zwischendurch immer wieder die Meldung "Windows - Kein Datenträger. Exception Processing Message c0000013 Parameters 75b0bf7c 4 75b0bf7c 75b0bf7c", die ich oben schon erwähnt hatte. Warum geht das nicht weg?

FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Ulfilas57 (administrator) on ULFILAS on 27-03-2015 13:56:07
Running from C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads
Loaded Profiles: Ulfilas57 (Available profiles: Ulfilas57)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Programme\Windows Defender\MsMpEng.exe
(Avira GmbH) C:\Programme\AntiVir PersonalEdition Classic\sched.exe
(AVIRA GmbH) C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
(AOL LLC) C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
(Aladdin Knowledge Systems Ltd.) C:\WINDOWS\system32\hasplms.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
(InterVideo) C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
() C:\WINDOWS\system32\PAStiSvc.exe
(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(America Online, Inc.) C:\Programme\Gemeinsame Dateien\aol\1186092089\ee\aolsoftware.exe
(Apple Inc.) C:\Programme\QuickTime\QTTask.exe
(SSC Localization Group) C:\Programme\SSC Service Utility\ssc_serv.exe
(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\NBHGui.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCD.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe
(Logitech Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.exe
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.bin
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Farbar) C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads\FRST (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Automatisch EPSON Stylus Photo R200 Series auf MARION] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE [99840 2003-09-11] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [HostManager] => C:\Programme\Gemeinsame Dateien\AOL\1186092089\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [101136 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [417792 2009-09-05] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [198160 2009-09-11] (RealNetworks, Inc.)
HKLM\...\Run: [SSC Service Utility] => C:\Programme\SSC Service Utility\ssc_serv.exe [665600 2007-10-09] (SSC Localization Group)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [SecurDisc] => C:\Programme\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-11-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Programme\Nero\Nero 7\InCD\InCD.exe [1057064 2007-11-26] (Nero AG)
HKU\S-1-5-21-484763869-630328440-839522115-1004\...\Run: [LightScribe Control Panel] => C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe [2363392 2009-11-20] (Hewlett-Packard Company)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [519584 2010-02-28] (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Startmenü\Programme\Autostart\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-484763869-630328440-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-484763869-630328440-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-09-03] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll [2013-08-20] (Oracle Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-01-14] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll [2013-08-20] (Oracle Corporation)
BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} hxxp://midasplayer.aol.de/midasa.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/hidinputmonitorx.ocx
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} hxxp://download.ebay.com/turbo_lister/DE/install.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} hxxp://king.aolsvc.de/ctl/kingcomie.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} hxxp://aolcc.aol.de/computercheckup/qdiagcc.cab
DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/A9.ocx
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1115727237102
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152046154312
DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/wmvhdrating.ocx
DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} hxxp://www.parallelgraphics.com/bin/cortvrml.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://office.dogcam.smalldog.com/activex/AxisCamControl.cab
DPF: {ABC1D8DE-CAB5-4FB7-BCD0-137BAB9F09DC} hxxp://www.aldisued-fotos-druck.de/upload/aldi_sued_bilduebertragung.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game14.zylomgames.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll [2005-04-27] (Haufe Mediengruppe)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll [2008-07-30] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{388DB4AB-8D7B-4BA2-946F-3BDE1F6619F0}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{3ECE9A19-5146-4846-BBB2-E014515541B5}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{D6A749A3-AC13-4E2F-9449-37FA7FD3624B}: [NameServer] 50.7.75.18,107.6.133.6

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2010-01-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-04-26] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll [2009-10-23] ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-01-03] (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nppl3260.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 -> c:\programme\real\realone player\Netscape6\nprjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nprpjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-23]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=54E00010DCFAF9B2&affID=119357&tsp=4945"
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\41.0.2272.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\41.0.2272.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Zylom Plugin) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll No File
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\programme\real\realone player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\programme\real\realone player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\programme\real\realone player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Profile: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
StartMenuInternet: chrome.exe - Chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-06-27] (Adobe Systems) [File not signed]
R2 AntiVirScheduler; C:\Programme\AntiVir PersonalEdition Classic\sched.exe [47656 2006-11-13] (Avira GmbH) [File not signed]
R2 AntiVirService; C:\Programme\AntiVir PersonalEdition Classic\avguard.exe [200744 2006-11-24] (AVIRA GmbH) [File not signed]
R2 AOL ACS; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)
R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2010-02-20] (Acresso Software Inc.)
S2 gupdate1c9871269d85f5e; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-09] (Google)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [2562048 2008-04-24] (Aladdin Knowledge Systems Ltd.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545568 2009-10-28] (Apple Inc.)
R2 IviRegMgr; C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe [112152 2007-01-04] (InterVideo)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182184 2013-08-20] (Oracle Corporation)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2009-11-20] (Hewlett-Packard Company) [File not signed]
S3 Macromedia Licensing Service; C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2007-09-10] () [File not signed]
R2 MBAMScheduler; C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)
S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [143436 2006-03-09] (NVIDIA Corporation) [File not signed]
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [339456 2006-06-02] (O&O Software GmbH) [File not signed]
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [53248 2005-01-14] () [File not signed]
R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-01-18] (Ulead Systems, Inc.)
S3 UPnPService; C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.) [File not signed]
R2 WinDefend; C:\Programme\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [X]
S3 McComponentHostService; "C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aksfridge; C:\WINDOWS\System32\DRIVERS\aksfridge.sys [350720 2008-03-18] (Aladdin Knowledge Systems Ltd.)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [238976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
S3 akshhl; C:\WINDOWS\System32\DRIVERS\akshhl.sys [46336 2007-07-23] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [14976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [695852 2003-01-10] (Realtek Semiconductor Corp.) [File not signed]
R1 avgio; C:\Programme\AntiVir PersonalEdition Classic\avgio.sys [7296 2006-11-22] (AVIRA GmbH) [File not signed]
R3 avgntflt; C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys [45104 2006-11-24] (AVIRA GmbH)
S3 BENDER; C:\WINDOWS\System32\drivers\bender.sys [200320 2005-08-22] (Pinnacle Systems) [File not signed]
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-05-14] (Avanquest Software) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cdrblock; C:\WINDOWS\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 giveio; C:\WINDOWS\system32\giveio.sys [5248 2009-05-15] () [File not signed]
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [586240 2008-02-11] (Aladdin Knowledge Systems Ltd.)
R0 hotcore; C:\WINDOWS\System32\drivers\hotcore.sys [18208 2005-10-14] (Paragon Software Group) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [38440 2007-11-26] (Nero AG)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]
S3 KMWDFilter; C:\WINDOWS\System32\Drivers\KMWDFilter.SYS [17024 2007-03-29] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171008 2005-06-02] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-27] (Malwarebytes Corporation)
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [3650368 2006-03-09] (NVIDIA Corporation) [File not signed]
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation      )
R1 SSHDRV85; C:\WINDOWS\system32\drivers\SSHDRV85.sys [78848 2007-03-28] () [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [32000 2008-07-10] (Apple, Inc.) [File not signed]
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S2 adfs; No ImagePath
S3 catchme; \??\C:\DOKUME~1\ULFILA~1.ULF\LOKALE~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 NTACCESS; \??\I:\NTACCESS.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\I:\NTGLM7X.sys [X]
U3 TlntSvr; No ImagePath
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 13:38 - 2015-03-27 13:38 - 00852604 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\SecurityCheck.exe
2015-03-27 12:54 - 2015-03-27 12:54 - 00001781 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2015-03-27 12:54 - 2015-03-27 12:54 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
2015-03-25 16:23 - 2015-03-25 16:23 - 00001003 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\JRT.txt
2015-03-25 15:04 - 2015-03-25 15:14 - 00000000 ____D () C:\AdwCleaner
2015-03-25 14:38 - 2015-03-25 14:38 - 00090112 _____ () C:\WINDOWS\Minidump\Mini032515-01.dmp
2015-03-21 14:59 - 2015-03-21 14:59 - 00001220 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\mbam.txt
2015-03-21 13:39 - 2015-03-27 14:07 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-21 13:35 - 2015-03-21 13:35 - 00000761 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-21 13:35 - 2015-03-21 13:35 - 00000000 ____D () C:\Programme\Malwarebytes Anti-Malware
2015-03-21 13:35 - 2015-03-21 13:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes Anti-Malware
2015-03-21 13:35 - 2015-03-21 13:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2015-03-21 13:35 - 2015-03-17 06:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-21 13:35 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-20 16:25 - 2015-03-20 16:25 - 00090112 _____ () C:\WINDOWS\Minidump\Mini032015-01.dmp
2015-03-20 16:18 - 2015-03-27 06:06 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-03-20 16:18 - 2015-03-20 16:18 - 00022647 _____ () C:\ComboFix.txt
2015-03-20 16:18 - 2015-03-20 16:18 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-03-20 15:29 - 2015-03-20 15:29 - 00000000 _RSHD () C:\cmdcons
2015-03-20 15:29 - 2013-07-17 11:57 - 00000211 _____ () C:\Boot.bak
2015-03-20 15:29 - 2004-08-03 23:00 - 00262448 __RSH () C:\cmldr
2015-03-20 15:24 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-03-20 15:24 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-03-20 15:24 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-03-20 15:24 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-03-20 15:20 - 2015-03-20 16:18 - 00000000 ____D () C:\Qoobox
2015-03-20 15:20 - 2015-03-20 15:20 - 00000000 ___RD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Verwaltung
2015-03-20 15:19 - 2015-03-20 16:14 - 00000000 ____D () C:\WINDOWS\erdnt
2015-03-20 02:30 - 2015-03-20 02:30 - 00000000 _____ () C:\WINDOWS\system32\sho80.tmp
2015-03-20 02:01 - 2015-03-20 02:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\ABBYY
2015-03-20 02:01 - 2015-03-20 02:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\ABBYY
2015-03-20 00:08 - 2015-03-26 23:13 - 00000901 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\Revo Uninstaller.lnk
2015-03-20 00:07 - 2015-03-26 23:02 - 00000000 ____D () C:\Programme\VS Revo Group
2015-03-19 23:39 - 2015-03-27 13:24 - 00000230 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2015-03-19 23:39 - 2015-03-20 01:18 - 00000224 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-03-19 12:18 - 2015-03-19 12:18 - 00000000 _____ () C:\WINDOWS\system32\sho3AD.tmp
2015-03-19 12:17 - 2015-03-19 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2015-03-19 12:17 - 2015-03-19 12:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2015-03-19 12:16 - 2015-03-19 12:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2015-03-19 12:14 - 2015-03-19 12:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2015-03-19 12:13 - 2015-03-19 12:14 - 00124766 _____ () C:\WINDOWS\KB2900986.log
2015-03-19 11:45 - 2015-03-19 11:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2015-03-19 11:45 - 2015-03-19 11:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2015-03-19 11:45 - 2015-03-19 11:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2015-03-19 11:44 - 2015-03-19 11:44 - 00123275 _____ () C:\WINDOWS\KB2964358-IE7.log
2015-03-19 11:44 - 2015-03-19 11:44 - 00121716 _____ () C:\WINDOWS\KB2904266.log
2015-03-19 11:44 - 2015-03-19 11:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2015-03-19 11:43 - 2015-03-19 11:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2015-03-19 11:43 - 2015-03-19 11:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2015-03-19 11:39 - 2015-03-19 11:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2015-03-19 11:27 - 2015-03-19 11:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2015-03-19 11:24 - 2015-03-19 11:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2015-03-19 11:23 - 2015-03-19 11:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2015-03-19 11:22 - 2015-03-19 11:23 - 00004702 _____ () C:\WINDOWS\KB2934207.log
2015-03-19 11:06 - 2015-03-19 11:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2015-03-19 11:00 - 2015-03-19 11:10 - 00004724 _____ () C:\WINDOWS\KB2914368.log
2015-03-18 17:59 - 2015-03-19 12:17 - 00136251 _____ () C:\WINDOWS\KB2922229.log
2015-03-18 17:59 - 2015-03-19 12:17 - 00135985 _____ () C:\WINDOWS\KB2868626.log
2015-03-18 17:59 - 2015-03-19 12:16 - 00137166 _____ () C:\WINDOWS\KB2916036.log
2015-03-18 17:58 - 2015-03-19 12:15 - 00225180 _____ () C:\WINDOWS\KB2936068-IE7.log
2015-03-18 17:55 - 2015-03-19 11:46 - 00129285 _____ () C:\WINDOWS\KB2898715.log
2015-03-18 17:50 - 2015-03-19 11:45 - 00127948 _____ () C:\WINDOWS\KB2929961.log
2015-03-18 17:49 - 2015-03-19 11:45 - 00128870 _____ () C:\WINDOWS\KB2909212.log
2015-03-18 17:48 - 2015-03-19 11:44 - 00128338 _____ () C:\WINDOWS\KB2930275.log
2015-03-18 17:46 - 2015-03-19 11:43 - 00127371 _____ () C:\WINDOWS\KB2862152.log
2015-03-18 17:41 - 2015-03-19 11:39 - 00127939 _____ () C:\WINDOWS\KB2876331.log
2015-03-18 17:38 - 2015-03-19 11:27 - 00127269 _____ () C:\WINDOWS\KB2893294.log
2015-03-18 17:35 - 2015-03-19 11:24 - 00010021 _____ () C:\WINDOWS\KB2892075.log
2015-03-18 17:31 - 2014-02-27 00:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2015-03-18 17:31 - 2014-02-27 00:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2015-03-18 17:25 - 2015-03-27 13:56 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-27 14:13 - 2013-07-08 11:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp
2015-03-27 13:25 - 2012-01-31 15:19 - 00000314 _____ () C:\WINDOWS\Tasks\GlaryInitialize.job
2015-03-27 13:25 - 2009-06-30 02:32 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-27 13:25 - 2006-04-11 13:20 - 00050257 _____ () C:\WINDOWS\system32\nvapps.xml
2015-03-27 13:24 - 2009-06-30 02:32 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-27 13:24 - 2001-08-18 12:00 - 00013050 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-27 13:21 - 2005-05-10 13:14 - 01922223 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-27 13:20 - 2013-08-10 14:43 - 00000322 ____H () C:\WINDOWS\Tasks\MP Scheduled Scan.job
2015-03-27 13:19 - 2005-05-10 13:54 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-03-27 13:18 - 2005-05-10 13:54 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-03-27 13:17 - 2006-07-28 22:12 - 00705384 _____ () C:\WINDOWS\system32\OODBS.lor
2015-03-27 13:17 - 2005-05-10 13:52 - 00000000 ___RD () C:\Programme
2015-03-27 13:17 - 2005-05-10 13:02 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-27 13:16 - 2013-07-08 11:53 - 00000190 ___SH () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\ntuser.ini
2015-03-27 13:16 - 2005-05-10 13:06 - 00032372 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-27 12:54 - 2005-05-10 13:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-03-27 12:34 - 2005-05-27 22:27 - 00000000 ____D () C:\Programme\Google
2015-03-27 12:16 - 2006-09-23 17:17 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google
2015-03-26 23:13 - 2013-07-08 11:53 - 00000000 ___RD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme
2015-03-25 16:18 - 2013-07-08 11:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS
2015-03-25 15:14 - 2013-07-08 12:05 - 00000889 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Internet Explorer.lnk
2015-03-25 14:38 - 2005-05-15 22:46 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-20 16:15 - 2005-05-10 13:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-03-20 16:12 - 2001-08-18 12:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-03-20 16:10 - 2012-10-18 19:19 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57 - Kopie
2015-03-20 15:29 - 2005-05-10 13:49 - 00000327 __RSH () C:\boot.ini
2015-03-20 15:08 - 2005-05-10 13:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Dokumente
2015-03-20 14:55 - 2005-05-10 13:52 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Microsoft Shared
2015-03-20 14:53 - 2013-07-16 11:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\SoftGrid Client
2015-03-20 14:38 - 2005-05-10 13:46 - 00000000 ____D () C:\WINDOWS\Media
2015-03-20 14:37 - 2005-05-10 13:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü
2015-03-20 14:37 - 2005-05-10 13:00 - 00000037 _____ () C:\WINDOWS\vbaddin.ini
2015-03-20 14:37 - 2005-05-10 13:00 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung
2015-03-20 13:38 - 2005-05-10 19:20 - 00000000 ____D () C:\Programme\Adobe
2015-03-20 12:15 - 2010-09-30 02:01 - 00000232 _____ () C:\WINDOWS\setupact.log
2015-03-20 12:15 - 2010-09-19 02:10 - 00483947 _____ () C:\WINDOWS\setupapi.log
2015-03-20 02:30 - 2005-05-10 13:28 - 00000000 ___HD () C:\Programme\InstallShield Installation Information
2015-03-20 02:20 - 2005-05-11 18:19 - 00000000 ____D () C:\Programme\StarOffice6.0
2015-03-20 02:17 - 2009-11-05 23:21 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Nikon
2015-03-20 02:17 - 2005-05-10 13:46 - 00000000 ____D () C:\WINDOWS\twain_32
2015-03-20 02:15 - 2013-07-21 23:05 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\elsterformular
2015-03-20 02:15 - 2010-01-23 02:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ElsterFormular
2015-03-20 02:15 - 2010-01-23 02:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
2015-03-20 01:42 - 2008-02-12 11:05 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Lexware
2015-03-19 23:52 - 2013-08-19 22:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-19 23:32 - 2005-05-10 13:51 - 02173272 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-19 23:31 - 2009-01-20 22:53 - 00000000 ____D () C:\Programme\Microsoft Silverlight
2015-03-19 12:17 - 2010-10-14 08:30 - 00110424 _____ () C:\WINDOWS\updspapi.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00382167 _____ () C:\WINDOWS\tsoc.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00326488 _____ () C:\WINDOWS\comsetup.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00200945 _____ () C:\WINDOWS\ntdtcsetup.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00158616 _____ () C:\WINDOWS\iis6.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00055404 _____ () C:\WINDOWS\ocmsn.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00050058 _____ () C:\WINDOWS\msgsocm.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00001374 _____ () C:\WINDOWS\imsins.log
2015-03-19 12:17 - 2010-09-30 02:01 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2015-03-19 12:17 - 2010-09-30 02:00 - 01001616 _____ () C:\WINDOWS\FaxSetup.log
2015-03-19 12:17 - 2010-09-30 02:00 - 00478872 _____ () C:\WINDOWS\ocgen.log
2015-03-19 12:15 - 2007-11-15 12:14 - 00000000 ____D () C:\WINDOWS\system32\de-de
2015-03-19 11:54 - 2006-09-23 17:20 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-03-19 11:44 - 2007-11-15 12:15 - 00000000 ____D () C:\WINDOWS\ie7updates
2015-03-19 11:44 - 2007-02-25 02:33 - 01010274 _____ () C:\WINDOWS\system32\TZLog.log
2015-03-19 11:36 - 2005-05-10 13:52 - 01037108 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-19 11:26 - 2010-06-05 02:01 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight
2015-03-18 18:25 - 2001-08-18 12:00 - 00001607 _____ () C:\WINDOWS\win.ini
2015-03-18 15:13 - 2006-12-24 16:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
2015-02-26 21:20 - 2005-05-15 22:51 - 119837696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2013-07-16 11:05 - 2013-07-16 11:05 - 0000000 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\sversion.ini
2014-01-22 14:43 - 2014-03-20 23:33 - 0006144 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-16 11:45 - 2013-07-16 11:45 - 0000150 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\contentDATs.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\SecurityScan_Release.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\jre-6u34-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\jre-8u40-windows-au.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\Quarantine.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---



Ich empfinde den Rechner leider immer noch als sehr, sehr langsam. Es dauert recht lange, bis sich eine Anwendung öffnet.

Können wir noch irgendetwas tun, damit sich das bessert?

Grüße, Wolfgang

schrauber 27.03.2015 20:19
Java, Flash und Adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2431245\softonic-de3AutoUpdaterHelper.exe

C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\eIntaller\ED3891BEC4B84a3a9730B9FBBB79989F\eXQ1.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP1997\A0558226.dll

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2007\A0559538.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2007\A0559539.dll

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559799.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559800.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559801.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559803.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559804.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559805.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559806.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559807.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2020\A0560850.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2025\A0561615.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565770.dll

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565771.dll

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565772.dll
BootExecute: autocheck autochk * OODBS
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath
cmd: netsh winsock reset
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Autostart entrümpeln, frisches FRST log bitte. Sitzt Du gerade in den USA?

ulfilas-bs 30.03.2015 14:23
Hi schrauber,

nein, ich bin in Norddeutschland. Wie kommst du darauf, ich sei in den USA?


Der Computer läuft leider immer noch langsam. Ich habe vorhin mal zur Uhr gesehen: Vom Anschalten bis zum Erreichen dieser Seite hier dauerte es geschlagene 15 Minuten.

Irgendwas bremst ihn noch ganz doll aus.

Deine letzten Anweisungen habe ich wie immer befolgt.

Hier erstmal das Fixlist-Protokoll:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Ulfilas57 at 2015-03-30 14:20:07 Run:2
Running from C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads
Loaded Profiles: Ulfilas57 (Available profiles: Ulfilas57)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2431245\softonic-de3AutoUpdaterHelper.exe

C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\eIntaller\ED3891BEC4B84a3a9730B9FBBB79989F\eXQ1.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP1997\A0558226.dll

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2007\A0559538.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2007\A0559539.dll

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559799.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559800.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559801.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559803.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559804.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559805.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559806.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559807.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2020\A0560850.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2025\A0561615.exe

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565770.dll

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565771.dll

C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565772.dll
BootExecute: autocheck autochk * OODBS
U3 Winsock - Google Desktop Search Backup Before First Install; No ImagePath
U3 Winsock - Google Desktop Search Backup Before Last Install; No ImagePath
cmd: netsh winsock reset
Emptytemp:
       
*****************

"C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Anwendungsdaten\Conduit\CT2431245\softonic-de3AutoUpdaterHelper.exe" => File/Directory not found.
"C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\eIntaller\ED3891BEC4B84a3a9730B9FBBB79989F\eXQ1.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP1997\A0558226.dll" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2007\A0559538.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2007\A0559539.dll" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559799.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559800.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559801.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559803.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559804.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559805.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559806.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2010\A0559807.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2020\A0560850.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2025\A0561615.exe" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565770.dll" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565771.dll" => File/Directory not found.
"C:\System Volume Information\_restore{DDEEA97B-6C52-4548-81AE-D7C2E49E4A7A}\RP2026\A0565772.dll" => File/Directory not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
Winsock - Google Desktop Search Backup Before First Install => Service not found.
Winsock - Google Desktop Search Backup Before Last Install => Service not found.

=========  netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieen.


========= End of CMD: =========

EmptyTemp: => Removed 44.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 14:22:23 ====


FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Ulfilas57 (administrator) on ULFILAS on 30-03-2015 15:26:45
Running from C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads
Loaded Profiles: Ulfilas57 (Available profiles: Ulfilas57)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Programme\Windows Defender\MsMpEng.exe
(Avira GmbH) C:\Programme\AntiVir PersonalEdition Classic\sched.exe
(AVIRA GmbH) C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
(AOL LLC) C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
(Aladdin Knowledge Systems Ltd.) C:\WINDOWS\system32\hasplms.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
(InterVideo) C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
(Oracle Corporation) C:\Programme\Java\jre7\bin\jqs.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
() C:\WINDOWS\system32\PAStiSvc.exe
(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(America Online, Inc.) C:\Programme\Gemeinsame Dateien\aol\1186092089\ee\aolsoftware.exe
(Apple Inc.) C:\Programme\QuickTime\QTTask.exe
(SSC Localization Group) C:\Programme\SSC Service Utility\ssc_serv.exe
(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\NBHGui.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCD.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe
(Logitech Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.exe
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.bin
(Oracle Corporation) C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Programme\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [Automatisch EPSON Stylus Photo R200 Series auf MARION] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE [99840 2003-09-11] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [HostManager] => C:\Programme\Gemeinsame Dateien\AOL\1186092089\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [101136 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [417792 2009-09-05] (Apple Inc.)
HKLM\...\Run: [TkBellExe] => C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [198160 2009-09-11] (RealNetworks, Inc.)
HKLM\...\Run: [SSC Service Utility] => C:\Programme\SSC Service Utility\ssc_serv.exe [665600 2007-10-09] (SSC Localization Group)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [SecurDisc] => C:\Programme\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-11-26] (Nero AG)
HKLM\...\Run: [InCD] => C:\Programme\Nero\Nero 7\InCD\InCD.exe [1057064 2007-11-26] (Nero AG)
HKU\S-1-5-21-484763869-630328440-839522115-1004\...\Run: [LightScribe Control Panel] => C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe [2363392 2009-11-20] (Hewlett-Packard Company)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [519584 2010-02-28] (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Startmenü\Programme\Autostart\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-484763869-630328440-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-484763869-630328440-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2013-09-03] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Programme\Java\jre7\bin\ssv.dll [2013-08-20] (Oracle Corporation)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-01-14] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre7\bin\jp2ssv.dll [2013-08-20] (Oracle Corporation)
BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} hxxp://midasplayer.aol.de/midasa.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/hidinputmonitorx.ocx
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} hxxp://download.ebay.com/turbo_lister/DE/install.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} hxxp://king.aolsvc.de/ctl/kingcomie.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} hxxp://aolcc.aol.de/computercheckup/qdiagcc.cab
DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/A9.ocx
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1115727237102
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152046154312
DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/wmvhdrating.ocx
DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} hxxp://www.parallelgraphics.com/bin/cortvrml.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://office.dogcam.smalldog.com/activex/AxisCamControl.cab
DPF: {ABC1D8DE-CAB5-4FB7-BCD0-137BAB9F09DC} hxxp://www.aldisued-fotos-druck.de/upload/aldi_sued_bilduebertragung.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game14.zylomgames.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll [2005-04-27] (Haufe Mediengruppe)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll [2008-07-30] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{388DB4AB-8D7B-4BA2-946F-3BDE1F6619F0}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{3ECE9A19-5146-4846-BBB2-E014515541B5}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{D6A749A3-AC13-4E2F-9449-37FA7FD3624B}: [NameServer] 50.7.75.18,107.6.133.6

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2010-01-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-04-26] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll [2009-10-23] ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-01-03] (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Programme\Java\jre7\bin\plugin2\npjp2.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nppl3260.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 -> c:\programme\real\realone player\Netscape6\nprjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nprpjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-23]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=54E00010DCFAF9B2&affID=119357&tsp=4945"
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\41.0.2272.101\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\41.0.2272.101\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\41.0.2272.101\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Zylom Plugin) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll No File
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\programme\real\realone player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\programme\real\realone player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\programme\real\realone player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Profile: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
StartMenuInternet: chrome.exe - Chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-06-27] (Adobe Systems) [File not signed]
R2 AntiVirScheduler; C:\Programme\AntiVir PersonalEdition Classic\sched.exe [47656 2006-11-13] (Avira GmbH) [File not signed]
R2 AntiVirService; C:\Programme\AntiVir PersonalEdition Classic\avguard.exe [200744 2006-11-24] (AVIRA GmbH) [File not signed]
R2 AOL ACS; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)
R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2010-02-20] (Acresso Software Inc.)
S2 gupdate1c9871269d85f5e; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-09] (Google)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [2562048 2008-04-24] (Aladdin Knowledge Systems Ltd.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545568 2009-10-28] (Apple Inc.)
R2 IviRegMgr; C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe [112152 2007-01-04] (InterVideo)
R2 JavaQuickStarterService; C:\Programme\Java\jre7\bin\jqs.exe [182184 2013-08-20] (Oracle Corporation)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2009-11-20] (Hewlett-Packard Company) [File not signed]
S3 Macromedia Licensing Service; C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2007-09-10] () [File not signed]
R2 MBAMScheduler; C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)
S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [143436 2006-03-09] (NVIDIA Corporation) [File not signed]
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [339456 2006-06-02] (O&O Software GmbH) [File not signed]
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [53248 2005-01-14] () [File not signed]
R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-01-18] (Ulead Systems, Inc.)
S3 UPnPService; C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.) [File not signed]
R2 WinDefend; C:\Programme\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [X]
S3 McComponentHostService; "C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aksfridge; C:\WINDOWS\System32\DRIVERS\aksfridge.sys [350720 2008-03-18] (Aladdin Knowledge Systems Ltd.)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [238976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
S3 akshhl; C:\WINDOWS\System32\DRIVERS\akshhl.sys [46336 2007-07-23] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [14976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [695852 2003-01-10] (Realtek Semiconductor Corp.) [File not signed]
R1 avgio; C:\Programme\AntiVir PersonalEdition Classic\avgio.sys [7296 2006-11-22] (AVIRA GmbH) [File not signed]
R3 avgntflt; C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys [45104 2006-11-24] (AVIRA GmbH)
S3 BENDER; C:\WINDOWS\System32\drivers\bender.sys [200320 2005-08-22] (Pinnacle Systems) [File not signed]
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-05-14] (Avanquest Software) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cdrblock; C:\WINDOWS\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 giveio; C:\WINDOWS\system32\giveio.sys [5248 2009-05-15] () [File not signed]
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [586240 2008-02-11] (Aladdin Knowledge Systems Ltd.)
R0 hotcore; C:\WINDOWS\System32\drivers\hotcore.sys [18208 2005-10-14] (Paragon Software Group) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [38440 2007-11-26] (Nero AG)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]
S3 KMWDFilter; C:\WINDOWS\System32\Drivers\KMWDFilter.SYS [17024 2007-03-29] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171008 2005-06-02] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-03-30] (Malwarebytes Corporation)
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [3650368 2006-03-09] (NVIDIA Corporation) [File not signed]
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation      )
R1 SSHDRV85; C:\WINDOWS\system32\drivers\SSHDRV85.sys [78848 2007-03-28] () [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [32000 2008-07-10] (Apple, Inc.) [File not signed]
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S2 adfs; No ImagePath
S3 catchme; \??\C:\DOKUME~1\ULFILA~1.ULF\LOKALE~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 NTACCESS; \??\I:\NTACCESS.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\I:\NTGLM7X.sys [X]
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-30 13:55 - 2015-03-30 13:55 - 00090112 _____ () C:\WINDOWS\Minidump\Mini033015-01.dmp
2015-03-30 13:46 - 2015-03-30 13:46 - 01057488 _____ (Adobe) C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\install_reader11xp_de_gtbd_chra_dy_aaa_aih.exe
2015-03-30 13:43 - 2015-03-30 13:43 - 01054400 _____ (Adobe) C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\install_flashplayer17x32ax_gtbd_chra_dy_aaa_aih.exe
2015-03-30 13:37 - 2015-03-30 13:37 - 00560552 _____ (Oracle Corporation) C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\JavaSetup8u40.exe
2015-03-27 14:38 - 2015-03-27 14:38 - 00852604 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\SecurityCheck.exe
2015-03-27 13:54 - 2015-03-27 13:54 - 00001781 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2015-03-27 13:54 - 2015-03-27 13:54 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Chrome
2015-03-25 17:23 - 2015-03-25 17:23 - 00001003 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\JRT.txt
2015-03-25 16:04 - 2015-03-25 16:14 - 00000000 ____D () C:\AdwCleaner
2015-03-25 15:38 - 2015-03-25 15:38 - 00090112 _____ () C:\WINDOWS\Minidump\Mini032515-01.dmp
2015-03-21 14:39 - 2015-03-30 14:30 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-03-21 14:35 - 2015-03-21 14:35 - 00000761 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-21 14:35 - 2015-03-21 14:35 - 00000000 ____D () C:\Programme\Malwarebytes Anti-Malware
2015-03-21 14:35 - 2015-03-21 14:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes Anti-Malware
2015-03-21 14:35 - 2015-03-21 14:35 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2015-03-21 14:35 - 2015-03-17 07:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-03-21 14:35 - 2015-03-17 07:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-03-20 17:25 - 2015-03-20 17:25 - 00090112 _____ () C:\WINDOWS\Minidump\Mini032015-01.dmp
2015-03-20 17:18 - 2015-03-30 14:47 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-03-20 17:18 - 2015-03-20 17:18 - 00022647 _____ () C:\ComboFix.txt
2015-03-20 17:18 - 2015-03-20 17:18 - 00000000 ____D () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\temp
2015-03-20 16:29 - 2015-03-20 16:29 - 00000000 _RSHD () C:\cmdcons
2015-03-20 16:29 - 2013-07-17 12:57 - 00000211 _____ () C:\Boot.bak
2015-03-20 16:29 - 2004-08-04 00:00 - 00262448 __RSH () C:\cmldr
2015-03-20 16:24 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-03-20 16:24 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-03-20 16:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-03-20 16:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-03-20 16:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-03-20 16:24 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-03-20 16:24 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-03-20 16:24 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-03-20 16:24 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-03-20 16:20 - 2015-03-20 17:18 - 00000000 ____D () C:\Qoobox
2015-03-20 16:20 - 2015-03-20 16:20 - 00000000 ___RD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Verwaltung
2015-03-20 16:19 - 2015-03-20 17:14 - 00000000 ____D () C:\WINDOWS\erdnt
2015-03-20 03:30 - 2015-03-20 03:30 - 00000000 _____ () C:\WINDOWS\system32\sho80.tmp
2015-03-20 03:01 - 2015-03-20 03:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\ABBYY
2015-03-20 03:01 - 2015-03-20 03:01 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\ABBYY
2015-03-20 01:08 - 2015-03-27 00:13 - 00000901 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\Revo Uninstaller.lnk
2015-03-20 01:07 - 2015-03-27 00:02 - 00000000 ____D () C:\Programme\VS Revo Group
2015-03-20 00:39 - 2015-03-30 14:30 - 00000230 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2015-03-20 00:39 - 2015-03-20 02:18 - 00000224 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-03-19 13:18 - 2015-03-19 13:18 - 00000000 _____ () C:\WINDOWS\system32\sho3AD.tmp
2015-03-19 13:17 - 2015-03-19 13:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2015-03-19 13:17 - 2015-03-19 13:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2015-03-19 13:16 - 2015-03-19 13:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2015-03-19 13:14 - 2015-03-19 13:14 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2015-03-19 13:13 - 2015-03-19 13:14 - 00124766 _____ () C:\WINDOWS\KB2900986.log
2015-03-19 12:45 - 2015-03-19 12:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2015-03-19 12:45 - 2015-03-19 12:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2015-03-19 12:45 - 2015-03-19 12:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2015-03-19 12:44 - 2015-03-19 12:44 - 00123275 _____ () C:\WINDOWS\KB2964358-IE7.log
2015-03-19 12:44 - 2015-03-19 12:44 - 00121716 _____ () C:\WINDOWS\KB2904266.log
2015-03-19 12:44 - 2015-03-19 12:44 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2015-03-19 12:43 - 2015-03-19 12:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2015-03-19 12:43 - 2015-03-19 12:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2015-03-19 12:39 - 2015-03-19 12:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2015-03-19 12:27 - 2015-03-19 12:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2015-03-19 12:24 - 2015-03-19 12:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2015-03-19 12:23 - 2015-03-19 12:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2015-03-19 12:22 - 2015-03-19 12:23 - 00004702 _____ () C:\WINDOWS\KB2934207.log
2015-03-19 12:06 - 2015-03-19 12:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2015-03-19 12:00 - 2015-03-19 12:10 - 00004724 _____ () C:\WINDOWS\KB2914368.log
2015-03-18 18:59 - 2015-03-19 13:17 - 00136251 _____ () C:\WINDOWS\KB2922229.log
2015-03-18 18:59 - 2015-03-19 13:17 - 00135985 _____ () C:\WINDOWS\KB2868626.log
2015-03-18 18:59 - 2015-03-19 13:16 - 00137166 _____ () C:\WINDOWS\KB2916036.log
2015-03-18 18:58 - 2015-03-19 13:15 - 00225180 _____ () C:\WINDOWS\KB2936068-IE7.log
2015-03-18 18:55 - 2015-03-19 12:46 - 00129285 _____ () C:\WINDOWS\KB2898715.log
2015-03-18 18:50 - 2015-03-19 12:45 - 00127948 _____ () C:\WINDOWS\KB2929961.log
2015-03-18 18:49 - 2015-03-19 12:45 - 00128870 _____ () C:\WINDOWS\KB2909212.log
2015-03-18 18:48 - 2015-03-19 12:44 - 00128338 _____ () C:\WINDOWS\KB2930275.log
2015-03-18 18:46 - 2015-03-19 12:43 - 00127371 _____ () C:\WINDOWS\KB2862152.log
2015-03-18 18:41 - 2015-03-19 12:39 - 00127939 _____ () C:\WINDOWS\KB2876331.log
2015-03-18 18:38 - 2015-03-19 12:27 - 00127269 _____ () C:\WINDOWS\KB2893294.log
2015-03-18 18:35 - 2015-03-19 12:24 - 00010021 _____ () C:\WINDOWS\KB2892075.log
2015-03-18 18:31 - 2014-02-27 01:28 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2015-03-18 18:31 - 2014-02-27 01:28 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2015-03-18 18:25 - 2015-03-30 15:27 - 00000000 ____D () C:\FRST

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-30 15:29 - 2013-07-08 12:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp
2015-03-30 15:24 - 2009-06-30 03:32 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-30 14:47 - 2013-08-10 15:43 - 00000322 ____H () C:\WINDOWS\Tasks\MP Scheduled Scan.job
2015-03-30 14:47 - 2005-05-10 14:14 - 01983997 _____ () C:\WINDOWS\WindowsUpdate.log
2015-03-30 14:33 - 2006-04-11 14:20 - 00050257 _____ () C:\WINDOWS\system32\nvapps.xml
2015-03-30 14:31 - 2013-07-08 12:53 - 00000000 __SHD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Verlauf
2015-03-30 14:31 - 2001-08-18 13:00 - 00013050 _____ () C:\WINDOWS\system32\wpa.dbl
2015-03-30 14:30 - 2012-01-31 16:19 - 00000314 _____ () C:\WINDOWS\Tasks\GlaryInitialize.job
2015-03-30 14:30 - 2009-06-30 03:32 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-30 14:30 - 2008-01-03 14:41 - 00000276 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-03-30 14:29 - 2005-05-10 14:54 - 00000157 _____ () C:\WINDOWS\wiadebug.log
2015-03-30 14:27 - 2005-05-10 14:54 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-03-30 14:27 - 2005-05-10 14:06 - 00000000 __SHD () C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Verlauf
2015-03-30 14:27 - 2005-05-10 14:02 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-03-30 14:26 - 2005-05-10 14:06 - 00032372 _____ () C:\WINDOWS\SchedLgU.Txt
2015-03-30 14:25 - 2013-07-08 12:53 - 00000190 ___SH () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\ntuser.ini
2015-03-30 14:20 - 2005-05-10 14:06 - 00000000 ___HD () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Verlauf
2015-03-30 14:17 - 2009-08-23 23:20 - 00000000 __SHD () C:\Dokumente und Einstellungen\Default User\Lokale Einstellungen\Verlauf
2015-03-30 13:55 - 2006-07-28 23:12 - 00706257 _____ () C:\WINDOWS\system32\OODBS.lor
2015-03-30 13:26 - 2005-05-10 14:52 - 01082156 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-03-27 14:17 - 2005-05-10 14:52 - 00000000 ___RD () C:\Programme
2015-03-27 13:54 - 2005-05-10 14:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-03-27 13:34 - 2005-05-27 23:27 - 00000000 ____D () C:\Programme\Google
2015-03-27 13:16 - 2006-09-23 18:17 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Google
2015-03-27 00:13 - 2013-07-08 12:53 - 00000000 ___RD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme
2015-03-25 17:18 - 2013-07-08 12:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS
2015-03-25 16:14 - 2013-07-08 13:05 - 00000889 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Internet Explorer.lnk
2015-03-25 15:38 - 2005-05-15 23:46 - 00000000 ____D () C:\WINDOWS\Minidump
2015-03-20 17:15 - 2005-05-10 14:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-03-20 17:12 - 2001-08-18 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-03-20 17:10 - 2012-10-18 20:19 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57 - Kopie
2015-03-20 16:29 - 2005-05-10 14:49 - 00000327 __RSH () C:\boot.ini
2015-03-20 16:08 - 2005-05-10 14:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Dokumente
2015-03-20 15:55 - 2005-05-10 14:52 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Microsoft Shared
2015-03-20 15:53 - 2013-07-16 12:04 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\SoftGrid Client
2015-03-20 15:38 - 2005-05-10 14:46 - 00000000 ____D () C:\WINDOWS\Media
2015-03-20 15:37 - 2005-05-10 14:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü
2015-03-20 15:37 - 2005-05-10 14:00 - 00000037 _____ () C:\WINDOWS\vbaddin.ini
2015-03-20 15:37 - 2005-05-10 14:00 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung
2015-03-20 14:38 - 2005-05-10 20:20 - 00000000 ____D () C:\Programme\Adobe
2015-03-20 13:15 - 2010-09-30 03:01 - 00000232 _____ () C:\WINDOWS\setupact.log
2015-03-20 13:15 - 2010-09-19 03:10 - 00483947 _____ () C:\WINDOWS\setupapi.log
2015-03-20 03:30 - 2005-05-10 14:28 - 00000000 ___HD () C:\Programme\InstallShield Installation Information
2015-03-20 03:20 - 2005-05-11 19:19 - 00000000 ____D () C:\Programme\StarOffice6.0
2015-03-20 03:17 - 2009-11-06 00:21 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Nikon
2015-03-20 03:17 - 2005-05-10 14:46 - 00000000 ____D () C:\WINDOWS\twain_32
2015-03-20 03:15 - 2013-07-22 00:05 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\elsterformular
2015-03-20 03:15 - 2010-01-23 03:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ElsterFormular
2015-03-20 03:15 - 2010-01-23 03:12 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
2015-03-20 02:42 - 2008-02-12 12:05 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Lexware
2015-03-20 00:52 - 2013-08-19 23:38 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-03-20 00:32 - 2005-05-10 14:51 - 02173272 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-03-20 00:31 - 2009-01-20 23:53 - 00000000 ____D () C:\Programme\Microsoft Silverlight
2015-03-19 13:17 - 2010-10-14 09:30 - 00110424 _____ () C:\WINDOWS\updspapi.log
2015-03-19 13:17 - 2010-09-30 03:01 - 00382167 _____ () C:\WINDOWS\tsoc.log
2015-03-19 13:17 - 2010-09-30 03:01 - 00326488 _____ () C:\WINDOWS\comsetup.log
2015-03-19 13:17 - 2010-09-30 03:01 - 00200945 _____ () C:\WINDOWS\ntdtcsetup.log
2015-03-19 13:17 - 2010-09-30 03:01 - 00158616 _____ () C:\WINDOWS\iis6.log
2015-03-19 13:17 - 2010-09-30 03:01 - 00055404 _____ () C:\WINDOWS\ocmsn.log
2015-03-19 13:17 - 2010-09-30 03:01 - 00050058 _____ () C:\WINDOWS\msgsocm.log
2015-03-19 13:17 - 2010-09-30 03:01 - 00001374 _____ () C:\WINDOWS\imsins.log
2015-03-19 13:17 - 2010-09-30 03:01 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2015-03-19 13:17 - 2010-09-30 03:00 - 01001616 _____ () C:\WINDOWS\FaxSetup.log
2015-03-19 13:17 - 2010-09-30 03:00 - 00478872 _____ () C:\WINDOWS\ocgen.log
2015-03-19 13:15 - 2007-11-15 13:14 - 00000000 ____D () C:\WINDOWS\system32\de-de
2015-03-19 12:54 - 2006-09-23 18:20 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-03-19 12:44 - 2007-11-15 13:15 - 00000000 ____D () C:\WINDOWS\ie7updates
2015-03-19 12:44 - 2007-02-25 03:33 - 01010274 _____ () C:\WINDOWS\system32\TZLog.log
2015-03-19 12:26 - 2010-06-05 03:01 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Silverlight
2015-03-18 19:25 - 2001-08-18 13:00 - 00001607 _____ () C:\WINDOWS\win.ini
2015-03-18 16:13 - 2006-12-24 17:49 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic

==================== Files in the root of some directories =======

2013-07-16 12:05 - 2013-07-16 12:05 - 0000000 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\sversion.ini
2014-01-22 15:43 - 2014-03-21 00:33 - 0006144 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-16 12:45 - 2013-07-16 12:45 - 0000150 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\contentDATs.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\SecurityScan_Release.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\jre-6u34-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\jre-8u40-windows-au.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---

schrauber 30.03.2015 17:36
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Tcpip\..\Interfaces\{388DB4AB-8D7B-4BA2-946F-3BDE1F6619F0}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{3ECE9A19-5146-4846-BBB2-E014515541B5}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{D6A749A3-AC13-4E2F-9449-37FA7FD3624B}: [NameServer] 50.7.75.18,107.6.133.6

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Gewusst wie: Durchführen eines sauberen Neustarts in Windows

Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht.

Diesen dann hier benennen.

ulfilas-bs 31.03.2015 00:06
Hi schrauber,

wie du jetzt neulich auf USA gekommen bist, weiß ichimmer noch nicht ... :confused:


Hier das Fixlog:

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Ulfilas57 at 2015-03-31 00:57:57 Run:3
Running from C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads
Loaded Profiles: Ulfilas57 (Available profiles: Ulfilas57)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Tcpip\..\Interfaces\{388DB4AB-8D7B-4BA2-946F-3BDE1F6619F0}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{3ECE9A19-5146-4846-BBB2-E014515541B5}: [NameServer] 50.7.75.18,107.6.133.6
Tcpip\..\Interfaces\{D6A749A3-AC13-4E2F-9449-37FA7FD3624B}: [NameServer] 50.7.75.18,107.6.133.6
       
*****************

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{388DB4AB-8D7B-4BA2-946F-3BDE1F6619F0}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3ECE9A19-5146-4846-BBB2-E014515541B5}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D6A749A3-AC13-4E2F-9449-37FA7FD3624B}\\NameServer => value deleted successfully.

==== End of Fixlog 00:57:57 ====

Die weiteren Schritte stehen auf meiner To-do-Liste für Dienstag ...


Grüße, Wolfgang


PS: Neugierig, wie ich manchmal bin, habe ich doch kurz vor dem Ausschalten der Rechner noch mal eben auf deinen Link "Gewußt wie ... sauberer Neustart ..." geklickt.

Für XP gibt es die Anleitung nur in Englisch, was nicht das Problem ist. Ein Problem könnte aber werden, daß der Link "Download Guided Help" für Methode 1 auf der Microsoft Support-Seite nirgendwohin mehr führt.

Bleibt offenbar nur noch Methode 2 für Fortgeschrittene (!).

Du kriegst das mit Sicherheit hin - ich hoffe nur, ich mache hier nicht irgendwas falsch.

Geht schon los mit der ersten Zeile der Anleitung ("uuid=8c884a98-6334-4d34-82ae-acdfe8959440 VideoUrl=hxxp://aka.ms/o1h3lc"). Was will mir das sagen, und muß ich damit irgendwas machen?


Kann man ggf. dieser Anleitung (hxxp://www.its05.de/computerwissen-computerhilfe/pc-windows/system-windows/windows-xp-sauberer-neustart.html) trauen?

schrauber 31.03.2015 16:43
Wo hast du diesen ersten Link her? Ist das Werbung auf der Seite? Du musst keinem Link folgen, in der MS Beschreibung unter Fortgeschritten steht doch schon alles drin.

Die IPs die wir gefixt haben waren aus den USA.

ulfilas-bs 01.04.2015 10:46
Das stand direkt so auf der Microsoft-Seite:

http://www.ulfilas.com/screenshot15.jpg

Ich werde also mal loslegen auf dem XP und bin gespannt, was passieren wird.


Das Temperaturproblem bei dem Win7-Rechner scheint gelöst zu sein. Ich habe gestern sowohl der Grafikkarte als auch dem Mainboard neue Wärmeleitpaste verpaßt und seither läuft alles störungsfrei.

Kann ich den Ventilator im Fußbereich wohl abbauen ... :singsing:

schrauber 01.04.2015 13:50
Ok, dann mach mal :)

ulfilas-bs 02.04.2015 01:03
So, das war nun ein ganz schöner Act! Die vielen Neustarts halten einen mächtig auf Trab!

Ich bin mir jetzt nicht sicher, ob ich richtig vorgegangen bin.

Im Systemkonfigurationsprogramm habe ich zunächst alle Dienste ausgeschaltet, nachdem ich unten alle Microsoft-Deinste ausgeblendet hatte.

Danach habe ich zunächst den obersten Dienst aktiviert und einen Neustart durchgeführt.

Da ich mir etwas unschlüssig war, was ich nun tun müsse, um festzustellen, ob der Rechner jetzt besser läuft, klickte ich einfach einige Ordner auf dem Desktop an, die Bilder enthielten, um zu sehen, wie lange es dauert, bis die Bilder angezeigt werden.

Ich vermute mal, es ist nicht nötig, probeweise Programme zu starten, oder?

Diese Prozedur habe ich mit allen folgenden Diensten wiederholt. Allerdings habe ich die vorherigen nicht ausgeschaltet, sondern den jeweils nachfolgenden dazugeschaltet. War das richtig so?

Folgende Dienste verursachten meiner Einschätzung nach Probleme:

Avira Personal Edition Classic Guard

Firebird Server - MAGIX Instance

Google Update-Dienst

Install Driver Table Manager

Windows Card Space

HASP License Manager

MBAMService

NM Indexing Service

STI Simulator


Ich habe vom XP aus momentan keinen Internet-Zugang mehr. Hängt das damit zusammen, daß ich immer noch im Systemkonfigurationsprogramm bin? Es geht sowohl mit Google Chrome als auch mit dem Internet Explorer nicht.

Wie geht es jetzt weiter? Wie komme ich aus dem Systemkonfigurationsprogramm wieder raus? Muß ich da im Augenblick überhaupt wieder raus oder folgen innerhalb des Programms jetzt weitere Schritte?

Wie gesagt: XP hat keinen Internetzugang im Moment.

Viele Grüße

Wolfgang

PS: Ich vergaß zu erwähnen, daß seit ein paar Testdurchgängen mit jeweiligem Neustart der Computer beim Hochfahren zweimal kurz piept und nach einer kurzen Pause noch einmal kurz. Angezeigt wird die Meldung:

"A: Drive Error
Press F1 to Resume"


Das war bei den ersten Durchgängen nicht so.

Woran liegt das?

schrauber 02.04.2015 19:51
Richtig, alle deaktivieren, neustarten und testen. einen dazunehmen, neustarten, testen, wieder einen dazunehmen und so weiter.

Du kannst auch Programme öffnen und Co. Richtig testen bevor du den nächsten dazu packst. Es kann eigentlich nur einer sein der signifikant bremst.

Internet wird nicht oder nicht richtig gehen solange Du in diesem Modus bist.

ulfilas-bs 02.04.2015 22:00
Ok, dann habe ich das ja intuitiv richtig gemacht. :-)

Wie geht es denn jetzt weiter? Die Auflistung der Kandidaten, die mich meiner Meinung nach ausgebremst haben, hast du ja.

Was muß ich jetzt tun?

Sicherheitshalber dir jetzt schon mal frohe Ostertage.

Viele Grüße

Wolfgang

schrauber 03.04.2015 10:51
Naja, wie gesagt, es kann eigentlich nur einer sein. Bissl ausbremsen, ok. Wir suchen den wo es schlagartig richtig übel wird. Deswegen ruhig mal mit Programme öffnen und Co testen.

Und testweise mal Avira komplett deinstallieren und nochmal testen.

ulfilas-bs 10.04.2015 21:45
Hallo schrauber,

Ostern ist nun zum Glück rum, und die letzten Tage habe ich mich nebenbei mit dem XP beschäftigt.

Es ist mir nicht wirklich gelungen, den Übeltäter ausfindig zu machen. Egal, welchen Dienst ich aktiviere oder deaktiviere, es ändert sich nicht merklich was.

Allerdings hat sich was getan, nachdem ich Avira deinstalliert habe.

Vielleicht ist das derjenige, welcher ...

Es sind jetzt alle Dienste wieder aktiviert, Avira ist nach wie vor deinstalliert - was aber nicht tragisch sein dürfte, da der XP eh keinen Internetzugang weiterhin haben soll. Dafür ist der Win 7-Rechner da.

Wie geht es nun weiter?

Ich befinde mich immer noch im Systemkonfigurationsprogramm.

Was ist der nächste Schritt?

Viele Grüße

Wolfgang






Ja, so ein Ärger!

Da lief mit dem Win 7-Rechner alles wieder so schön, und jetzt tut sich ein neues Problem auf:

Ich wollte eben mein Scanprogramm starten, das bis gestern einwandfrei lief, und erhalte folgende Fehlermeldung:

EPSON Scan: escndv.exe - Sytemfehler

Das Programm kann nicht gestratet werden, da MSVCP70.dll auf
dem Computer fehlt. Installieren Sie das Programm erneut, um
das Problem zu beheben.

Neuinstallation habe ich schon durchgeführt, es geht aber trotzdem nicht, und die Fehlermeldung erscheint wie gehabt.

Was mache ich denn nun? :headbang:

schrauber 11.04.2015 10:40
Die Meldung hast Du auf dem Win7? Den XP Rechner wieder auf normalen Boot umstellen.

Vom Win7 ein FRST Log bitte.

ulfilas-bs 12.04.2015 23:32
Hallo schrauber,

ja, die Meldung habe ich auf dem Win7.

FRST habe ich laufen lassen, er hat sich beim ersten Versuch aber böse aufgehängt und eierte immer auf derselben Fehlermeldung herum.

Ich habe zwar einen Screenshot der Fehlermeldung gemacht, kann sie jetzt aber nicht zeigen, weil sie mir irgendwo auf dem Weg zwischen Screenshot und Phototshop einfügen verlorenging.

Beim zweiten Scan-Durchgang war FRST viel schneller. Innerhalb von Sekunden war das Ergebnis da.

Hier ist es (wie gesagt: es geht wieder um den Win7-Rechner):


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2015
Ran by ulfilas (administrator) on ULFILAS-PC2 on 13-04-2015 00:21:58
Running from C:\Users\ulfilas\Downloads
Loaded Profiles: ulfilas & UpdatusUser (Available profiles: ulfilas & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1294882704\ee\aolsoftware.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(SONIX) C:\Windows\FixCamera.exe
() C:\Windows\tsnp2uvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\AOLBrowser\aolbrowser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [134416 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [675840 2008-08-01] (Sonix)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1294882704\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [188928 2008-08-21] (SONIX)
HKLM-x32\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe [675840 2008-08-01] (Sonix)
HKLM-x32\...\Run: [tsnp2uvc] => C:\Windows\tsnp2uvc.exe [320512 2009-12-11] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31346784 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [42320 2012-01-31] (AOL Inc.)
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-39457134-2311114567-1202830544-1003\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()
HKU\S-1-5-21-39457134-2311114567-1202830544-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [425984 2009-08-05] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ulfilas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-39457134-2311114567-1202830544-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-39457134-2311114567-1202830544-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-03-03] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-03-03] (Oracle Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-03-31] (RealPlayer)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll [2012-11-23] (MedienTeam66)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll [2004-12-14] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {B4977DFF-8AE5-44DC-8A42-C62F56960AA9} hxxp://javadl-esd.sun.com/update/1.4.2/jinstall-1_4_2-windows-i586.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [2009-02-06] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default
FF SearchEngineOrder.3: Bing
FF NetworkProxy: "autoconfig_url", "chrome://viewtubes/content/viewtubes_false.pac"
FF NetworkProxy: "type", 2
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-03-03] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-03-03] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll [2012-03-31] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKU\S-1-5-21-39457134-2311114567-1202830544-1003: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2012-06-01] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2012-06-01] (Apple Inc.)
FF SearchPlugin: C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\searchplugins\bingp.xml [2015-03-08]
FF Extension: Avira Browser Safety - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\abs@avira.com [2014-08-14]
FF Extension: ProxTube - Unblock YouTube - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\ich@maltegoetz.de [2014-02-08]
FF Extension: Viewtubes - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\FF_AddOn@viewtubes.de.xpi [2012-04-20]
FF Extension: YouTube quality manager - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\youtubequality@rzll.xpi [2012-04-21]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\ulfilas\AppData\Roaming\Mozilla\Firefox\Profiles\dz9z9wt9.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-20]
FF Extension: Recorder Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2012-11-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-03-31]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-01-07]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]
CHR Extension: (Google Docs) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]
CHR Extension: (Google Drive) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-03]
CHR Extension: (YouTube) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-03]
CHR Extension: (Adblock Plus) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-04]
CHR Extension: (Google Search) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-03]
CHR Extension: (Google Sheets) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]
CHR Extension: (Avira Browser Safety) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-03]
CHR Extension: (Bookmark Manager) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-11]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2015-03-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Skype Click to Call) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-03]
CHR Extension: (Google Wallet) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-07]
CHR Extension: (Gmail) - C:\Users\ulfilas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-03]
CHR HKU\S-1-5-21-39457134-2311114567-1202830544-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-03-31]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-03-28] (Adobe Systems) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 hasplms; C:\Windows\system32\hasplms.exe [4913608 2011-12-02] (SafeNet Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [57088 2011-09-08] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [21120 2011-08-09] (SafeNet Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-02-12] (Avira Operations GmbH & Co. KG)
R1 cdrblock; C:\Windows\System32\DRIVERS\cdrblock.sys [34360 2008-05-30] (Canopus Co,. Ltd.)
S1 FNETURPX; C:\Windows\SysWOW64\drivers\FNETURPX.SYS [7040 2013-01-26] (FNet Co., Ltd.) [File not signed]
R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [321536 2011-10-07] (SafeNet Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-04-05] (REALiX(tm))
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-08] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3552512 2009-12-18] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
S3 USA19H; C:\Windows\System32\DRIVERS\USA19Hx64.sys [740096 2007-10-30] (Keyspan)
S3 USA19HP; C:\Windows\System32\DRIVERS\USA19Hx64p.SYS [35840 2007-10-23] (Keyspan)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S1 okorkylq; \??\C:\Windows\system32\drivers\okorkylq.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 00:05 - 2015-04-13 00:05 - 00042579 _____ () C:\Users\ulfilas\Downloads\Addition.txt
2015-04-13 00:03 - 2015-04-13 00:21 - 00031347 _____ () C:\Users\ulfilas\Downloads\FRST.txt
2015-04-13 00:03 - 2015-04-13 00:21 - 00000000 ____D () C:\FRST
2015-04-13 00:03 - 2015-04-13 00:03 - 02096640 _____ (Farbar) C:\Users\ulfilas\Downloads\FRST64.exe
2015-04-11 00:57 - 2015-04-11 00:59 - 00000000 ____D () C:\Users\ulfilas\Desktop\Osterfahrt2015D_Foto=Matthias-Winkler
2015-04-11 00:56 - 2015-04-11 00:59 - 05771462 _____ () C:\Users\ulfilas\Desktop\Osterfahrt2015D_Foto=Matthias-Winkler.zip
2015-04-10 21:50 - 2015-04-10 21:50 - 00002180 _____ () C:\Users\Public\Desktop\ACDSee 18.lnk
2015-04-10 21:38 - 2015-04-10 21:39 - 87342872 _____ (ACD Systems International Inc. ) C:\Users\ulfilas\Downloads\acdsee-18-64bit.exe
2015-04-10 21:33 - 2015-04-10 21:33 - 01217056 _____ () C:\Users\ulfilas\Downloads\acdsee.exe
2015-04-10 21:33 - 2015-04-10 21:33 - 01217056 _____ () C:\Users\ulfilas\Downloads\acdsee (1).exe
2015-04-09 14:02 - 2015-04-09 14:02 - 06420600 _____ (Tim Kosse) C:\Users\ulfilas\Downloads\FileZilla_3.10.3_win64-setup.exe
2015-04-07 03:01 - 2015-04-07 03:01 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 03:01 - 2015-04-07 03:01 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-26 17:47 - 2015-03-26 17:47 - 00000034 _____ () C:\Users\ulfilas\AppData\Roaming\AdobeWLCMCache.dat
2015-03-26 17:16 - 2015-03-26 17:29 - 00001487 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2014.lnk
2015-03-26 15:52 - 2015-03-26 15:52 - 00000000 ___RD () C:\Users\ulfilas\Creative Cloud Files
2015-03-26 15:42 - 2015-03-26 15:42 - 00001273 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-03-26 15:34 - 2015-03-26 15:34 - 00672944 _____ (Adobe Systems Incorporated) C:\Users\ulfilas\Downloads\CreativeCloudSet-Up.exe
2015-03-26 13:40 - 2015-03-26 13:41 - 00000000 ____D () C:\Users\ulfilas\Desktop\Datenblätter Solaris-Bus
2015-03-25 03:49 - 2015-03-25 03:49 - 00032502 _____ () C:\Users\ulfilas\Desktop\d65790.htm
2015-03-21 15:29 - 2015-03-21 15:31 - 00000000 ____D () C:\Users\ulfilas\Desktop\Nikon Treiber
2015-03-20 13:35 - 2015-03-20 13:35 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-03-20 13:35 - 2015-03-20 13:35 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-03-20 13:35 - 2015-03-20 13:35 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-03-20 13:35 - 2015-03-20 13:35 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-03-20 13:35 - 2015-03-20 13:35 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-03-20 13:35 - 2015-03-20 13:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf
2015-03-20 13:35 - 2015-03-20 13:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-03-20 13:34 - 2015-03-20 13:34 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2015-03-20 13:32 - 2015-03-20 13:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2015-03-19 14:39 - 2015-03-19 14:39 - 14620887 _____ () C:\Users\ulfilas\Downloads\d90_de_07.zip
2015-03-19 14:38 - 2015-03-19 14:38 - 01203488 _____ () C:\Users\ulfilas\Downloads\Nikon D90 Bedienungsanleitung - CHIP-Installer.exe
2015-03-17 04:39 - 2015-03-17 04:39 - 00454736 _____ () C:\Windows\Minidump\031715-26348-01.dmp
2015-03-14 12:27 - 2015-04-10 10:44 - 00000372 _____ () C:\Windows\wininit.ini

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-13 00:18 - 2012-05-05 16:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-12 23:54 - 2010-12-30 03:43 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-12 23:39 - 2009-11-13 04:01 - 01645675 _____ () C:\Windows\WindowsUpdate.log
2015-04-12 23:37 - 2009-12-24 15:37 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Adobe
2015-04-12 23:36 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-12 23:36 - 2009-07-14 06:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-12 23:34 - 2011-06-20 15:24 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{40457202-43A6-48A0-B73A-FD3D606DDC7E}
2015-04-12 23:33 - 2009-09-09 00:47 - 00704324 _____ () C:\Windows\system32\perfh007.dat
2015-04-12 23:33 - 2009-09-09 00:47 - 00152162 _____ () C:\Windows\system32\perfc007.dat
2015-04-12 23:33 - 2009-07-14 07:13 - 01634576 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-12 23:30 - 2013-11-19 18:41 - 00000000 ___RD () C:\Users\ulfilas\Dropbox
2015-04-12 23:30 - 2013-11-19 18:26 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Dropbox
2015-04-12 23:29 - 2012-08-15 12:24 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Skype
2015-04-12 23:28 - 2014-05-09 00:09 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6b0a3cdc10aa.job
2015-04-12 23:28 - 2012-01-16 14:11 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize.job
2015-04-12 23:27 - 2009-11-13 04:06 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-12 23:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-12 23:27 - 2009-07-14 06:51 - 00180336 _____ () C:\Windows\setupact.log
2015-04-11 10:42 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-10 22:01 - 2010-12-27 15:57 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\ACD Systems
2015-04-10 22:01 - 2010-04-02 15:09 - 06592512 ___SH () C:\Users\ulfilas\Desktop\Thumbs.db
2015-04-10 21:50 - 2009-11-13 04:12 - 00427370 _____ () C:\Windows\DirectX.log
2015-04-10 21:40 - 2010-12-27 15:55 - 00000000 ____D () C:\Users\ulfilas\AppData\Local\Downloaded Installations
2015-04-10 21:03 - 2012-02-25 22:03 - 00000318 _____ () C:\Windows\Tasks\MT66 Software Update.job
2015-04-10 13:23 - 2011-04-09 03:31 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\FileZilla
2015-04-10 10:44 - 2013-11-19 18:27 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 13:00 - 2014-08-14 09:35 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-09 13:00 - 2013-12-22 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-08 00:32 - 2015-02-27 00:34 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-02 23:43 - 2013-04-30 13:11 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\MyPhoneExplorer
2015-04-02 10:25 - 2009-09-03 11:10 - 01682640 _____ () C:\Windows\PFRO.log
2015-04-01 13:20 - 2014-12-04 23:13 - 00000000 ____D () C:\Users\ulfilas\Desktop\Beschriftung Bw 77
2015-04-01 12:08 - 2013-12-22 15:14 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Avira
2015-04-01 12:07 - 2013-12-22 15:08 - 00000000 ____D () C:\ProgramData\Avira
2015-03-31 12:01 - 2012-12-03 14:31 - 00000000 ____D () C:\Users\ulfilas\Desktop\Verknüpfungen
2015-03-27 15:15 - 2009-12-24 15:15 - 00000000 ____D () C:\Users\ulfilas
2015-03-26 17:59 - 2015-01-08 00:34 - 00000000 ____D () C:\Program Files\Adobe
2015-03-26 17:59 - 2009-09-03 11:20 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-26 17:58 - 2009-09-03 11:20 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-26 17:57 - 2015-01-08 00:28 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-03-26 17:48 - 2012-02-09 19:07 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-03-26 17:48 - 2009-12-24 15:37 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Adobe
2015-03-25 03:33 - 2015-02-27 00:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 03:33 - 2015-02-27 00:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-21 15:02 - 2011-06-07 03:12 - 00038400 ___SH () C:\Users\ulfilas\Documents\Thumbs.db
2015-03-20 17:30 - 2009-12-24 15:15 - 00114928 _____ () C:\Users\ulfilas\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-20 17:29 - 2009-07-14 06:45 - 05037824 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-17 07:15 - 2015-02-27 00:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-17 07:15 - 2015-02-27 00:33 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-17 07:15 - 2015-02-27 00:33 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-17 04:39 - 2012-04-11 00:18 - 00000000 ____D () C:\Windows\Minidump
2015-03-17 04:38 - 2014-07-29 19:23 - 630468683 _____ () C:\Windows\MEMORY.DMP
2015-03-16 04:50 - 2009-12-24 15:51 - 00000000 ____D () C:\Users\ulfilas\AppData\Roaming\Nero
2015-03-14 12:23 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-14 12:22 - 2014-02-07 02:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

==================== Files in the root of some directories =======

2015-03-26 17:47 - 2015-03-26 17:47 - 0000034 _____ () C:\Users\ulfilas\AppData\Roaming\AdobeWLCMCache.dat
2013-07-28 01:16 - 2014-07-23 01:21 - 0000149 _____ () C:\Users\ulfilas\AppData\Roaming\WB.CFG
2013-12-31 02:17 - 2014-01-03 02:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-Q5-TTL.DAT
2013-06-28 10:16 - 2014-01-29 02:17 - 0000005 _____ () C:\Users\ulfilas\AppData\Roaming\WBPU-TTL.DAT
2011-06-27 23:15 - 2013-03-27 11:49 - 0003204 _____ () C:\Users\ulfilas\AppData\Roaming\wklnhst.dat
2012-03-08 19:46 - 2012-03-10 02:37 - 0001456 _____ () C:\Users\ulfilas\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2011-02-10 22:41 - 2014-12-12 15:35 - 0030720 _____ () C:\Users\ulfilas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-11 13:39 - 2010-02-11 13:40 - 0001643 _____ () C:\Users\ulfilas\AppData\Local\MyWinLockerInstaller.txt-20100211.log
2011-06-10 13:54 - 2012-04-27 15:02 - 0007658 _____ () C:\Users\ulfilas\AppData\Local\Resmon.ResmonCfg
2009-11-13 04:07 - 2009-11-13 04:10 - 0008031 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-09-03 10:44 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
2015-02-09 01:45 - 2015-02-09 01:49 - 0000128 ____H () C:\ProgramData\V93GE

Some content of TEMP:
====================
C:\Users\ulfilas\AppData\Local\Temp\ACDSee 18.exe
C:\Users\ulfilas\AppData\Local\Temp\avgnt.exe
C:\Users\ulfilas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwrcmoq.dll
C:\Users\ulfilas\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-07 04:05

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Grüße nach München

Wolfgang


PS: Mal eine andere Frage:

Wir waren uns ja dahingehend einig, dass mein alter XP-Rechner sicherheitshalber lieber nicht mehr am Internet hängen sollte, was ja verständlich ist.

Nun wäre es ja schön, wenn ich die Daten, die ich auf dem XP durch meine Einscannerei erzeuge, auf den Win7-Rechner rüberschaufeln könnte, ohne dafür den lästigen Weg über den USB-Stick zu gehen, was ja alles nur Zeit kostet.

Die Überlegung geht dahin, eine Verbindung zwischen XP- und Win7-Rechner herzustellen. Ein kleines internes Netzwerk.

Beide Rechner hängen - solange ich das LAN-Kabel des XP nicht ziehe - am Router.

Ist diese Kombination möglich: Beide Rechner hängen weiterhin am Router, Win7-Rechner hat einen Internetzugang, ein Datenaustausch zwischen beiden Computern kann über das interne Netzwerk stattfinden und der alte XP kann trotzdem vom Internet - also alles das, was vom Router nach draußen geht bzw. gegen das, was an Attacken von dort kommen könnte - abgeschottet sein, oder schließt sich das von vornherein aus?

schrauber 13.04.2015 12:33
Das geht. Einfach irgendeinen Mist in den DNS des XP eintragen, schon ist er nicht mehr online, aber im Netzwerk.

Win7:
FRST öffnen, in die Search Box folgendes kopieren

MSVCP70.dll

Dann auf Search Files klicken.

ulfilas-bs 13.04.2015 13:07
Win7 - hab ich gemacht. Folgendes hat er gesagt:

Code:
Farbar Recovery Scan Tool (x64) Version: 12-04-2015
Ran by ulfilas at 2015-04-13 13:56:33
Running from C:\Users\ulfilas\Downloads
Boot Mode: Normal

================== Search Files: "MSVCP70.dll" =============

C:\Program Files (x86)\Nvu\MSVCP70.DLL
[2013-04-02 15:36][2002-10-06 19:37] 0487424 ____A (Microsoft Corporation) 8396B5DE06E0D6AB16F5FC312A957AD4

====== End Of Search ======
Repariert hat er nix. Die Fehlermeldung kommt immer noch.

Was muß ich nun tun?

schrauber 13.04.2015 16:04
Download Microsoft*Visual*C++*2005 Redistributable Package (x86) from Official Microsoft Download Center

Installier das Package mal drüber.

ulfilas-bs 13.04.2015 19:13
Hab ich gemacht.

Hat aber nichts gebracht. :confused:

Neustart wurde durchgeführt.

schrauber 14.04.2015 07:17
Du könntest jetzt versuchen diese DLL Datei
Zitat:
C:\Program Files (x86)\Nvu\MSVCP70.DLL
zu kopieren und in den Programmordner von Epson zu kopieren. Mehr kann ich dann aber leider auch nicht mehr machen.

ulfilas-bs 14.04.2015 13:43
Ach komm, so schnell geben wir doch nicht auf ...

Also, die Datei habe ich rüberkopiert wie von dir vorgeschlagen, aber es hat sich nichts geändert.

Ich habe neulich einen Fehler gemacht. Es geht nicht um meinen Epson-Scanner, sondern um den Nikon-Scanner.

Die Fehlermeldung, wenn ich versuche, das Scanprogramm als Stand Alone zu starten, lautet also richtig:

Nikon Scan.exe - Systemfehler.

Das Programm kann nicht gestartet werden, da MSVCP70.dll auf
dem Computer fehlt. Installieren Sie das Programm erneut, um das Problem zu beheben.

Diese Meldung kommt auch beim Starten von Photoshop, da die Scansoftware sich als Plug-In auch aus Photoshop starten läßt.

Dies geht aber auch nicht mehr, das Plug-In erscheint im entsprechenden Menü gar nicht mehr, auch nicht ausgegraut.

Ich habe diese DLL-Datei natürlich in den Programmordner von Nikon kopiert.


Nun lag bei mir der Gedanke nah, einfach die Treibersoftware für den Nikon-Scanner neu zu installieren. Das geht aber auch nicht, und an dieser Stelle wird es richtig kompliziert:

Dieser Nikon-Scanner (Coolscan 5000 ED) wird seit einigen Jahren nicht mehr gebaut, obwohl sich alle Welt um dieses Gerät schlägt, weil es zum Diascannen praktisch nichts Besseres gibt.

Einen Treiber für Win7 oder später für 64 Bit-Rechner hat Nikon nicht mehr entwickelt.

Der Vorbesitzer dieses Geräts hat den Scanner aber sehr wohl unter solcher Umgebung laufen lassen.

Um den Scanner 64 Bit-tauglich zu machen, verwies er mich an diese Internetseite:

hxxp://www.colorneg.com/XP/Vista/7/driver-for-64-Bit-Windows/Coolscan/Nikon-Scan/

Ich habe schön alle dort beschriebenen Schritte befolgt, und der Scanner lief ja monatelang auch einwandfrei.

Soweit zum besseren Verständnis die Vorgeschichte. Nun zum Problem:

Ich habe vorhin versucht, den Scanner-Treiber neu zu installieren.

Das ging aber nicht, weil das Installationsprogramm vermeldete, es sei eine akuellere Software schon auf dem Rechner.

Das kann eigentlich nur die sein, die von der oben genannten Internetseite kommt (www.colorneg.com).

Diesen Ordner mit dem geänderten Script konnte ich erfolgreich löschen. Er lag ja auch einfach nur offen auf dem Desktop.

Dann versuchte ich, über die Systemsteuerung das Scanprogramm selbst zu entfernen.

Das funktionierte aber nicht. Es erschien die Fehlermeldung

Nikon Scan 4.0.3 kann auf diesem Betriebssystem nicht ausgeführt werden.

Es muß doch aber irgendwie möglich sein, dieses Programm wieder vom Computer herunterzubekommen und den Rechner quasi Nikon-frei zu bekommen.

Dann hätte ich vielleicht eine Chance, die Nikon-Software neu aufzuspielen.


Erwähnen möchte ich noch, daß der Scanner mit einer anderen Scan-Software durchaus läuft. Ich habe hier eine Demoversion von VueScan als Photoshop Plug-In, und damit geht es. Mit der Demoversion kann ich aber aus verschiedenen Gründen nicht arbeiten, und es kann ja auch nicht die Lösung sein, auf ein anderes Programm umzusteigen, zumal die Nikon-eigene Software vorher auch funktionierte.

Wie bekomme ich den Nikon-Treiber jetzt erstmal vom Rechner runter? Du hast bestimmt einen Tipp.

Viele Grüße

Wolfgang

schrauber 14.04.2015 20:16
Versuchs mal mit dem Revo Uninstaller.

ulfilas-bs 27.04.2015 14:05
Hallo schrauber,

ich habe diesmal leider ein paar Tage länger gebraucht, um mich zu melden. Ich hatte zu viele andere Dinge auf dem Tisch.

Deiner Empfehlung bin ich aber inzwischen gefolgt. Der alte Treiber ließ sich auf diese Weise wunderbar entfernen. Den Scanner-Treiber habe ich neu aufgespielt, und seitdem läuft alles wieder wunderbar!

Vielen Dank für deine Unterstützung. Besser konntest du es nicht machen!! :applaus::applaus::applaus::applaus::applaus:

Meinst du, wir kriegen mein unbenutztes Dreamweaver noch irgendwie vom XP runtergeschrubbt? Mit Revo ging es ja letztens nicht, und wir wollten diesen Punkt noch ganz hintenan stellen.

Viele Grüße

Wolfgang

schrauber 28.04.2015 12:17
Dann poste mal bitte frische FRST Logs :)

ulfilas-bs 30.04.2015 11:52
Gerne:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2015 01
Ran by Ulfilas57 (administrator) on ULFILAS on 30-04-2015 12:45:38
Running from C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads
Loaded Profiles: Ulfilas57 (Available profiles: Ulfilas57)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Programme\Windows Defender\MsMpEng.exe
(AOL LLC) C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
(SEIKO EPSON CORPORATION) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Aladdin Knowledge Systems Ltd.) C:\WINDOWS\system32\hasplms.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
(InterVideo) C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
() C:\WINDOWS\system32\PAStiSvc.exe
(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(SSC Localization Group) C:\Programme\SSC Service Utility\ssc_serv.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\NBHGui.exe
(Apple Inc.) C:\Programme\QuickTime\QTTask.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCD.exe
(America Online, Inc.) C:\Programme\Gemeinsame Dateien\aol\1186092089\ee\aolsoftware.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe
(Logitech Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.bin
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Farbar) C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads\FRST (1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Automatisch EPSON Stylus Photo R200 Series auf MARION] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE [99840 2003-09-11] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [TkBellExe] => C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [198160 2009-09-11] (RealNetworks, Inc.)
HKLM\...\Run: [SSC Service Utility] => C:\Programme\SSC Service Utility\ssc_serv.exe [665600 2007-10-09] (SSC Localization Group)
HKLM\...\Run: [SecurDisc] => C:\Programme\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-11-26] (Nero AG)
HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [417792 2009-09-05] (Apple Inc.)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NeroFilterCheck] => C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [101136 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [InCD] => C:\Programme\Nero\Nero 7\InCD\InCD.exe [1057064 2007-11-26] (Nero AG)
HKLM\...\Run: [HostManager] => C:\Programme\Gemeinsame Dateien\AOL\1186092089\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit
HKU\S-1-5-21-484763869-630328440-839522115-1004\...\Run: [LightScribe Control Panel] => C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe [2363392 2009-11-20] (Hewlett-Packard Company)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [519584 2010-02-28] (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk [2015-04-12]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk [2015-04-12]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\Adobe Gamma.lnk [2015-04-14]
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk [2015-04-12]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Startmenü\Programme\Autostart\Adobe Gamma.lnk [2012-10-18]
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\Adobe Gamma.lnk [2015-04-14]
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk [2015-04-12]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-484763869-630328440-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-484763869-630328440-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-01-14] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} hxxp://midasplayer.aol.de/midasa.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/hidinputmonitorx.ocx
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} hxxp://download.ebay.com/turbo_lister/DE/install.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} hxxp://king.aolsvc.de/ctl/kingcomie.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} hxxp://aolcc.aol.de/computercheckup/qdiagcc.cab
DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/A9.ocx
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1115727237102
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152046154312
DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/wmvhdrating.ocx
DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} hxxp://www.parallelgraphics.com/bin/cortvrml.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://office.dogcam.smalldog.com/activex/AxisCamControl.cab
DPF: {ABC1D8DE-CAB5-4FB7-BCD0-137BAB9F09DC} hxxp://www.aldisued-fotos-druck.de/upload/aldi_sued_bilduebertragung.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game14.zylomgames.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll [2005-04-27] (Haufe Mediengruppe)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll [2008-07-30] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-26] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-26] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456 2008-12-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2010-01-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-04-26] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll [2009-10-23] ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-01-03] (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Programme\Java\jre1.8.0_40\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Programme\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nppl3260.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 -> c:\programme\real\realone player\Netscape6\nprjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nprpjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-23]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=54E00010DCFAF9B2&affID=119357&tsp=4945"
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\42.0.2311.135\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Zylom Plugin) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll No File
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\programme\real\realone player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\programme\real\realone player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\programme\real\realone player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Profile: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
StartMenuInternet: chrome.exe - Chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-06-27] (Adobe Systems) [File not signed]
R2 AOL ACS; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)
R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 EPSON_PM_RPCV4_01; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2010-02-20] (Acresso Software Inc.)
S2 gupdate1c9871269d85f5e; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-09] (Google)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [2562048 2008-04-24] (Aladdin Knowledge Systems Ltd.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545568 2009-10-28] (Apple Inc.)
R2 IviRegMgr; C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe [112152 2007-01-04] (InterVideo)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2009-11-20] (Hewlett-Packard Company) [File not signed]
S3 Macromedia Licensing Service; C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2007-09-10] () [File not signed]
R2 MBAMScheduler; C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)
S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [143436 2006-03-09] (NVIDIA Corporation) [File not signed]
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [339456 2006-06-02] (O&O Software GmbH) [File not signed]
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [53248 2005-01-14] () [File not signed]
R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-01-18] (Ulead Systems, Inc.)
S3 UPnPService; C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.) [File not signed]
R2 WinDefend; C:\Programme\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [X]
S3 McComponentHostService; "C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aksfridge; C:\WINDOWS\System32\DRIVERS\aksfridge.sys [350720 2008-03-18] (Aladdin Knowledge Systems Ltd.)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [238976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
S3 akshhl; C:\WINDOWS\System32\DRIVERS\akshhl.sys [46336 2007-07-23] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [14976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [695852 2003-01-10] (Realtek Semiconductor Corp.) [File not signed]
S3 BENDER; C:\WINDOWS\System32\drivers\bender.sys [200320 2005-08-22] (Pinnacle Systems) [File not signed]
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-05-14] (Avanquest Software) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cdrblock; C:\WINDOWS\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 giveio; C:\WINDOWS\system32\giveio.sys [5248 2009-05-15] () [File not signed]
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [586240 2008-02-11] (Aladdin Knowledge Systems Ltd.)
R0 hotcore; C:\WINDOWS\System32\drivers\hotcore.sys [18208 2005-10-14] (Paragon Software Group) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [38440 2007-11-26] (Nero AG)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]
S3 KMWDFilter; C:\WINDOWS\System32\Drivers\KMWDFilter.SYS [17024 2007-03-29] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171008 2005-06-02] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-14] (Malwarebytes Corporation)
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [3650368 2006-03-09] (NVIDIA Corporation) [File not signed]
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation      )
R1 SSHDRV85; C:\WINDOWS\system32\drivers\SSHDRV85.sys [78848 2007-03-28] () [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [32000 2008-07-10] (Apple, Inc.) [File not signed]
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S2 adfs; No ImagePath
S3 catchme; \??\C:\DOKUME~1\ULFILA~1.ULF\LOKALE~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 NTACCESS; \??\I:\NTACCESS.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\I:\NTGLM7X.sys [X]
U3 TlntSvr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 17:43 - 2015-04-14 17:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Updater
2015-04-14 16:28 - 2015-04-14 16:28 - 00001736 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Help Center.lnk
2015-04-14 16:25 - 2015-04-14 16:25 - 00001718 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Bridge.lnk
2015-04-14 16:24 - 2015-04-14 16:24 - 00001768 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Photoshop CS2.lnk
2015-04-14 16:24 - 2015-04-14 16:24 - 00001765 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe ImageReady CS2.lnk
2015-04-14 16:07 - 2015-04-14 16:10 - 00000000 ____D () C:\PS_CS2_Gr_NonRet
2015-04-14 13:33 - 2015-04-14 13:33 - 00000000 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\NknB.tmp
2015-04-14 13:16 - 2015-04-14 13:16 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Nikon Scan 4
2015-04-14 13:14 - 2015-04-14 13:14 - 00001623 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Nikon Scan.lnk
2015-04-14 13:12 - 2002-01-05 21:10 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc70deu.dll
2015-04-14 13:12 - 1996-03-28 00:13 - 00010656 _____ (Nikon Inc.) C:\WINDOWS\system32\NKNSCN95.DLL
2015-04-14 13:11 - 2015-04-14 13:12 - 00000000 ____D () C:\WINDOWS\system32\Color
2015-04-14 13:09 - 2015-04-14 13:09 - 00000000 ____D () C:\Programme\Nikon
2015-04-13 00:20 - 2015-04-13 00:20 - 00000477 _____ () C:\WINDOWS\nsw.log
2015-04-11 00:58 - 2015-04-11 00:58 - 00000000 ____D () C:\Programme\Viewpoint
2015-04-11 00:58 - 2015-04-11 00:58 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
2015-04-10 22:35 - 2015-04-10 22:36 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\dsfsfsfsfsdf
2015-04-02 02:12 - 2015-04-02 02:12 - 00090112 _____ () C:\WINDOWS\Minidump\Mini040215-01.dmp
2015-04-01 14:44 - 2015-04-10 22:20 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\Canopus
2015-04-01 13:34 - 2013-08-20 13:22 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2015-04-01 13:34 - 2013-08-20 13:22 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2015-04-01 13:32 - 2015-04-01 13:33 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java
2015-04-01 13:29 - 2015-04-01 13:29 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Oracle

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-30 12:49 - 2013-07-08 12:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp
2015-04-30 12:45 - 2015-03-18 18:25 - 00000000 ____D () C:\FRST
2015-04-30 12:39 - 2006-04-11 14:20 - 00050257 _____ () C:\WINDOWS\system32\nvapps.xml
2015-04-30 12:38 - 2015-03-20 00:39 - 00000230 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP –  Benachrichtigung – Anmeldung.job
2015-04-30 12:38 - 2012-01-31 16:19 - 00000314 _____ () C:\WINDOWS\Tasks\GlaryInitialize.job
2015-04-30 12:38 - 2009-06-30 03:32 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 12:38 - 2005-05-10 14:06 - 00032516 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-30 12:38 - 2001-08-18 13:00 - 00013050 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-30 12:24 - 2009-06-30 03:32 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 11:26 - 2015-03-27 13:54 - 00001781 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2015-04-30 03:14 - 2005-05-10 14:14 - 01207935 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-30 03:01 - 2005-05-15 23:51 - 125832184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-30 02:12 - 2013-08-10 15:43 - 00000322 ____H () C:\WINDOWS\Tasks\MP Scheduled Scan.job
2015-04-29 20:45 - 2015-03-20 17:18 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-04-29 20:03 - 2005-05-10 14:54 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-04-29 20:02 - 2005-05-10 14:54 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-04-29 20:02 - 2005-05-10 14:51 - 02173296 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-29 20:01 - 2006-07-28 23:12 - 00743505 _____ () C:\WINDOWS\system32\OODBS.lor
2015-04-29 20:01 - 2005-05-10 14:02 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-14 17:52 - 2013-07-16 12:02 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-04-14 17:52 - 2013-07-08 12:53 - 00000190 ___SH () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\ntuser.ini
2015-04-14 17:43 - 2013-07-16 12:02 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\Adobe
2015-04-14 16:29 - 2005-05-10 20:20 - 00000000 ____D () C:\Programme\Adobe
2015-04-14 16:28 - 2005-05-10 14:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-04-14 16:26 - 2013-07-08 12:53 - 00000000 ___RD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart
2015-04-14 16:25 - 2005-05-11 19:10 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Adobe
2015-04-14 16:25 - 2005-05-11 19:10 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe
2015-04-14 16:23 - 2006-05-04 19:50 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
2015-04-14 15:16 - 2015-03-21 14:39 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-14 13:53 - 2010-09-19 03:10 - 00491561 _____ () C:\WINDOWS\setupapi.log
2015-04-14 13:12 - 2009-11-06 00:21 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Nikon
2015-04-14 13:12 - 2005-05-10 14:46 - 00000000 ____D () C:\WINDOWS\twain_32
2015-04-14 13:11 - 2005-05-10 14:28 - 00000000 ___HD () C:\Programme\InstallShield Installation Information
2015-04-14 13:09 - 2005-05-10 14:52 - 00000000 ___RD () C:\Programme
2015-04-13 00:20 - 2013-07-08 12:53 - 00000000 ___HD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Netzwerkumgebung
2015-04-12 23:33 - 2005-05-31 15:55 - 00000000 ____D () C:\WINDOWS\pss
2015-04-12 23:33 - 2005-05-10 14:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-04-12 23:33 - 2005-05-10 14:49 - 00000327 __RSH () C:\boot.ini
2015-04-12 23:33 - 2001-08-18 13:00 - 00001690 _____ () C:\WINDOWS\win.ini
2015-04-12 23:33 - 2001-08-18 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-04-11 00:28 - 2009-03-08 02:34 - 00000103 _____ () C:\WINDOWS\canopus.ini
2015-04-10 22:20 - 2013-07-08 13:04 - 00092976 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-04-10 21:56 - 2015-03-20 00:39 - 00000224 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-04-10 21:54 - 2005-05-10 14:01 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-04-10 21:43 - 2005-05-10 14:06 - 00000190 ___SH () C:\Dokumente und Einstellungen\LocalService\ntuser.ini
2015-04-01 13:35 - 2005-07-01 12:34 - 00000000 ____D () C:\Programme\Java
2015-04-01 13:34 - 2005-07-01 12:34 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Java
2015-04-01 13:31 - 2013-08-20 13:22 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-04-01 13:31 - 2011-01-17 17:51 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-03-31 13:21 - 2005-05-10 14:06 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Verlauf
2015-03-31 13:21 - 2005-05-10 14:06 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService

==================== Files in the root of some directories =======

2013-07-16 12:05 - 2013-07-16 12:05 - 0000000 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\sversion.ini
2014-01-22 15:43 - 2014-03-21 00:33 - 0006144 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-16 12:45 - 2013-07-16 12:45 - 0000150 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\contentDATs.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\SecurityScan_Release.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\jre-6u34-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\install_reader11xp_de_mssd_aaa_aih.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\jre-8u40-windows-au.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---


Viele Grüße

Wolfgang

schrauber 01.05.2015 06:15
Scan mit SystemLook

Lade SystemLook von jpshortstuff vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    :folderfind
    *Dreamweaver*
    :filefind
    *Dreamweaver*
    :regfind
    Dreamweaver
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

ulfilas-bs 07.05.2015 10:20
Hallo schrauber,,

da ist es:

Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 10:40 on 07/05/2015 by Ulfilas57
Administrator - Elevation successful

========== folderfind ==========

Searching for "*Dreamweaver*"
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Anwendungsdaten\Adobe\Dreamweaver 9        d------        [18:20 18/10/2012]
C:\Programme\Adobe\Adobe Extension Manager\Dreamweaver        d------        [02:23 31/10/2008]
C:\Programme\Adobe\Adobe Extension Manager\Samples\Dreamweaver        d------        [02:23 31/10/2008]
C:\Programme\Gemeinsame Dateien\Adobe\Installers\25db75244653b42cb93dc27939d1c0e\payloads\AdobeDreamweaver9de_DE        d------        [02:11 31/10/2008]

========== filefind ==========

Searching for "*Dreamweaver*"
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Anwendungsdaten\Adobe\Dreamweaver 9\Configuration\Menus\Cache\Tools\com.macromedia.dreamweaver.tools.hand.xml        --a---- 1565 bytes        [18:20 18/10/2012]        [14:22 06/10/2010] 4A11F5380586986A46BC317ED148F918
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Anwendungsdaten\Adobe\Dreamweaver 9\Configuration\Menus\Cache\Tools\com.macromedia.dreamweaver.tools.select.xml        --a---- 420 bytes        [18:20 18/10/2012]        [14:22 06/10/2010] 4841B3B33390C721CC2CA31D72E33769
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Anwendungsdaten\Adobe\Dreamweaver 9\Configuration\Menus\Cache\Tools\com.macromedia.dreamweaver.tools.zoom.xml        --a---- 1573 bytes        [18:20 18/10/2012]        [14:22 06/10/2010] D7ADF9CD6F3FB1341DB35F3885FBA16F
C:\Programme\Gemeinsame Dateien\Adobe\Help\ar_AE\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ar_AE\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ar_AE\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\cs_CZ\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\cs_CZ\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\cs_CZ\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\cs_CZ\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:01 12/03/2007]        [13:01 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\cs_CZ\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:01 12/03/2007]        [13:01 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\cs_CZ\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:01 12/03/2007]        [13:01 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\da_DK\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\da_DK\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\da_DK\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\de_DE\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\de_DE\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\de_DE\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\de_DE\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\de_DE\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\de_DE\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\de_DE\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:01 12/03/2007]        [13:01 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\de_DE\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:01 12/03/2007]        [13:01 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\de_DE\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:01 12/03/2007]        [13:01 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\el_GR\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\el_GR\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\el_GR\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\en_US\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\en_US\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\en_US\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\en_US\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\en_US\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\en_US\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\en_US\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:01 12/03/2007]        [13:01 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\en_US\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:01 12/03/2007]        [13:01 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\en_US\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:01 12/03/2007]        [13:01 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\es_ES\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\es_ES\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\es_ES\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\es_ES\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\es_ES\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\es_ES\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\es_ES\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\es_ES\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\es_ES\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\fi_FI\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\fi_FI\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\fi_FI\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\fr_FR\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\fr_FR\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\fr_FR\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\fr_FR\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\fr_FR\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\fr_FR\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\fr_FR\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\fr_FR\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\fr_FR\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\he_IL\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\he_IL\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\he_IL\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\hu_HU\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\hu_HU\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\hu_HU\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\it_IT\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\it_IT\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\it_IT\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\it_IT\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\it_IT\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\it_IT\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\it_IT\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\it_IT\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\it_IT\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ja_JP\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ja_JP\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ja_JP\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ja_JP\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ja_JP\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ja_JP\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ja_JP\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ja_JP\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ja_JP\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ko_KR\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ko_KR\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ko_KR\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ko_KR\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ko_KR\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ko_KR\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ko_KR\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ko_KR\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ko_KR\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\nb_NO\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\nb_NO\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\nb_NO\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\nl_NL\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\nl_NL\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\nl_NL\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\nl_NL\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\nl_NL\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\nl_NL\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\nl_NL\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\nl_NL\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\nl_NL\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\pl_PL\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\pl_PL\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\pl_PL\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:10 14/03/2007]        [16:10 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\pl_PL\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\pl_PL\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\pl_PL\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\pt_BR\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\pt_BR\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\pt_BR\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ro_RO\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ro_RO\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ro_RO\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ru_RU\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ru_RU\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ru_RU\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ru_RU\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\ru_RU\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\ru_RU\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\sv_SE\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\sv_SE\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\sv_SE\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\sv_SE\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\sv_SE\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\sv_SE\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\sv_SE\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\sv_SE\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\sv_SE\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\tr_TR\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\tr_TR\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\tr_TR\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\tr_TR\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\tr_TR\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\tr_TR\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\uk_UA\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\uk_UA\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\uk_UA\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_CN\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_CN\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_CN\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_CN\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_CN\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_CN\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_CN\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_CN\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_CN\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_TW\Bridge\2.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_TW\Bridge\2.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_TW\Bridge\2.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [16:11 14/03/2007]        [16:11 14/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_TW\DeviceCentral\1.0\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_TW\DeviceCentral\1.0\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_TW\DeviceCentral\1.0\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [09:22 15/03/2007]        [09:22 15/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_TW\ExtensionManager\1.8\images\DreamweaverLinkIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_TW\ExtensionManager\1.8\images\DreamweaverLinkIndicatorTopBar.png        --a---- 4480 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] E3746522E56A977F9C69417B901C1817
C:\Programme\Gemeinsame Dateien\Adobe\Help\zh_TW\ExtensionManager\1.8\images\dreamweaverSharedIndicator.png        --a---- 28701 bytes        [13:02 12/03/2007]        [13:02 12/03/2007] 5A2F7632BE921570794AC3F795BF69AF
C:\Programme\Gemeinsame Dateien\Adobe\Installers\Adobe Dreamweaver CS3 9.0.log.gz        --a---- 12386 bytes        [02:11 31/10/2008]        [02:11 31/10/2008] 29DEE2C7134A71D84C492F9ECCFCE9B9
C:\Programme\Gemeinsame Dateien\Adobe\Installers\Adobe Dreamweaver CS3 9.log        --a---- 2050169 bytes        [12:09 20/03/2015]        [14:06 30/03/2015] 34C0658BF3833BC2101F2C8B40D4A081
C:\Programme\Gemeinsame Dateien\Adobe\Installers\Adobe Dreamweaver CS3 9.log.gz        --a---- 1047107 bytes        [02:34 31/10/2008]        [01:12 20/03/2015] 0ED60775B8DD9565DF9682D2255408E5
C:\Programme\Gemeinsame Dateien\Adobe\Installers\25db75244653b42cb93dc27939d1c0e\payloads\AdobeDreamweaver9de_DE\AdobeDreamweaver9de_DE.proxy.xml        --a---- 3581608 bytes        [15:26 22/03/2007]        [15:26 22/03/2007] 174E01D1A41B1A1EF2BF6CAEA07926EC

========== regfind ==========

Searching for "Dreamweaver"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.as\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.asax\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ascx\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ashx\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.asmx\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.aspx\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.axd\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cfc\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cfm\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.config\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cs\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.css\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.disco\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.JS\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jsp\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mno\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.php\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.php3\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.php4\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.rem\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.resx\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtm\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.soap\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.stm\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.VB\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.web\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xslt\OpenWithList\dreamweaver.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dreamweaver.Document]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dreamweaver.Document]
@="Dreamweaver Document"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\14367109B8A0CCC47AD88F2622A8B659\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeALMAnchorServiceAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\14367109B8A0CCC47AD88F2622A8B659\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeALMAnchorServiceAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2483F5EB90384574295D380EE206773A\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeExtensionManager1.8All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2483F5EB90384574295D380EE206773A\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeExtensionManager1.8All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\474AB2D8604F0174A94E4D2FD2120FDD\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeDeviceCentralAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\474AB2D8604F0174A94E4D2FD2120FDD\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeDeviceCentralAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\695683D708E08084A8EA1CDD8A12F2F7\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\695683D708E08084A8EA1CDD8A12F2F7\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\798EA96EB0E9C584582587144FD8248D\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeAUM5.1All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\798EA96EB0E9C584582587144FD8248D\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeAUM5.1All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\91823B80FEE67504EAADA56B183AA632\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\BridgeStartMeeting\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\91823B80FEE67504EAADA56B183AA632\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\BridgeStartMeeting\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9866FB3BD18A8D04A968A44CCA9DCFC1\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeCameraRaw4.0All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9866FB3BD18A8D04A968A44CCA9DCFC1\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeCameraRaw4.0All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9D4289C9000937346A5A0D5E4D383149\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeBridge2All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9D4289C9000937346A5A0D5E4D383149\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeBridge2All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A29FFD0DE29404C48B267AA471C3525C\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeVersionCueClient3All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A29FFD0DE29404C48B267AA471C3525C\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeVersionCueClient3All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A7DD5FF682EF93448BFCE1A94FAEA016\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeAssetServices3All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A7DD5FF682EF93448BFCE1A94FAEA016\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeAssetServices3All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D702FA4077A9A564B86799F1A66B2654\SourceList]
"LastUsedSource"="n;1;C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeHelpViewerAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D702FA4077A9A564B86799F1A66B2654\SourceList\Net]
"1"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeHelpViewerAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Programme\Gemeinsame Dateien\Adobe\Installers\25db75244653b42cb93dc27939d1c0e\payloads\AdobeDreamweaver9de_DE\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Programme\Adobe\Adobe Extension Manager\Dreamweaver\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Programme\Adobe\Adobe Extension Manager\Samples\Dreamweaver\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Dokumente und Einstellungen\Ulfilas57\Anwendungsdaten\Adobe\Dreamweaver 9\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1D79F7B1218BDD4BBAF5D183B1192C9]
"695683D708E08084A8EA1CDD8A12F2F7"="C:\Programme\Gemeinsame Dateien\Adobe\Installers\25db75244653b42cb93dc27939d1c0e\payloads\AdobeDreamweaver9de_DE\AdobeDreamweaver9de_DE.proxy.xml"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAD5AA18582D109428A0CDA04D806C0D]
"2483F5EB90384574295D380EE206773A"="C:\Programme\Adobe\Adobe Extension Manager\Dreamweaver\DWEMLaunch.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F73AB1402A27EC64E9412023364721DC]
"2483F5EB90384574295D380EE206773A"="C:\Programme\Adobe\Adobe Extension Manager\Dreamweaver\DWEMLaunch.dll.manifest"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDF9082881986E141AE90D13BA74053F]
"2483F5EB90384574295D380EE206773A"="C:\Programme\Adobe\Adobe Extension Manager\Samples\Dreamweaver\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\14367109B8A0CCC47AD88F2622A8B659\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeALMAnchorServiceAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2483F5EB90384574295D380EE206773A\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeExtensionManager1.8All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\474AB2D8604F0174A94E4D2FD2120FDD\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeDeviceCentralAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\695683D708E08084A8EA1CDD8A12F2F7\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\798EA96EB0E9C584582587144FD8248D\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeAUM5.1All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\91823B80FEE67504EAADA56B183AA632\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\BridgeStartMeeting\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9866FB3BD18A8D04A968A44CCA9DCFC1\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeCameraRaw4.0All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9D4289C9000937346A5A0D5E4D383149\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeBridge2All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A29FFD0DE29404C48B267AA471C3525C\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeVersionCueClient3All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A7DD5FF682EF93448BFCE1A94FAEA016\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeAssetServices3All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D702FA4077A9A564B86799F1A66B2654\InstallProperties]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeHelpViewerAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_25db75244653b42cb93dc27939d1c0e]
"DisplayName"="Adobe Dreamweaver CS3"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_25db75244653b42cb93dc27939d1c0e]
"URLUpdateInfo"="hxxp://www.adobe.com/support/dreamweaver/downloads_updaters.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{04AF207D-9A77-465A-8B76-991F6AB66245}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeHelpViewerAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{08B32819-6EEF-4057-AEDA-5AB681A36A23}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\BridgeStartMeeting\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeAssetServices3All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D386596-0E80-4808-8AAE-C1DDA8212F7F}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeDeviceCentralAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{90176341-0A8B-4CCC-A78D-F862228A6B95}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeALMAnchorServiceAll\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9C9824D9-9000-4373-A6A5-D0E5D4831394}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeBridge2All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeCameraRaw4.0All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BE5F3842-8309-4754-92D5-83E02E6077A3}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeExtensionManager1.8All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D0DFF92A-492E-4C40-B862-A74A173C25C5}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeVersionCueClient3All\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E69AE897-9E0B-485C-8552-7841F48D42D8}]
"InstallSource"="C:\Dokumente und Einstellungen\Ulfilas57\Desktop\Adobe CS3\Dreamweaver\Adobe CS3\payloads\AdobeAUM5.1All\"

Searching for "        "
[HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0]
"ProcessorNameString"="              Intel(R) Pentium(R) 4 CPU 2.66GHz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media Device Manager\Plugins\SP\MSPMSP\KBDeviceList]
"SanDiskIMb"="E-USB Fl;ash            ;    "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB)              SAMSUNG WNR-31601A (1.6GB)              IBM-DTCA-24090                          TC6OAA2A IBM-DTCA-24090                          TC6IAA2A IBM-DPLA-25120                          PL8OAA2A IBM-DPLA-25120                          PL8IAA2A IBM-DPLA-25120                          PL8IAA4A IBM-DTCA-23240                          TC5OAA2A IBM-DTCA-23240                          TC5IAA2A IBM-DPLA-24480                          PL7OAA2A IBM-DPLA-24480                          PL7IAA2A"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"NoFlushDevice"="QUANTUM_LPS525A                          SCR-730                                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"PioOnlyDevice"="    Conner Peripherals 425MB - CFS425A  MATSHITA CR-581                          FX600S                                  CD-44E                                  QUANTUM TRB850A                          QUANTUM MARVERICK 540A                    MAXTOR MXT-540  AT                      Maxtor 71260 AT                          Maxtor 7850 AV                          Maxtor 7540 AV                          Maxtor 7213 AT                          Maxtor 7345                              Maxtor 7245 AT                          Maxtor 7245                              Maxtor 7211AU                            Maxtor 7171 AT                          CD-316E                                  SAMSUNG_SCR-2430 CR-2801TE"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"NonRemovableMedia"="Kingston Technology DataPak 340          SunDisk SDP5A-10                        SunDisk SDCFB-10                        SunDisk SDP3B-20                        SunDisk SDP3B-175                        SunDisk SDP5-2.5                        Calluna Technology CT260MC              BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1      ATA_FLASH  Mitsubishi ATA Card  LEXAR ATA_FLASH Micron MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK MEMORYSTICK  8M  8K"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"NoPowerDownDevice"="RD-DRC001-M                              CS-R37 0                                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\atapi\Parameters]
"AutoEjectZipDevice"="IOMEGA  ZIP 100      ATAPI            23.D    IOMEGA  ZIP 100      ATAPI            21.D    IOMEGA  ZIP 100      ATAPI            20.D    IOMEGA  ZIP 100      ATAPI            91.D    IOMEGA  ZIP 100                        B.29    IOMEGA  ZIP 100                        B.22    "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB)              SAMSUNG WNR-31601A (1.6GB)              IBM-DTCA-24090                          TC6OAA2A IBM-DTCA-24090                          TC6IAA2A IBM-DPLA-25120                          PL8OAA2A IBM-DPLA-25120                          PL8IAA2A IBM-DPLA-25120                          PL8IAA4A IBM-DTCA-23240                          TC5OAA2A IBM-DTCA-23240                          TC5IAA2A IBM-DPLA-24480                          PL7OAA2A IBM-DPLA-24480                          PL7IAA2A"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"NoFlushDevice"="QUANTUM_LPS525A                          SCR-730                                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"PioOnlyDevice"="    Conner Peripherals 425MB - CFS425A  MATSHITA CR-581                          FX600S                                  CD-44E                                  QUANTUM TRB850A                          QUANTUM MARVERICK 540A                    MAXTOR MXT-540  AT                      Maxtor 71260 AT                          Maxtor 7850 AV                          Maxtor 7540 AV                          Maxtor 7213 AT                          Maxtor 7345                              Maxtor 7245 AT                          Maxtor 7245                              Maxtor 7211AU                            Maxtor 7171 AT                          CD-316E                                  SAMSUNG_SCR-2430 CR-2801TE"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"NonRemovableMedia"="Kingston Technology DataPak 340          SunDisk SDP5A-10                        SunDisk SDCFB-10                        SunDisk SDP3B-20                        SunDisk SDP3B-175                        SunDisk SDP5-2.5                        Calluna Technology CT260MC              BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1      ATA_FLASH  Mitsubishi ATA Card  LEXAR ATA_FLASH Micron MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK MEMORYSTICK  8M  8K"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"NoPowerDownDevice"="RD-DRC001-M                              CS-R37 0                                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\atapi\Parameters]
"AutoEjectZipDevice"="IOMEGA  ZIP 100      ATAPI            23.D    IOMEGA  ZIP 100      ATAPI            21.D    IOMEGA  ZIP 100      ATAPI            20.D    IOMEGA  ZIP 100      ATAPI            91.D    IOMEGA  ZIP 100                        B.29    IOMEGA  ZIP 100                        B.22    "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\atapi\Parameters]
"UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB)              SAMSUNG WNR-31601A (1.6GB)              IBM-DTCA-24090                          TC6OAA2A IBM-DTCA-24090                          TC6IAA2A IBM-DPLA-25120                          PL8OAA2A IBM-DPLA-25120                          PL8IAA2A IBM-DPLA-25120                          PL8IAA4A IBM-DTCA-23240                          TC5OAA2A IBM-DTCA-23240                          TC5IAA2A IBM-DPLA-24480                          PL7OAA2A IBM-DPLA-24480                          PL7IAA2A"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\atapi\Parameters]
"NoFlushDevice"="QUANTUM_LPS525A                          SCR-730                                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\atapi\Parameters]
"PioOnlyDevice"="    Conner Peripherals 425MB - CFS425A  MATSHITA CR-581                          FX600S                                  CD-44E                                  QUANTUM TRB850A                          QUANTUM MARVERICK 540A                    MAXTOR MXT-540  AT                      Maxtor 71260 AT                          Maxtor 7850 AV                          Maxtor 7540 AV                          Maxtor 7213 AT                          Maxtor 7345                              Maxtor 7245 AT                          Maxtor 7245                              Maxtor 7211AU                            Maxtor 7171 AT                          CD-316E                                  SAMSUNG_SCR-2430 CR-2801TE"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\atapi\Parameters]
"NonRemovableMedia"="Kingston Technology DataPak 340          SunDisk SDP5A-10                        SunDisk SDCFB-10                        SunDisk SDP3B-20                        SunDisk SDP3B-175                        SunDisk SDP5-2.5                        Calluna Technology CT260MC              BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1      ATA_FLASH  Mitsubishi ATA Card  LEXAR ATA_FLASH Micron MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK MEMORYSTICK  8M  8K"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\atapi\Parameters]
"NoPowerDownDevice"="RD-DRC001-M                              CS-R37 0                                "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\atapi\Parameters]
"AutoEjectZipDevice"="IOMEGA  ZIP 100      ATAPI            23.D    IOMEGA  ZIP 100      ATAPI            21.D    IOMEGA  ZIP 100      ATAPI            20.D    IOMEGA  ZIP 100      ATAPI            91.D    IOMEGA  ZIP 100                        B.29    IOMEGA  ZIP 100                        B.22    "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"UseCheckPowerForFlush"="SAMSUNG WNR-31601A (1600MB)              SAMSUNG WNR-31601A (1.6GB)              IBM-DTCA-24090                          TC6OAA2A IBM-DTCA-24090                          TC6IAA2A IBM-DPLA-25120                          PL8OAA2A IBM-DPLA-25120                          PL8IAA2A IBM-DPLA-25120                          PL8IAA4A IBM-DTCA-23240                          TC5OAA2A IBM-DTCA-23240                          TC5IAA2A IBM-DPLA-24480                          PL7OAA2A IBM-DPLA-24480                          PL7IAA2A"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"NoFlushDevice"="QUANTUM_LPS525A                          SCR-730                                "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"PioOnlyDevice"="    Conner Peripherals 425MB - CFS425A  MATSHITA CR-581                          FX600S                                  CD-44E                                  QUANTUM TRB850A                          QUANTUM MARVERICK 540A                    MAXTOR MXT-540  AT                      Maxtor 71260 AT                          Maxtor 7850 AV                          Maxtor 7540 AV                          Maxtor 7213 AT                          Maxtor 7345                              Maxtor 7245 AT                          Maxtor 7245                              Maxtor 7211AU                            Maxtor 7171 AT                          CD-316E                                  SAMSUNG_SCR-2430 CR-2801TE"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"NonRemovableMedia"="Kingston Technology DataPak 340          SunDisk SDP5A-10                        SunDisk SDCFB-10                        SunDisk SDP3B-20                        SunDisk SDP3B-175                        SunDisk SDP5-2.5                        Calluna Technology CT260MC              BN-S004AC-S 1.00 Calluna Technology CT520RM Hitachi CV 5.1.1      ATA_FLASH  Mitsubishi ATA Card  LEXAR ATA_FLASH Micron MTCF004A Micron MTCF008A SunDisk SDP3B-110 SunDisk SDCFB-4 BN-CAB-T MEMORYSTICK MEMORYSTICK  8M  8K"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"NoPowerDownDevice"="RD-DRC001-M                              CS-R37 0                                "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\atapi\Parameters]
"AutoEjectZipDevice"="IOMEGA  ZIP 100      ATAPI            23.D    IOMEGA  ZIP 100      ATAPI            21.D    IOMEGA  ZIP 100      ATAPI            20.D    IOMEGA  ZIP 100      ATAPI            91.D    IOMEGA  ZIP 100                        B.29    IOMEGA  ZIP 100                        B.22    "
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\WINDOWS\TEMP\._msige52\GoogleEarth.exe"="Setup Launcher                                                                                                                                                                                                                                                  "
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\ShellNoRoam\MUICache]
"C:\WINDOWS\TEMP\._msige52\GoogleEarth.exe"="Setup Launcher                                                                                                                                                                                                                                                  "

-= EOF =-
Viele Grüße

Wolfgang

schrauber 08.05.2015 08:45
Kopiere den Text in der Codebox in deinen Editor (z.B. Notepad) und speichere es unter dem Namen regfix.reg (bei Dateityp bitte "alle Dateien" wählen)

Code:
Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.as\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.asax\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ascx\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.ashx\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.asmx\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.aspx\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.axd\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cfc\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cfm\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.config\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.cs\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.css\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.disco\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.JS\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.jsp\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.mno\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.php\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.php3\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.php4\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.rem\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.resx\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtm\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.soap\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.stm\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.txt\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.VB\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.web\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xslt\OpenWithList\dreamweaver.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dreamweaver.Document]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\14367109B8A0CCC47AD88F2622A8B659]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe_25db75244653b42cb93dc27939d1c0e]
Starte die regfix.reg duch Doppelklick.



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Anwendungsdaten\Adobe\Dreamweaver 9
C:\Programme\Adobe\Adobe Extension Manager\Dreamweaver
C:\Programme\Adobe\Adobe Extension Manager\Samples\Dreamweaver
C:\Programme\Gemeinsame Dateien\Adobe\Installers\25db75244653b42cb93dc27939d1c0e\payloads\AdobeDreamweaver9de_DE
C:\Programme\Gemeinsame Dateien\Adobe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Alle Zeitangaben in WEZ +1. Es ist jetzt 22:30 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131