Avira und Mlware wurde nach Anklippen mit dem Hinweis auf die Sperrung durch eine Gruppenrichtlinie gesperrt. Avast lässt sich nicht instalieren . Nur Mikrosoft Essetials läuft durch, zeigt aber keinen Fund an. Über den IE Explorer werden keine Dateien gedownloaded. Eine Java Datei wurde bereits über die Systemsteuerung gelöscht. Mein System ist Vista 32. Wer kann mir helfen ohne dass das System neu aufgesetzt werden muss?

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Anbei die beiden Logs 1:
FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by Götzendorf (administrator) on GÖTZENDORF-PC on 20-07-2014 22:14:32
Running from C:\Users\Götzendorf\Downloads\Download
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Telefónica I+D) C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\realplay.exe


==================== Registry (Whitelisted) ==================

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter 
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter 
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-30] (Google Inc.)
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {1669c283-e0c6-11e2-ab95-001e101f2b52} - G:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {3c530b6e-4ece-11e2-9fbc-001e339e1d85} - F:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {3c530b8a-4ece-11e2-9fbc-001e101fe70e} - F:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {50093616-7a94-11e3-885e-001e101fc4ba} - G:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {e86bff4f-5f30-11e2-87f9-001e101fb45e} - H:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Winlogon: [Shell] explorer.exe,C:\Users\Götzendorf\AppData\Roaming\skype.dat <==== ATTENTION 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
GroupPolicyUsers\C:\Windows\system32\GroupPolicyUsers\Registry.pol: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = Welcome to Internet Explorer 9
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: HKLM - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
SearchScopes: HKLM - DefaultScope {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=aolde-ie&s_qt=sb&tb_uuid=20110710072521215&tb_oid=10-07-2011&tb_mrud=17-11-2013
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_17_ie&cd=2XzuyEtN2Y1L1QzutDtDtByE0DtBtCtAtCtD0EtA0CyC0F0AtN0D0Tzu0SzzyEyBtN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StC0EzytDtAzztDzytGtD0CtD0CtG0DzyzyzytGyByDtBzytGyDtCzyzytC0C0ByByCtCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtD0C0C0F0F0AtGtDzz0A0AtGzzzyzyyDtG0CzztC0DtGyCyDtB0C0EtDtCzz0C0CyCzy2Q&cr=658563157&ir=
SearchScopes: HKLM - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=aolde-ie&s_qt=sb&tb_uuid=20110710072521215&tb_oid=10-07-2011&tb_mrud=17-11-2013
SearchScopes: HKLM - {9987A4EA-219D-4E85-9D1C-0B271C577635} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=95b5dc50-04bf-11e1-b24c-001e339e1d85&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_17_ie&cd=2XzuyEtN2Y1L1QzutDtDtByE0DtBtCtAtCtD0EtA0CyC0F0AtN0D0Tzu0SzzyEyBtN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StC0EzytDtAzztDzytGtD0CtD0CtG0DzyzyzytGyByDtBzytGyDtCzyzytC0C0ByByCtCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtD0C0C0F0F0AtGtDzz0A0AtGzzzyzyyDtG0CzztC0DtGyCyDtB0C0EtDtCzz0C0CyCzy2Q&cr=658563157&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_17_ie&cd=2XzuyEtN2Y1L1QzutDtDtByE0DtBtCtAtCtD0EtA0CyC0F0AtN0D0Tzu0SzzyEyBtN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StC0EzytDtAzztDzytGtD0CtD0CtG0DzyzyzytGyByDtBzytGyDtCzyzytC0C0ByByCtCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtD0C0C0F0F0AtGtDzz0A0AtGzzzyzyyDtG0CzztC0DtGyCyDtB0C0EtDtCzz0C0CyCzy2Q&cr=658563157&ir=
SearchScopes: HKCU - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={SearchTerms}&s_it=aolde-ie&tb_uuid=20110710072521215&tb_oid=10-07-2011&tb_mrud=17-11-2013
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={SearchTerms}&s_it=aolrt-ie&tb_uuid=345FA7ADAF8041ED90B392A48CE34BF1&tb_oid=24-11-2013&tb_mrud=24-11-2013
SearchScopes: HKCU - {9987A4EA-219D-4E85-9D1C-0B271C577635} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7RNRN_deDE416
BHO: AOL Deutschland Toolbar Loader -> {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} -> C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: AOL Toolbar Loader -> {3ef64538-8b54-4573-b48f-4d34b0238ab2} -> C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Toolbar: HKLM - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - AOL Toolbar - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: haufereader - No CLSID Value - 
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default
FF DefaultSearchEngine: AOL Search
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.aol.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.97 - C:\Program Files\NOS\bin\np_gp.dll No File
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\AOL Search.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\AOL Suche.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\aol-suche (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\askcom (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\MyStart Search (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\SearchResults (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\startsear (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\sweetim (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\toolbar@ask.com [2013-03-30]
FF Extension: AOL Deutschland Toolbar - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{43196362-5378-448b-8944-f097fa65e932} [2013-08-26]
FF Extension: Ashampoo DE  - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{5786d022-540e-4699-b350-b4be0ae94b79} [2013-12-14]
FF Extension: Yahoo! Toolbar - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-08-20]
FF Extension: DownThemAll! - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-21]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847} (2).xpi [2012-11-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-19]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-01-25]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-29]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-04]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-01-30]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin
FF Extension: BullGuard Backup - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin [2011-06-08]

Chrome: 
=======
CHR HomePage: hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
CHR RestoreOnStartup: "hxxp://mystart.incredibar.com/mb155?a=6R8IJU9O3r&i=26"
CHR NewTab: "chrome-extension://aaaaodiijipkjcmlclfmdmcoakmloobh/config/skin/new-tab.html"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=859b4ee8-cdbc-4648-9cf4-07f775fbf78b&apn_ptnrs=%5EAGS&apn_sauid=45553E1E-937C-4D60-BB04-9F131CC41513&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files\Google\Chrome\Application\27.0.1453.110\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.110\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Avira Toolbar) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl [2013-06-12]
CHR Extension: (Sopcast Toolbar) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodiijipkjcmlclfmdmcoakmloobh [2012-12-20]
CHR Extension: (RealDownloader) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-12]
CHR Extension: (New tab for Chrome™) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-12-20]
CHR Extension: (Google Wallet) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-01]
CHR HKLM\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Götzendorf\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.20.0.crx [2013-03-30]
CHR HKLM\...\Chrome\Extension: [aaaaodiijipkjcmlclfmdmcoakmloobh] - C:\Users\Götzendorf\AppData\Local\APN\GoogleCRXs\aaaaodiijipkjcmlclfmdmcoakmloobh_7.13.1.0.crx [2012-10-20]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\newTab.crx [2012-10-20]
CHR HKLM\...\Chrome\Extension: [niogeckbkdcabhnapjbkeiklablhjoca] - C:\Program Files\Perion\ChromeInfoBar\ChromeInfoBar.crx [2012-10-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [801872 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 BgLiveSvc; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [300368 2009-04-06] (BullGuard Ltd.)
S4 BgMainSvc; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [79184 2009-09-04] (BullGuard Ltd.)
S4 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll [132432 2009-04-06] (BullGuard Ltd.)
S4 BsFire; C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll [333136 2009-04-06] (BullGuard Ltd.)
S4 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy.dll [87376 2009-04-16] (BullGuard Ltd.)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S4 PDHRKNTS; C:\Users\Götzendorf\AppData\Local\Temp\PDHRKNTS.exe [527232 2014-04-01] (Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 TGCM_ImportWiFiSvc; C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1528672 2012-05-29] (TuneUp Software)
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 afw; C:\Windows\System32\DRIVERS\afw.sys [29208 2009-03-23] (Agnitum Ltd.)
R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [305688 2009-03-23] (Agnitum Ltd.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\system32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
S1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [765736 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [174664 2013-05-09] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 BdFileSpy; C:\Windows\system32\drivers\BdFileSpy.sys [55504 2009-01-23] (BullGuard Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2010-07-13] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2010-07-13] (RapidSolution Software AG)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [37920 2010-07-13] (RapidSolution Software AG)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-05-08] (TuneUp Software)
S1 afwdabhw; \??\C:\Windows\system32\drivers\afwdabhw.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U3 DfSdkS; 
S1 dohpvqvd; \??\C:\Windows\system32\drivers\dohpvqvd.sys [X]
S0 emqa; System32\drivers\osoawif.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Tosrfcom; No ImagePath
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 22:13 - 2014-07-20 22:14 - 00000000 ____D () C:\FRST
2014-07-20 18:48 - 2014-07-20 18:48 - 00014496 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Eurolotto Quoten.xlsx
2014-07-20 18:46 - 2014-07-20 18:46 - 00014468 _____ () C:\Users\Götzendorf\Documents\2013 04.06. Lotto.xlsx
2014-07-20 08:35 - 2014-07-20 08:35 - 00014238 _____ () C:\Users\Götzendorf\Documents\2013 04.04 Keno Gewinnzahlen.xlsx
2014-07-20 08:34 - 2014-07-20 08:34 - 00016641 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Lottoquoten.xlsx
2014-07-19 11:52 - 2014-07-19 11:52 - 00014235 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Keno Gewinnzahlen.xlsx
2014-07-19 11:48 - 2014-07-19 11:48 - 00014521 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Eurolotto Zahlen.xlsx
2014-07-16 17:57 - 2014-07-16 17:57 - 00013778 _____ () C:\Users\Götzendorf\Documents\2013 04.06 Lottojackpot.xlsx
2014-07-16 17:56 - 2014-07-16 17:56 - 00014474 _____ () C:\Users\Götzendorf\Documents\2013 04.03. Lotto.xlsx
2014-07-15 22:16 - 2014-07-15 22:16 - 01420278 _____ () C:\Users\Gast\Documents\Avira Official Store - Buy Antivirus Pro, Internet Security Suite and System Speedup.mht
2014-07-15 22:12 - 2014-07-15 22:12 - 04316734 _____ () C:\Users\Gast\Documents\Fussballergebnisse 2009-2010 13.04.2014 neu Gast.xlsx
2014-07-15 20:52 - 2014-07-15 21:57 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\vlc
2014-07-15 20:13 - 2014-07-15 20:13 - 00000000 ____D () C:\Users\Gast\AppData\Local\Macromedia
2014-07-15 19:45 - 2014-07-15 21:57 - 00156160 _____ () C:\Users\Gast\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-15 19:38 - 2014-07-15 19:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\WinZip
2014-07-15 19:36 - 2014-07-15 19:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes
2014-07-15 19:28 - 2014-07-15 19:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2014-07-15 19:15 - 2014-07-15 19:15 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-07-15 19:14 - 2014-07-15 20:34 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Google
2014-07-15 19:14 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\DoNotTrackPlus
2014-07-15 19:14 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\AskToolbar
2014-07-15 19:13 - 2014-07-15 19:13 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\RealNetworks
2014-07-15 19:13 - 2014-07-15 19:13 - 00000000 ____D () C:\Users\Gast\AppData\Local\AOL Deutschland Toolbar
2014-07-15 19:12 - 2014-07-15 19:12 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla
2014-07-15 19:12 - 2014-07-15 19:12 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla
2014-07-15 19:10 - 2014-07-15 19:10 - 00101768 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Lexware
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Apple Computer
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Local\Lexware
2014-07-15 19:09 - 2014-07-20 17:01 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Real
2014-07-15 19:09 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\BullGuard
2014-07-15 19:09 - 2014-07-15 19:09 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Avira
2014-07-15 19:08 - 2014-07-20 17:00 - 00000680 _____ () C:\Users\Gast\AppData\Local\d3d9caps.dat
2014-07-15 19:08 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-15 19:08 - 2014-07-15 19:08 - 00001968 _____ () C:\Users\Gast\Desktop\Google Chrome.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000954 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000949 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000920 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000680 __RSH () C:\Users\Gast\ntuser.pol
2014-07-15 19:08 - 2014-07-15 19:08 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\TuneUp Software
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast
2014-07-15 19:08 - 2011-01-26 10:51 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-15 19:08 - 2011-01-26 10:51 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-15 19:08 - 2011-01-26 09:58 - 00000000 ____D () C:\Users\Gast\AppData\Local\Microsoft Help
2014-07-14 21:20 - 2014-07-14 21:20 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
2014-07-14 21:20 - 2014-07-14 21:20 - 00000847 _____ () C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
2014-07-14 21:20 - 2014-07-14 21:20 - 00000000 ____D () C:\Windows\MATS
2014-07-14 21:20 - 2014-07-14 21:20 - 00000000 ____D () C:\Program Files\Microsoft Fix it Center
2014-07-14 18:45 - 2014-07-14 18:45 - 00014766 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Keno Gewinnzahlen.xlsx
2014-07-13 08:49 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-13 08:49 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-13 08:48 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-13 08:45 - 2014-07-13 08:45 - 00014231 _____ () C:\Users\Götzendorf\Documents\2013 03.20 Keno Gewinnzahlena.xlsx
2014-07-13 08:43 - 2014-07-13 08:44 - 00014761 _____ () C:\Users\Götzendorf\Documents\2013 03.12 Keno Gewinnzahlen d.xlsx
2014-07-12 19:54 - 2014-07-12 19:54 - 00001898 _____ () C:\Users\Public\Desktop\Mobile Connection Manager.lnk
2014-07-12 19:54 - 2010-11-04 11:51 - 00085248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2014-07-12 19:54 - 2010-10-09 08:48 - 00072576 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2014-07-12 19:54 - 2010-09-26 12:00 - 00051456 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2014-07-12 19:54 - 2010-09-26 12:00 - 00026496 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2014-07-12 19:53 - 2010-08-27 07:53 - 00116736 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbnet.sys
2014-07-12 19:53 - 2010-08-07 11:48 - 00106880 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-07-12 19:53 - 2010-07-27 03:52 - 00102784 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2014-07-12 19:53 - 2010-05-10 08:18 - 00860928 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2014-07-12 19:53 - 2010-03-20 06:06 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2014-07-12 19:53 - 2007-08-08 22:06 - 00023424 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-07-12 19:52 - 2014-07-12 19:54 - 00000000 ____D () C:\Program Files\HUAWEI Modem Driver
2014-07-12 19:52 - 2014-07-12 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2014-07-12 09:27 - 2014-07-12 09:27 - 00014766 _____ () C:\Users\Götzendorf\Documents\2013 04.02 Keno Gewinnzahlen.xlsx
2014-07-11 21:00 - 2014-07-11 21:46 - 00000053 _____ () C:\Users\Götzendorf\AppData\Roaming\mbam.context.scan
2014-07-11 20:40 - 2014-07-11 20:40 - 00006305 _____ () C:\Users\Götzendorf\Documents\bv.aspx
2014-07-11 18:47 - 2013-05-09 10:59 - 00765736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-11 18:47 - 2013-05-09 10:59 - 00174664 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-11 18:47 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-11 18:47 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-07-11 18:47 - 2013-05-09 10:59 - 00049376 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-11 18:46 - 2014-07-11 18:46 - 00016112 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Lottoquoten.xlsx
2014-07-11 18:44 - 2014-07-11 18:44 - 00013833 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Lottojackpot.xlsx
2014-07-07 22:08 - 2014-07-14 22:31 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-06 20:23 - 2014-07-06 20:23 - 00000000 ___HD () C:\Users\Götzendorf\Documents\GroupPolicy
2014-07-06 16:51 - 2014-07-06 16:51 - 00014105 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Glückspirale Quoten a.xlsx
2014-07-06 16:50 - 2014-07-06 16:50 - 00014759 _____ () C:\Users\Götzendorf\Documents\2013 04.01 Keno Gewinnzahlen.xlsx
2014-07-06 11:33 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-06 08:45 - 2014-07-06 08:45 - 00014760 _____ () C:\Users\Götzendorf\Documents\2013 03.31 Keno Gewinnzahlen.xlsx
2014-07-05 16:50 - 2014-07-05 16:50 - 00014470 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Lotto.xlsx
2014-07-01 23:52 - 2013-09-12 23:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-01 23:52 - 2013-09-12 23:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-01 17:07 - 2014-07-01 17:07 - 00014227 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Keno Gewinnzahlen.xlsx
2014-07-01 17:05 - 2014-07-01 17:05 - 00014497 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Glückspirale Quoten.xlsx
2014-06-29 21:44 - 2014-06-29 21:44 - 00015026 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Eurolotto Quoten.xlsx
2014-06-29 11:46 - 2014-06-29 11:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-29 11:43 - 2013-09-12 23:11 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-29 10:33 - 2014-06-29 10:33 - 00001164 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-06-29 08:56 - 2014-06-29 08:56 - 00013985 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Eurolotto Zahlen.xlsx
2014-06-29 08:55 - 2014-06-29 08:55 - 00014757 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Keno Gewinnzahlen.xlsx
2014-06-28 15:23 - 2014-06-28 15:23 - 00014768 _____ () C:\Users\Götzendorf\Documents\2013 03.28 Keno Gewinnzahlen.xlsx
2014-06-27 20:10 - 2014-06-27 20:10 - 00073728 _____ () C:\Users\Götzendorf\Documents\Computerbild - Die Themen der aktuellen Ausgabe im Überblick  Auf Heft-DVD (Gold-Edition) Der Abenteuer-Kracher Ankh 2 und das Aufbauspiel Tycoon City als Vollversion.msg
2014-06-27 20:09 - 2014-06-27 20:09 - 00016094 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Lottoquoten.xlsx
2014-06-27 20:06 - 2014-06-27 20:06 - 00014762 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Keno Gewinnzahlen.xlsx
2014-06-27 19:55 - 2014-06-27 19:55 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9231945bab4.job
2014-06-26 17:27 - 2014-06-26 17:27 - 00048640 _____ () C:\Users\Götzendorf\Documents\Computerbild - CeBIT 2010 Die PC- und Notebook-Trends der Technikmesse.msg
2014-06-26 17:25 - 2014-06-26 17:25 - 00013744 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Lottojackpot.xlsx
2014-06-26 17:24 - 2014-06-26 17:24 - 00014479 _____ () C:\Users\Götzendorf\Documents\2013 03.27. Lotto.xlsx
2014-06-25 17:32 - 2014-06-25 17:32 - 00014763 _____ () C:\Users\Götzendorf\Documents\2013 03.26 Keno Gewinnzahlen.xlsx
2014-06-22 09:54 - 2014-06-22 09:54 - 00014765 _____ () C:\Users\Götzendorf\Documents\2013 03.25 Keno Gewinnzahlen.xlsx
2014-06-22 09:23 - 2014-07-12 11:08 - 00000000 ____D () C:\Users\Götzendorf\AppData\Local\Adobe
2014-06-21 15:56 - 2014-06-21 15:56 - 00014114 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Glückspirale Quoten.xlsx
2014-06-21 15:55 - 2014-06-21 15:55 - 00016624 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Lottoquoten.xlsx
2014-06-21 09:33 - 2014-06-21 09:33 - 00013744 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Lottojackpot.xlsx
2014-06-21 09:32 - 2014-06-21 09:32 - 00014761 _____ () C:\Users\Götzendorf\Documents\2013 03.24 Keno Gewinnzahlen.xlsx
2014-06-20 16:31 - 2014-06-20 16:31 - 00013945 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Lotto.xlsx
2014-06-20 16:30 - 2014-06-20 16:30 - 00014499 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Glückspirale Quotenx.xlsx
2014-06-20 10:42 - 2014-06-20 10:42 - 00108032 _____ () C:\Users\Götzendorf\Documents\Computerwissen -  1. Excel Diagramm-Designer.msg
2014-06-20 09:21 - 2014-06-20 09:21 - 00014228 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Keno Gewinnzahlen.xlsx
2014-06-20 09:19 - 2014-06-20 09:19 - 00014513 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Eurolotto Zahlen.xlsx

==================== One Month Modified Files and Folders =======

2014-07-20 22:14 - 2014-07-20 22:13 - 00000000 ____D () C:\FRST
2014-07-20 22:14 - 2014-06-11 22:36 - 00000000 ____D () C:\Users\Götzendorf\Downloads\Download
2014-07-20 21:48 - 2011-01-30 20:39 - 00000000 ____D () C:\Users\Götzendorf\AppData\Roaming\vlc
2014-07-20 21:47 - 2006-11-02 14:47 - 00005296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 21:47 - 2006-11-02 14:47 - 00005296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 21:44 - 2014-05-21 20:34 - 00001356 _____ () C:\Users\Götzendorf\AppData\Local\d3d9caps.tmp
2014-07-20 21:07 - 2011-03-18 18:17 - 00000000 ____D () C:\Users\Götzendorf\Documents\Aktuelle Verzeichnisse
2014-07-20 20:02 - 2006-11-02 14:52 - 01906656 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 19:48 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2014-07-20 19:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-20 19:42 - 2013-07-23 22:09 - 00000318 _____ () C:\Windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-572801753-308004176-650481581-1000.job
2014-07-20 18:55 - 2013-09-04 22:07 - 00000336 _____ () C:\Windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-572801753-308004176-650481581-1000.job
2014-07-20 18:48 - 2014-07-20 18:48 - 00014496 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Eurolotto Quoten.xlsx
2014-07-20 18:46 - 2014-07-20 18:46 - 00014468 _____ () C:\Users\Götzendorf\Documents\2013 04.06. Lotto.xlsx
2014-07-20 17:01 - 2014-07-15 19:09 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Real
2014-07-20 17:00 - 2014-07-15 19:08 - 00000680 _____ () C:\Users\Gast\AppData\Local\d3d9caps.dat
2014-07-20 08:35 - 2014-07-20 08:35 - 00014238 _____ () C:\Users\Götzendorf\Documents\2013 04.04 Keno Gewinnzahlen.xlsx
2014-07-20 08:34 - 2014-07-20 08:34 - 00016641 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Lottoquoten.xlsx
2014-07-19 11:52 - 2014-07-19 11:52 - 00014235 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Keno Gewinnzahlen.xlsx
2014-07-19 11:48 - 2014-07-19 11:48 - 00014521 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Eurolotto Zahlen.xlsx
2014-07-16 17:57 - 2014-07-16 17:57 - 00013778 _____ () C:\Users\Götzendorf\Documents\2013 04.06 Lottojackpot.xlsx
2014-07-16 17:56 - 2014-07-16 17:56 - 00014474 _____ () C:\Users\Götzendorf\Documents\2013 04.03. Lotto.xlsx
2014-07-15 22:16 - 2014-07-15 22:16 - 01420278 _____ () C:\Users\Gast\Documents\Avira Official Store - Buy Antivirus Pro, Internet Security Suite and System Speedup.mht
2014-07-15 22:12 - 2014-07-15 22:12 - 04316734 _____ () C:\Users\Gast\Documents\Fussballergebnisse 2009-2010 13.04.2014 neu Gast.xlsx
2014-07-15 21:57 - 2014-07-15 20:52 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\vlc
2014-07-15 21:57 - 2014-07-15 19:45 - 00156160 _____ () C:\Users\Gast\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-15 20:34 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Google
2014-07-15 20:13 - 2014-07-15 20:13 - 00000000 ____D () C:\Users\Gast\AppData\Local\Macromedia
2014-07-15 19:38 - 2014-07-15 19:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\WinZip
2014-07-15 19:36 - 2014-07-15 19:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes
2014-07-15 19:28 - 2014-07-15 19:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2014-07-15 19:15 - 2014-07-15 19:15 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-07-15 19:14 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\DoNotTrackPlus
2014-07-15 19:14 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\AskToolbar
2014-07-15 19:14 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-15 19:13 - 2014-07-15 19:13 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\RealNetworks
2014-07-15 19:13 - 2014-07-15 19:13 - 00000000 ____D () C:\Users\Gast\AppData\Local\AOL Deutschland Toolbar
2014-07-15 19:12 - 2014-07-15 19:12 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla
2014-07-15 19:12 - 2014-07-15 19:12 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla
2014-07-15 19:10 - 2014-07-15 19:10 - 00101768 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Lexware
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Apple Computer
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Local\Lexware
2014-07-15 19:10 - 2014-07-15 19:09 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\BullGuard
2014-07-15 19:09 - 2014-07-15 19:09 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Avira
2014-07-15 19:08 - 2014-07-15 19:08 - 00001968 _____ () C:\Users\Gast\Desktop\Google Chrome.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000954 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000949 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000920 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000680 __RSH () C:\Users\Gast\ntuser.pol
2014-07-15 19:08 - 2014-07-15 19:08 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\TuneUp Software
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast
2014-07-14 22:31 - 2014-07-07 22:08 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-14 22:03 - 2012-01-17 20:05 - 00000000 ____D () C:\Users\Götzendorf\AppData\Roaming\dvdcss
2014-07-14 21:20 - 2014-07-14 21:20 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
2014-07-14 21:20 - 2014-07-14 21:20 - 00000847 _____ () C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
2014-07-14 21:20 - 2014-07-14 21:20 - 00000000 ____D () C:\Windows\MATS
2014-07-14 21:20 - 2014-07-14 21:20 - 00000000 ____D () C:\Program Files\Microsoft Fix it Center
2014-07-14 20:56 - 2013-10-09 22:22 - 00701043 _____ () C:\Users\Götzendorf\Documents\Aktuelle Auswahl (Automatisch gespeichert).docm
2014-07-14 18:45 - 2014-07-14 18:45 - 00014766 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Keno Gewinnzahlen.xlsx
2014-07-13 17:57 - 2012-04-03 08:43 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-13 17:57 - 2012-04-03 08:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-13 17:57 - 2011-05-23 17:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-13 17:56 - 2006-11-02 14:47 - 00375040 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 17:51 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-13 15:53 - 2011-01-25 13:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-13 15:43 - 2013-07-30 08:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-13 08:45 - 2014-07-13 08:45 - 00014231 _____ () C:\Users\Götzendorf\Documents\2013 03.20 Keno Gewinnzahlena.xlsx
2014-07-13 08:44 - 2014-07-13 08:43 - 00014761 _____ () C:\Users\Götzendorf\Documents\2013 03.12 Keno Gewinnzahlen d.xlsx
2014-07-12 20:18 - 2006-11-02 12:33 - 01576054 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 19:54 - 2014-07-12 19:54 - 00001898 _____ () C:\Users\Public\Desktop\Mobile Connection Manager.lnk
2014-07-12 19:54 - 2014-07-12 19:52 - 00000000 ____D () C:\Program Files\HUAWEI Modem Driver
2014-07-12 19:54 - 2014-05-16 17:02 - 00001622 _____ () C:\Windows\setupact.log
2014-07-12 19:54 - 2011-01-24 13:34 - 00000000 ____D () C:\Users\Götzendorf
2014-07-12 19:52 - 2014-07-12 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2014-07-12 19:52 - 2012-12-26 11:51 - 00000000 ____D () C:\Program Files\o2
2014-07-12 11:08 - 2014-06-22 09:23 - 00000000 ____D () C:\Users\Götzendorf\AppData\Local\Adobe
2014-07-12 09:27 - 2014-07-12 09:27 - 00014766 _____ () C:\Users\Götzendorf\Documents\2013 04.02 Keno Gewinnzahlen.xlsx
2014-07-11 21:46 - 2014-07-11 21:00 - 00000053 _____ () C:\Users\Götzendorf\AppData\Roaming\mbam.context.scan
2014-07-11 20:40 - 2014-07-11 20:40 - 00006305 _____ () C:\Users\Götzendorf\Documents\bv.aspx
2014-07-11 18:47 - 2013-07-25 19:02 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-11 18:47 - 2013-07-25 18:57 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-11 18:47 - 2006-11-02 12:23 - 00002577 _____ () C:\Windows\system32\config.nt
2014-07-11 18:46 - 2014-07-11 18:46 - 00016112 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Lottoquoten.xlsx
2014-07-11 18:44 - 2014-07-11 18:44 - 00013833 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Lottojackpot.xlsx
2014-07-08 19:09 - 2011-08-25 19:04 - 00000000 ____D () C:\Users\Götzendorf\AppData\Roaming\Quisple
2014-07-08 18:45 - 2014-02-28 18:10 - 00194784 _____ () C:\Windows\PFRO.log
2014-07-06 20:23 - 2014-07-06 20:23 - 00000000 ___HD () C:\Users\Götzendorf\Documents\GroupPolicy
2014-07-06 19:40 - 2013-07-25 19:10 - 00000175 _____ () C:\Windows\system32\Drivers\aswVmm.sys.sum
2014-07-06 19:40 - 2013-07-25 19:10 - 00000175 _____ () C:\Windows\system32\Drivers\aswSP.sys.sum
2014-07-06 19:40 - 2013-07-25 19:10 - 00000175 _____ () C:\Windows\system32\Drivers\aswSnx.sys.sum
2014-07-06 19:26 - 2011-01-27 21:51 - 00000400 _____ () C:\Windows\system32\config\afw_hm.conf
2014-07-06 19:26 - 2011-01-27 21:51 - 00000004 _____ () C:\Windows\system32\config\afw_db.conf
2014-07-06 16:51 - 2014-07-06 16:51 - 00014105 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Glückspirale Quoten a.xlsx
2014-07-06 16:50 - 2014-07-06 16:50 - 00014759 _____ () C:\Users\Götzendorf\Documents\2013 04.01 Keno Gewinnzahlen.xlsx
2014-07-06 08:45 - 2014-07-06 08:45 - 00014760 _____ () C:\Users\Götzendorf\Documents\2013 03.31 Keno Gewinnzahlen.xlsx
2014-07-05 16:50 - 2014-07-05 16:50 - 00014470 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Lotto.xlsx
2014-07-05 10:20 - 2013-03-30 15:55 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-01 23:52 - 2011-02-21 19:37 - 00000000 ____D () C:\Program Files\Java
2014-07-01 17:07 - 2014-07-01 17:07 - 00014227 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Keno Gewinnzahlen.xlsx
2014-07-01 17:05 - 2014-07-01 17:05 - 00014497 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Glückspirale Quoten.xlsx
2014-06-29 21:44 - 2014-06-29 21:44 - 00015026 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Eurolotto Quoten.xlsx
2014-06-29 11:52 - 2014-06-29 11:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-29 11:42 - 2013-09-12 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-29 10:34 - 2014-02-05 20:41 - 00000296 _____ () C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-572801753-308004176-650481581-1000.job
2014-06-29 10:33 - 2014-06-29 10:33 - 00001164 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-06-29 10:33 - 2012-12-22 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-06-29 10:33 - 2011-01-27 22:28 - 00000000 ____D () C:\ProgramData\Real
2014-06-29 10:32 - 2011-11-28 00:06 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
2014-06-29 10:32 - 2011-11-28 00:06 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll
2014-06-29 10:32 - 2011-11-28 00:06 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll
2014-06-29 10:32 - 2011-02-09 18:50 - 00272896 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll
2014-06-29 10:31 - 2011-11-28 00:06 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2014-06-29 10:31 - 2011-11-28 00:06 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-06-29 08:56 - 2014-06-29 08:56 - 00013985 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Eurolotto Zahlen.xlsx
2014-06-29 08:55 - 2014-06-29 08:55 - 00014757 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Keno Gewinnzahlen.xlsx
2014-06-28 15:23 - 2014-06-28 15:23 - 00014768 _____ () C:\Users\Götzendorf\Documents\2013 03.28 Keno Gewinnzahlen.xlsx
2014-06-27 20:10 - 2014-06-27 20:10 - 00073728 _____ () C:\Users\Götzendorf\Documents\Computerbild - Die Themen der aktuellen Ausgabe im Überblick  Auf Heft-DVD (Gold-Edition) Der Abenteuer-Kracher Ankh 2 und das Aufbauspiel Tycoon City als Vollversion.msg
2014-06-27 20:09 - 2014-06-27 20:09 - 00016094 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Lottoquoten.xlsx
2014-06-27 20:06 - 2014-06-27 20:06 - 00014762 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Keno Gewinnzahlen.xlsx
2014-06-27 19:55 - 2014-06-27 19:55 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9231945bab4.job
2014-06-26 17:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-26 17:27 - 2014-06-26 17:27 - 00048640 _____ () C:\Users\Götzendorf\Documents\Computerbild - CeBIT 2010 Die PC- und Notebook-Trends der Technikmesse.msg
2014-06-26 17:25 - 2014-06-26 17:25 - 00013744 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Lottojackpot.xlsx
2014-06-26 17:24 - 2014-06-26 17:24 - 00014479 _____ () C:\Users\Götzendorf\Documents\2013 03.27. Lotto.xlsx
2014-06-25 17:32 - 2014-06-25 17:32 - 00014763 _____ () C:\Users\Götzendorf\Documents\2013 03.26 Keno Gewinnzahlen.xlsx
2014-06-22 09:54 - 2014-06-22 09:54 - 00014765 _____ () C:\Users\Götzendorf\Documents\2013 03.25 Keno Gewinnzahlen.xlsx
2014-06-21 15:56 - 2014-06-21 15:56 - 00014114 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Glückspirale Quoten.xlsx
2014-06-21 15:55 - 2014-06-21 15:55 - 00016624 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Lottoquoten.xlsx
2014-06-21 09:33 - 2014-06-21 09:33 - 00013744 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Lottojackpot.xlsx
2014-06-21 09:32 - 2014-06-21 09:32 - 00014761 _____ () C:\Users\Götzendorf\Documents\2013 03.24 Keno Gewinnzahlen.xlsx
2014-06-20 16:31 - 2014-06-20 16:31 - 00013945 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Lotto.xlsx
2014-06-20 16:30 - 2014-06-20 16:30 - 00014499 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Glückspirale Quotenx.xlsx
2014-06-20 16:11 - 2013-06-15 12:06 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-20 10:42 - 2014-06-20 10:42 - 00108032 _____ () C:\Users\Götzendorf\Documents\Computerwissen -  1. Excel Diagramm-Designer.msg
2014-06-20 09:27 - 2014-03-19 19:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-20 09:21 - 2014-06-20 09:21 - 00014228 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Keno Gewinnzahlen.xlsx
2014-06-20 09:19 - 2014-06-20 09:19 - 00014513 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Eurolotto Zahlen.xlsx

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-572801753-308004176-650481581-1000\$b4f2f6f89b47cbfb7cfa77e5272b6660

Files to move or delete:
====================
C:\Users\Götzendorf\AppData\Roaming\AltShell.ini
C:\Users\Götzendorf\AppData\Roaming\skype.ini
C:\Users\Götzendorf\AppData\Roaming\cache.ini


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Götzendorf\AppData\Local\Temp\avgnt.exe
C:\Users\Götzendorf\AppData\Local\Temp\chutil.dll
C:\Users\Götzendorf\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Götzendorf\AppData\Local\Temp\iMesh_setup.exe
C:\Users\Götzendorf\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Götzendorf\AppData\Local\Temp\Installhelper.dll
C:\Users\Götzendorf\AppData\Local\Temp\InstallManager_GEN_GEN.exe
C:\Users\Götzendorf\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chrd_aih (1).exe
C:\Users\Götzendorf\AppData\Local\Temp\install_reader10_de_gtbp_chrd_aih.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Götzendorf\AppData\Local\Temp\NEW3F36.tmp.exe
C:\Users\Götzendorf\AppData\Local\Temp\ose00000.exe
C:\Users\Götzendorf\AppData\Local\Temp\ose00001.exe
C:\Users\Götzendorf\AppData\Local\Temp\pcspeedmaxsetup.exe
C:\Users\Götzendorf\AppData\Local\Temp\PDHRKNTS.exe
C:\Users\Götzendorf\AppData\Local\Temp\ResetDevice.exe
C:\Users\Götzendorf\AppData\Local\Temp\rnupdate0.exe
C:\Users\Götzendorf\AppData\Local\Temp\RstApp.exe
C:\Users\Götzendorf\AppData\Local\Temp\setup.exe
C:\Users\Götzendorf\AppData\Local\Temp\SHSetup.exe
C:\Users\Götzendorf\AppData\Local\Temp\sqlite3.dll
C:\Users\Götzendorf\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Götzendorf\AppData\Local\Temp\stubhelper.dll
C:\Users\Götzendorf\AppData\Local\Temp\tbAsha.dll
C:\Users\Götzendorf\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Götzendorf\AppData\Local\Temp\{1941433F-FF52-4EF2-A5D1-D0CD5B798E5C}-28.0.1500.71_27.0.1453.116_chrome_updater.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 19:54

==================== End Of Log ============================
         

--- --- ---

Anbei die beiden Logs, da Volumen größer wie erlaubt

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by Götzendorf (administrator) on GÖTZENDORF-PC on 20-07-2014 22:14:32
Running from C:\Users\Götzendorf\Downloads\Download
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Telefónica I+D) C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\realplay.exe


==================== Registry (Whitelisted) ==================

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter 
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter 
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-01-30] (Google Inc.)
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {1669c283-e0c6-11e2-ab95-001e101f2b52} - G:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {3c530b6e-4ece-11e2-9fbc-001e339e1d85} - F:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {3c530b8a-4ece-11e2-9fbc-001e101fe70e} - F:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {50093616-7a94-11e3-885e-001e101fc4ba} - G:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\MountPoints2: {e86bff4f-5f30-11e2-87f9-001e101fb45e} - H:\AutoRun.exe
HKU\S-1-5-21-572801753-308004176-650481581-1000\...\Winlogon: [Shell] explorer.exe,C:\Users\Götzendorf\AppData\Roaming\skype.dat <==== ATTENTION 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
ShortcutTarget: WinZip Quick Pick.lnk -> C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing, S.L.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
GroupPolicyUsers\C:\Windows\system32\GroupPolicyUsers\Registry.pol: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?ocid=EIE9HP&PC=UP50
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?ocid=EIE9HP&PC=UP50
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE9ENUS/110
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
URLSearchHook: HKLM - AOL Deutschland Toolbar Search Class - {66a449dc-6b1d-4187-a4f1-b335d3da5365} - C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
SearchScopes: HKLM - DefaultScope {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=aolde-ie&s_qt=sb&tb_uuid=20110710072521215&tb_oid=10-07-2011&tb_mrud=17-11-2013
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_17_ie&cd=2XzuyEtN2Y1L1QzutDtDtByE0DtBtCtAtCtD0EtA0CyC0F0AtN0D0Tzu0SzzyEyBtN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StC0EzytDtAzztDzytGtD0CtD0CtG0DzyzyzytGyByDtBzytGyDtCzyzytC0C0ByByCtCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtD0C0C0F0F0AtGtDzz0A0AtGzzzyzyyDtG0CzztC0DtGyCyDtB0C0EtDtCzz0C0CyCzy2Q&cr=658563157&ir=
SearchScopes: HKLM - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&rp=&s_it=aolde-ie&s_qt=sb&tb_uuid=20110710072521215&tb_oid=10-07-2011&tb_mrud=17-11-2013
SearchScopes: HKLM - {9987A4EA-219D-4E85-9D1C-0B271C577635} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=95b5dc50-04bf-11e1-b24c-001e339e1d85&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=1083&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_17_ie&cd=2XzuyEtN2Y1L1QzutDtDtByE0DtBtCtAtCtD0EtA0CyC0F0AtN0D0Tzu0SzzyEyBtN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StC0EzytDtAzztDzytGtD0CtD0CtG0DzyzyzytGyByDtBzytGyDtCzyzytC0C0ByByCtCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtD0C0C0F0F0AtGtDzz0A0AtGzzzyzyyDtG0CzztC0DtGyCyDtB0C0EtDtCzz0C0CyCzy2Q&cr=658563157&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_17_ie&cd=2XzuyEtN2Y1L1QzutDtDtByE0DtBtCtAtCtD0EtA0CyC0F0AtN0D0Tzu0SzzyEyBtN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StC0EzytDtAzztDzytGtD0CtD0CtG0DzyzyzytGyByDtBzytGyDtCzyzytC0C0ByByCtCtCzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0DtD0C0C0F0F0AtGtDzz0A0AtGzzzyzyyDtG0CzztC0DtGyCyDtB0C0EtDtCzz0C0CyCzy2Q&cr=658563157&ir=
SearchScopes: HKCU - {2059CF48-25F3-40d7-9D37-24A3142FD20B} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=3379&q={SearchTerms}&s_it=aolde-ie&tb_uuid=20110710072521215&tb_oid=10-07-2011&tb_mrud=17-11-2013
SearchScopes: HKCU - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={SearchTerms}&s_it=aolrt-ie&tb_uuid=345FA7ADAF8041ED90B392A48CE34BF1&tb_oid=24-11-2013&tb_mrud=24-11-2013
SearchScopes: HKCU - {9987A4EA-219D-4E85-9D1C-0B271C577635} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7RNRN_deDE416
BHO: AOL Deutschland Toolbar Loader -> {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} -> C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: AOL Toolbar Loader -> {3ef64538-8b54-4573-b48f-4d34b0238ab2} -> C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
BHO: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Toolbar: HKLM - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU - AOL Toolbar - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: haufereader - No CLSID Value - 
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default
FF DefaultSearchEngine: AOL Search
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.aol.de/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.97 - C:\Program Files\NOS\bin\np_gp.dll No File
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\AOL Search.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\AOL Suche.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\aol-suche (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\aol-suche.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\askcom (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\MyStart Search (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\SearchResults (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\startsear (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\startsear.xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\sweetim (2).xml
FF SearchPlugin: C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\searchplugins\sweetim.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\toolbar@ask.com [2013-03-30]
FF Extension: AOL Deutschland Toolbar - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{43196362-5378-448b-8944-f097fa65e932} [2013-08-26]
FF Extension: Ashampoo DE  - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{5786d022-540e-4699-b350-b4be0ae94b79} [2013-12-14]
FF Extension: Yahoo! Toolbar - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-08-20]
FF Extension: DownThemAll! - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-21]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Götzendorf\AppData\Roaming\Mozilla\Firefox\Profiles\y303flal.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847} (2).xpi [2012-11-18]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-19]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-01-25]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-29]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-04]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-01-30]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin
FF Extension: BullGuard Backup - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin [2011-06-08]

Chrome: 
=======
CHR HomePage: hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
CHR RestoreOnStartup: "hxxp://mystart.incredibar.com/mb155?a=6R8IJU9O3r&i=26"
CHR NewTab: "chrome-extension://aaaaodiijipkjcmlclfmdmcoakmloobh/config/skin/new-tab.html"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask
CHR DefaultSearchURL: hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=859b4ee8-cdbc-4648-9cf4-07f775fbf78b&apn_ptnrs=%5EAGS&apn_sauid=45553E1E-937C-4D60-BB04-9F131CC41513&apn_dtid=%5EYYYYYY%5EYY%5EDE&q={searchTerms}
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Program Files\Google\Chrome\Application\27.0.1453.110\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.110\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60129.0\npctrl.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Avira Toolbar) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl [2013-06-12]
CHR Extension: (Sopcast Toolbar) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaodiijipkjcmlclfmdmcoakmloobh [2012-12-20]
CHR Extension: (RealDownloader) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-12]
CHR Extension: (New tab for Chrome™) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-12-20]
CHR Extension: (Google Wallet) - C:\Users\Götzendorf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-01]
CHR HKLM\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Götzendorf\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.20.0.crx [2013-03-30]
CHR HKLM\...\Chrome\Extension: [aaaaodiijipkjcmlclfmdmcoakmloobh] - C:\Users\Götzendorf\AppData\Local\APN\GoogleCRXs\aaaaodiijipkjcmlclfmdmcoakmloobh_7.13.1.0.crx [2012-10-20]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\newTab.crx [2012-10-20]
CHR HKLM\...\Chrome\Extension: [niogeckbkdcabhnapjbkeiklablhjoca] - C:\Program Files\Perion\ChromeInfoBar\ChromeInfoBar.crx [2012-10-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [801872 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-05] (Avira Operations GmbH & Co. KG)
S4 BgLiveSvc; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [300368 2009-04-06] (BullGuard Ltd.)
S4 BgMainSvc; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [79184 2009-09-04] (BullGuard Ltd.)
S4 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll [132432 2009-04-06] (BullGuard Ltd.)
S4 BsFire; C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll [333136 2009-04-06] (BullGuard Ltd.)
S4 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy.dll [87376 2009-04-16] (BullGuard Ltd.)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S4 PDHRKNTS; C:\Users\Götzendorf\AppData\Local\Temp\PDHRKNTS.exe [527232 2014-04-01] (Sysinternals - www.sysinternals.com) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 TGCM_ImportWiFiSvc; C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [1528672 2012-05-29] (TuneUp Software)
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 afw; C:\Windows\System32\DRIVERS\afw.sys [29208 2009-03-23] (Agnitum Ltd.)
R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [305688 2009-03-23] (Agnitum Ltd.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\system32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
S1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [765736 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [174664 2013-05-09] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 BdFileSpy; C:\Windows\system32\drivers\BdFileSpy.sys [55504 2009-01-23] (BullGuard Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2010-07-13] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2010-07-13] (RapidSolution Software AG)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [37920 2010-07-13] (RapidSolution Software AG)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [10064 2012-05-08] (TuneUp Software)
S1 afwdabhw; \??\C:\Windows\system32\drivers\afwdabhw.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U3 DfSdkS; 
S1 dohpvqvd; \??\C:\Windows\system32\drivers\dohpvqvd.sys [X]
S0 emqa; System32\drivers\osoawif.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Tosrfcom; No ImagePath
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 22:13 - 2014-07-20 22:14 - 00000000 ____D () C:\FRST
2014-07-20 18:48 - 2014-07-20 18:48 - 00014496 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Eurolotto Quoten.xlsx
2014-07-20 18:46 - 2014-07-20 18:46 - 00014468 _____ () C:\Users\Götzendorf\Documents\2013 04.06. Lotto.xlsx
2014-07-20 08:35 - 2014-07-20 08:35 - 00014238 _____ () C:\Users\Götzendorf\Documents\2013 04.04 Keno Gewinnzahlen.xlsx
2014-07-20 08:34 - 2014-07-20 08:34 - 00016641 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Lottoquoten.xlsx
2014-07-19 11:52 - 2014-07-19 11:52 - 00014235 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Keno Gewinnzahlen.xlsx
2014-07-19 11:48 - 2014-07-19 11:48 - 00014521 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Eurolotto Zahlen.xlsx
2014-07-16 17:57 - 2014-07-16 17:57 - 00013778 _____ () C:\Users\Götzendorf\Documents\2013 04.06 Lottojackpot.xlsx
2014-07-16 17:56 - 2014-07-16 17:56 - 00014474 _____ () C:\Users\Götzendorf\Documents\2013 04.03. Lotto.xlsx
2014-07-15 22:16 - 2014-07-15 22:16 - 01420278 _____ () C:\Users\Gast\Documents\Avira Official Store - Buy Antivirus Pro, Internet Security Suite and System Speedup.mht
2014-07-15 22:12 - 2014-07-15 22:12 - 04316734 _____ () C:\Users\Gast\Documents\Fussballergebnisse 2009-2010 13.04.2014 neu Gast.xlsx
2014-07-15 20:52 - 2014-07-15 21:57 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\vlc
2014-07-15 20:13 - 2014-07-15 20:13 - 00000000 ____D () C:\Users\Gast\AppData\Local\Macromedia
2014-07-15 19:45 - 2014-07-15 21:57 - 00156160 _____ () C:\Users\Gast\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-15 19:38 - 2014-07-15 19:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\WinZip
2014-07-15 19:36 - 2014-07-15 19:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes
2014-07-15 19:28 - 2014-07-15 19:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2014-07-15 19:15 - 2014-07-15 19:15 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-07-15 19:14 - 2014-07-15 20:34 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Google
2014-07-15 19:14 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\DoNotTrackPlus
2014-07-15 19:14 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\AskToolbar
2014-07-15 19:13 - 2014-07-15 19:13 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\RealNetworks
2014-07-15 19:13 - 2014-07-15 19:13 - 00000000 ____D () C:\Users\Gast\AppData\Local\AOL Deutschland Toolbar
2014-07-15 19:12 - 2014-07-15 19:12 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla
2014-07-15 19:12 - 2014-07-15 19:12 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla
2014-07-15 19:10 - 2014-07-15 19:10 - 00101768 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Lexware
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Apple Computer
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Local\Lexware
2014-07-15 19:09 - 2014-07-20 17:01 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Real
2014-07-15 19:09 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\BullGuard
2014-07-15 19:09 - 2014-07-15 19:09 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Avira
2014-07-15 19:08 - 2014-07-20 17:00 - 00000680 _____ () C:\Users\Gast\AppData\Local\d3d9caps.dat
2014-07-15 19:08 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-15 19:08 - 2014-07-15 19:08 - 00001968 _____ () C:\Users\Gast\Desktop\Google Chrome.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000954 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000949 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000920 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000680 __RSH () C:\Users\Gast\ntuser.pol
2014-07-15 19:08 - 2014-07-15 19:08 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\TuneUp Software
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast
2014-07-15 19:08 - 2011-01-26 10:51 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-15 19:08 - 2011-01-26 10:51 - 00000000 ___RD () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-15 19:08 - 2011-01-26 09:58 - 00000000 ____D () C:\Users\Gast\AppData\Local\Microsoft Help
2014-07-14 21:20 - 2014-07-14 21:20 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
2014-07-14 21:20 - 2014-07-14 21:20 - 00000847 _____ () C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
2014-07-14 21:20 - 2014-07-14 21:20 - 00000000 ____D () C:\Windows\MATS
2014-07-14 21:20 - 2014-07-14 21:20 - 00000000 ____D () C:\Program Files\Microsoft Fix it Center
2014-07-14 18:45 - 2014-07-14 18:45 - 00014766 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Keno Gewinnzahlen.xlsx
2014-07-13 08:49 - 2014-06-07 02:19 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-13 08:49 - 2014-06-06 10:59 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-13 08:48 - 2014-05-30 08:53 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-13 08:45 - 2014-07-13 08:45 - 00014231 _____ () C:\Users\Götzendorf\Documents\2013 03.20 Keno Gewinnzahlena.xlsx
2014-07-13 08:43 - 2014-07-13 08:44 - 00014761 _____ () C:\Users\Götzendorf\Documents\2013 03.12 Keno Gewinnzahlen d.xlsx
2014-07-12 19:54 - 2014-07-12 19:54 - 00001898 _____ () C:\Users\Public\Desktop\Mobile Connection Manager.lnk
2014-07-12 19:54 - 2010-11-04 11:51 - 00085248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2014-07-12 19:54 - 2010-10-09 08:48 - 00072576 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2014-07-12 19:54 - 2010-09-26 12:00 - 00051456 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2014-07-12 19:54 - 2010-09-26 12:00 - 00026496 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2014-07-12 19:53 - 2010-08-27 07:53 - 00116736 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbnet.sys
2014-07-12 19:53 - 2010-08-07 11:48 - 00106880 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-07-12 19:53 - 2010-07-27 03:52 - 00102784 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2014-07-12 19:53 - 2010-05-10 08:18 - 00860928 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2014-07-12 19:53 - 2010-03-20 06:06 - 00011136 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2014-07-12 19:53 - 2007-08-08 22:06 - 00023424 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-07-12 19:52 - 2014-07-12 19:54 - 00000000 ____D () C:\Program Files\HUAWEI Modem Driver
2014-07-12 19:52 - 2014-07-12 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2014-07-12 09:27 - 2014-07-12 09:27 - 00014766 _____ () C:\Users\Götzendorf\Documents\2013 04.02 Keno Gewinnzahlen.xlsx
2014-07-11 21:00 - 2014-07-11 21:46 - 00000053 _____ () C:\Users\Götzendorf\AppData\Roaming\mbam.context.scan
2014-07-11 20:40 - 2014-07-11 20:40 - 00006305 _____ () C:\Users\Götzendorf\Documents\bv.aspx
2014-07-11 18:47 - 2013-05-09 10:59 - 00765736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-11 18:47 - 2013-05-09 10:59 - 00174664 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-11 18:47 - 2013-05-09 10:59 - 00066336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-11 18:47 - 2013-05-09 10:59 - 00049760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-07-11 18:47 - 2013-05-09 10:59 - 00049376 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-11 18:46 - 2014-07-11 18:46 - 00016112 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Lottoquoten.xlsx
2014-07-11 18:44 - 2014-07-11 18:44 - 00013833 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Lottojackpot.xlsx
2014-07-07 22:08 - 2014-07-14 22:31 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-06 20:23 - 2014-07-06 20:23 - 00000000 ___HD () C:\Users\Götzendorf\Documents\GroupPolicy
2014-07-06 16:51 - 2014-07-06 16:51 - 00014105 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Glückspirale Quoten a.xlsx
2014-07-06 16:50 - 2014-07-06 16:50 - 00014759 _____ () C:\Users\Götzendorf\Documents\2013 04.01 Keno Gewinnzahlen.xlsx
2014-07-06 11:33 - 2013-05-09 10:58 - 00229648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-06 08:45 - 2014-07-06 08:45 - 00014760 _____ () C:\Users\Götzendorf\Documents\2013 03.31 Keno Gewinnzahlen.xlsx
2014-07-05 16:50 - 2014-07-05 16:50 - 00014470 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Lotto.xlsx
2014-07-01 23:52 - 2013-09-12 23:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-01 23:52 - 2013-09-12 23:11 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-01 17:07 - 2014-07-01 17:07 - 00014227 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Keno Gewinnzahlen.xlsx
2014-07-01 17:05 - 2014-07-01 17:05 - 00014497 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Glückspirale Quoten.xlsx
2014-06-29 21:44 - 2014-06-29 21:44 - 00015026 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Eurolotto Quoten.xlsx
2014-06-29 11:46 - 2014-06-29 11:52 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-29 11:43 - 2013-09-12 23:11 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-29 10:33 - 2014-06-29 10:33 - 00001164 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-06-29 08:56 - 2014-06-29 08:56 - 00013985 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Eurolotto Zahlen.xlsx
2014-06-29 08:55 - 2014-06-29 08:55 - 00014757 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Keno Gewinnzahlen.xlsx
2014-06-28 15:23 - 2014-06-28 15:23 - 00014768 _____ () C:\Users\Götzendorf\Documents\2013 03.28 Keno Gewinnzahlen.xlsx
2014-06-27 20:10 - 2014-06-27 20:10 - 00073728 _____ () C:\Users\Götzendorf\Documents\Computerbild - Die Themen der aktuellen Ausgabe im Überblick  Auf Heft-DVD (Gold-Edition) Der Abenteuer-Kracher Ankh 2 und das Aufbauspiel Tycoon City als Vollversion.msg
2014-06-27 20:09 - 2014-06-27 20:09 - 00016094 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Lottoquoten.xlsx
2014-06-27 20:06 - 2014-06-27 20:06 - 00014762 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Keno Gewinnzahlen.xlsx
2014-06-27 19:55 - 2014-06-27 19:55 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9231945bab4.job
2014-06-26 17:27 - 2014-06-26 17:27 - 00048640 _____ () C:\Users\Götzendorf\Documents\Computerbild - CeBIT 2010 Die PC- und Notebook-Trends der Technikmesse.msg
2014-06-26 17:25 - 2014-06-26 17:25 - 00013744 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Lottojackpot.xlsx
2014-06-26 17:24 - 2014-06-26 17:24 - 00014479 _____ () C:\Users\Götzendorf\Documents\2013 03.27. Lotto.xlsx
2014-06-25 17:32 - 2014-06-25 17:32 - 00014763 _____ () C:\Users\Götzendorf\Documents\2013 03.26 Keno Gewinnzahlen.xlsx
2014-06-22 09:54 - 2014-06-22 09:54 - 00014765 _____ () C:\Users\Götzendorf\Documents\2013 03.25 Keno Gewinnzahlen.xlsx
2014-06-22 09:23 - 2014-07-12 11:08 - 00000000 ____D () C:\Users\Götzendorf\AppData\Local\Adobe
2014-06-21 15:56 - 2014-06-21 15:56 - 00014114 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Glückspirale Quoten.xlsx
2014-06-21 15:55 - 2014-06-21 15:55 - 00016624 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Lottoquoten.xlsx
2014-06-21 09:33 - 2014-06-21 09:33 - 00013744 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Lottojackpot.xlsx
2014-06-21 09:32 - 2014-06-21 09:32 - 00014761 _____ () C:\Users\Götzendorf\Documents\2013 03.24 Keno Gewinnzahlen.xlsx
2014-06-20 16:31 - 2014-06-20 16:31 - 00013945 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Lotto.xlsx
2014-06-20 16:30 - 2014-06-20 16:30 - 00014499 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Glückspirale Quotenx.xlsx
2014-06-20 10:42 - 2014-06-20 10:42 - 00108032 _____ () C:\Users\Götzendorf\Documents\Computerwissen -  1. Excel Diagramm-Designer.msg
2014-06-20 09:21 - 2014-06-20 09:21 - 00014228 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Keno Gewinnzahlen.xlsx
2014-06-20 09:19 - 2014-06-20 09:19 - 00014513 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Eurolotto Zahlen.xlsx

==================== One Month Modified Files and Folders =======

2014-07-20 22:14 - 2014-07-20 22:13 - 00000000 ____D () C:\FRST
2014-07-20 22:14 - 2014-06-11 22:36 - 00000000 ____D () C:\Users\Götzendorf\Downloads\Download
2014-07-20 21:48 - 2011-01-30 20:39 - 00000000 ____D () C:\Users\Götzendorf\AppData\Roaming\vlc
2014-07-20 21:47 - 2006-11-02 14:47 - 00005296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 21:47 - 2006-11-02 14:47 - 00005296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 21:44 - 2014-05-21 20:34 - 00001356 _____ () C:\Users\Götzendorf\AppData\Local\d3d9caps.tmp
2014-07-20 21:07 - 2011-03-18 18:17 - 00000000 ____D () C:\Users\Götzendorf\Documents\Aktuelle Verzeichnisse
2014-07-20 20:02 - 2006-11-02 14:52 - 01906656 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 19:48 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2014-07-20 19:43 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-20 19:42 - 2013-07-23 22:09 - 00000318 _____ () C:\Windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-572801753-308004176-650481581-1000.job
2014-07-20 18:55 - 2013-09-04 22:07 - 00000336 _____ () C:\Windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-572801753-308004176-650481581-1000.job
2014-07-20 18:48 - 2014-07-20 18:48 - 00014496 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Eurolotto Quoten.xlsx
2014-07-20 18:46 - 2014-07-20 18:46 - 00014468 _____ () C:\Users\Götzendorf\Documents\2013 04.06. Lotto.xlsx
2014-07-20 17:01 - 2014-07-15 19:09 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Real
2014-07-20 17:00 - 2014-07-15 19:08 - 00000680 _____ () C:\Users\Gast\AppData\Local\d3d9caps.dat
2014-07-20 08:35 - 2014-07-20 08:35 - 00014238 _____ () C:\Users\Götzendorf\Documents\2013 04.04 Keno Gewinnzahlen.xlsx
2014-07-20 08:34 - 2014-07-20 08:34 - 00016641 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Lottoquoten.xlsx
2014-07-19 11:52 - 2014-07-19 11:52 - 00014235 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Keno Gewinnzahlen.xlsx
2014-07-19 11:48 - 2014-07-19 11:48 - 00014521 _____ () C:\Users\Götzendorf\Documents\2013 04.05 Eurolotto Zahlen.xlsx
2014-07-16 17:57 - 2014-07-16 17:57 - 00013778 _____ () C:\Users\Götzendorf\Documents\2013 04.06 Lottojackpot.xlsx
2014-07-16 17:56 - 2014-07-16 17:56 - 00014474 _____ () C:\Users\Götzendorf\Documents\2013 04.03. Lotto.xlsx
2014-07-15 22:16 - 2014-07-15 22:16 - 01420278 _____ () C:\Users\Gast\Documents\Avira Official Store - Buy Antivirus Pro, Internet Security Suite and System Speedup.mht
2014-07-15 22:12 - 2014-07-15 22:12 - 04316734 _____ () C:\Users\Gast\Documents\Fussballergebnisse 2009-2010 13.04.2014 neu Gast.xlsx
2014-07-15 21:57 - 2014-07-15 20:52 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\vlc
2014-07-15 21:57 - 2014-07-15 19:45 - 00156160 _____ () C:\Users\Gast\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-15 20:34 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Google
2014-07-15 20:13 - 2014-07-15 20:13 - 00000000 ____D () C:\Users\Gast\AppData\Local\Macromedia
2014-07-15 19:38 - 2014-07-15 19:38 - 00000000 ____D () C:\Users\Gast\AppData\Local\WinZip
2014-07-15 19:36 - 2014-07-15 19:36 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Malwarebytes
2014-07-15 19:28 - 2014-07-15 19:28 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Macromedia
2014-07-15 19:15 - 2014-07-15 19:15 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Adobe
2014-07-15 19:14 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\DoNotTrackPlus
2014-07-15 19:14 - 2014-07-15 19:14 - 00000000 ____D () C:\Users\Gast\AppData\Local\AskToolbar
2014-07-15 19:14 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-07-15 19:13 - 2014-07-15 19:13 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\RealNetworks
2014-07-15 19:13 - 2014-07-15 19:13 - 00000000 ____D () C:\Users\Gast\AppData\Local\AOL Deutschland Toolbar
2014-07-15 19:12 - 2014-07-15 19:12 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Mozilla
2014-07-15 19:12 - 2014-07-15 19:12 - 00000000 ____D () C:\Users\Gast\AppData\Local\Mozilla
2014-07-15 19:10 - 2014-07-15 19:10 - 00101768 _____ () C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Lexware
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Apple Computer
2014-07-15 19:10 - 2014-07-15 19:10 - 00000000 ____D () C:\Users\Gast\AppData\Local\Lexware
2014-07-15 19:10 - 2014-07-15 19:09 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\BullGuard
2014-07-15 19:09 - 2014-07-15 19:09 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\Avira
2014-07-15 19:08 - 2014-07-15 19:08 - 00001968 _____ () C:\Users\Gast\Desktop\Google Chrome.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000954 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000949 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000920 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-07-15 19:08 - 2014-07-15 19:08 - 00000680 __RSH () C:\Users\Gast\ntuser.pol
2014-07-15 19:08 - 2014-07-15 19:08 - 00000020 ___SH () C:\Users\Gast\ntuser.ini
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Startmenü
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Netzwerkumgebung
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Druckumgebung
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Musik
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\Documents\Eigene Bilder
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 _SHDL () C:\Users\Gast\AppData\Local\Verlauf
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Roaming\TuneUp Software
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\VirtualStore
2014-07-15 19:08 - 2014-07-15 19:08 - 00000000 ____D () C:\Users\Gast
2014-07-14 22:31 - 2014-07-07 22:08 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-07-14 22:03 - 2012-01-17 20:05 - 00000000 ____D () C:\Users\Götzendorf\AppData\Roaming\dvdcss
2014-07-14 21:20 - 2014-07-14 21:20 - 00000859 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Fix it Center.lnk
2014-07-14 21:20 - 2014-07-14 21:20 - 00000847 _____ () C:\Users\Public\Desktop\Microsoft Fix*it Center.lnk
2014-07-14 21:20 - 2014-07-14 21:20 - 00000000 ____D () C:\Windows\MATS
2014-07-14 21:20 - 2014-07-14 21:20 - 00000000 ____D () C:\Program Files\Microsoft Fix it Center
2014-07-14 20:56 - 2013-10-09 22:22 - 00701043 _____ () C:\Users\Götzendorf\Documents\Aktuelle Auswahl (Automatisch gespeichert).docm
2014-07-14 18:45 - 2014-07-14 18:45 - 00014766 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Keno Gewinnzahlen.xlsx
2014-07-13 17:57 - 2012-04-03 08:43 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-13 17:57 - 2012-04-03 08:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-13 17:57 - 2011-05-23 17:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-13 17:56 - 2006-11-02 14:47 - 00375040 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-13 17:51 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-13 15:53 - 2011-01-25 13:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-13 15:43 - 2013-07-30 08:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-13 08:45 - 2014-07-13 08:45 - 00014231 _____ () C:\Users\Götzendorf\Documents\2013 03.20 Keno Gewinnzahlena.xlsx
2014-07-13 08:44 - 2014-07-13 08:43 - 00014761 _____ () C:\Users\Götzendorf\Documents\2013 03.12 Keno Gewinnzahlen d.xlsx
2014-07-12 20:18 - 2006-11-02 12:33 - 01576054 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-12 19:54 - 2014-07-12 19:54 - 00001898 _____ () C:\Users\Public\Desktop\Mobile Connection Manager.lnk
2014-07-12 19:54 - 2014-07-12 19:52 - 00000000 ____D () C:\Program Files\HUAWEI Modem Driver
2014-07-12 19:54 - 2014-05-16 17:02 - 00001622 _____ () C:\Windows\setupact.log
2014-07-12 19:54 - 2011-01-24 13:34 - 00000000 ____D () C:\Users\Götzendorf
2014-07-12 19:52 - 2014-07-12 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2014-07-12 19:52 - 2012-12-26 11:51 - 00000000 ____D () C:\Program Files\o2
2014-07-12 11:08 - 2014-06-22 09:23 - 00000000 ____D () C:\Users\Götzendorf\AppData\Local\Adobe
2014-07-12 09:27 - 2014-07-12 09:27 - 00014766 _____ () C:\Users\Götzendorf\Documents\2013 04.02 Keno Gewinnzahlen.xlsx
2014-07-11 21:46 - 2014-07-11 21:00 - 00000053 _____ () C:\Users\Götzendorf\AppData\Roaming\mbam.context.scan
2014-07-11 20:40 - 2014-07-11 20:40 - 00006305 _____ () C:\Users\Götzendorf\Documents\bv.aspx
2014-07-11 18:47 - 2013-07-25 19:02 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-11 18:47 - 2013-07-25 18:57 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-11 18:47 - 2006-11-02 12:23 - 00002577 _____ () C:\Windows\system32\config.nt
2014-07-11 18:46 - 2014-07-11 18:46 - 00016112 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Lottoquoten.xlsx
2014-07-11 18:44 - 2014-07-11 18:44 - 00013833 _____ () C:\Users\Götzendorf\Documents\2013 04.03 Lottojackpot.xlsx
2014-07-08 19:09 - 2011-08-25 19:04 - 00000000 ____D () C:\Users\Götzendorf\AppData\Roaming\Quisple
2014-07-08 18:45 - 2014-02-28 18:10 - 00194784 _____ () C:\Windows\PFRO.log
2014-07-06 20:23 - 2014-07-06 20:23 - 00000000 ___HD () C:\Users\Götzendorf\Documents\GroupPolicy
2014-07-06 19:40 - 2013-07-25 19:10 - 00000175 _____ () C:\Windows\system32\Drivers\aswVmm.sys.sum
2014-07-06 19:40 - 2013-07-25 19:10 - 00000175 _____ () C:\Windows\system32\Drivers\aswSP.sys.sum
2014-07-06 19:40 - 2013-07-25 19:10 - 00000175 _____ () C:\Windows\system32\Drivers\aswSnx.sys.sum
2014-07-06 19:26 - 2011-01-27 21:51 - 00000400 _____ () C:\Windows\system32\config\afw_hm.conf
2014-07-06 19:26 - 2011-01-27 21:51 - 00000004 _____ () C:\Windows\system32\config\afw_db.conf
2014-07-06 16:51 - 2014-07-06 16:51 - 00014105 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Glückspirale Quoten a.xlsx
2014-07-06 16:50 - 2014-07-06 16:50 - 00014759 _____ () C:\Users\Götzendorf\Documents\2013 04.01 Keno Gewinnzahlen.xlsx
2014-07-06 08:45 - 2014-07-06 08:45 - 00014760 _____ () C:\Users\Götzendorf\Documents\2013 03.31 Keno Gewinnzahlen.xlsx
2014-07-05 16:50 - 2014-07-05 16:50 - 00014470 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Lotto.xlsx
2014-07-05 10:20 - 2013-03-30 15:55 - 00097648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-01 23:52 - 2011-02-21 19:37 - 00000000 ____D () C:\Program Files\Java
2014-07-01 17:07 - 2014-07-01 17:07 - 00014227 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Keno Gewinnzahlen.xlsx
2014-07-01 17:05 - 2014-07-01 17:05 - 00014497 _____ () C:\Users\Götzendorf\Documents\2013 03.30. Glückspirale Quoten.xlsx
2014-06-29 21:44 - 2014-06-29 21:44 - 00015026 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Eurolotto Quoten.xlsx
2014-06-29 11:52 - 2014-06-29 11:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-29 11:42 - 2013-09-12 23:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-29 10:34 - 2014-02-05 20:41 - 00000296 _____ () C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-572801753-308004176-650481581-1000.job
2014-06-29 10:33 - 2014-06-29 10:33 - 00001164 _____ () C:\Users\Public\Desktop\RealPlayer.lnk
2014-06-29 10:33 - 2012-12-22 00:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-06-29 10:33 - 2011-01-27 22:28 - 00000000 ____D () C:\ProgramData\Real
2014-06-29 10:32 - 2011-11-28 00:06 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
2014-06-29 10:32 - 2011-11-28 00:06 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll
2014-06-29 10:32 - 2011-11-28 00:06 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll
2014-06-29 10:32 - 2011-02-09 18:50 - 00272896 _____ (Progressive Networks) C:\Windows\system32\pncrt.dll
2014-06-29 10:31 - 2011-11-28 00:06 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp71.dll
2014-06-29 10:31 - 2011-11-28 00:06 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-06-29 08:56 - 2014-06-29 08:56 - 00013985 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Eurolotto Zahlen.xlsx
2014-06-29 08:55 - 2014-06-29 08:55 - 00014757 _____ () C:\Users\Götzendorf\Documents\2013 03.29 Keno Gewinnzahlen.xlsx
2014-06-28 15:23 - 2014-06-28 15:23 - 00014768 _____ () C:\Users\Götzendorf\Documents\2013 03.28 Keno Gewinnzahlen.xlsx
2014-06-27 20:10 - 2014-06-27 20:10 - 00073728 _____ () C:\Users\Götzendorf\Documents\Computerbild - Die Themen der aktuellen Ausgabe im Überblick  Auf Heft-DVD (Gold-Edition) Der Abenteuer-Kracher Ankh 2 und das Aufbauspiel Tycoon City als Vollversion.msg
2014-06-27 20:09 - 2014-06-27 20:09 - 00016094 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Lottoquoten.xlsx
2014-06-27 20:06 - 2014-06-27 20:06 - 00014762 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Keno Gewinnzahlen.xlsx
2014-06-27 19:55 - 2014-06-27 19:55 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9231945bab4.job
2014-06-26 17:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-26 17:27 - 2014-06-26 17:27 - 00048640 _____ () C:\Users\Götzendorf\Documents\Computerbild - CeBIT 2010 Die PC- und Notebook-Trends der Technikmesse.msg
2014-06-26 17:25 - 2014-06-26 17:25 - 00013744 _____ () C:\Users\Götzendorf\Documents\2013 03.30 Lottojackpot.xlsx
2014-06-26 17:24 - 2014-06-26 17:24 - 00014479 _____ () C:\Users\Götzendorf\Documents\2013 03.27. Lotto.xlsx
2014-06-25 17:32 - 2014-06-25 17:32 - 00014763 _____ () C:\Users\Götzendorf\Documents\2013 03.26 Keno Gewinnzahlen.xlsx
2014-06-22 09:54 - 2014-06-22 09:54 - 00014765 _____ () C:\Users\Götzendorf\Documents\2013 03.25 Keno Gewinnzahlen.xlsx
2014-06-21 15:56 - 2014-06-21 15:56 - 00014114 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Glückspirale Quoten.xlsx
2014-06-21 15:55 - 2014-06-21 15:55 - 00016624 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Lottoquoten.xlsx
2014-06-21 09:33 - 2014-06-21 09:33 - 00013744 _____ () C:\Users\Götzendorf\Documents\2013 03.27 Lottojackpot.xlsx
2014-06-21 09:32 - 2014-06-21 09:32 - 00014761 _____ () C:\Users\Götzendorf\Documents\2013 03.24 Keno Gewinnzahlen.xlsx
2014-06-20 16:31 - 2014-06-20 16:31 - 00013945 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Lotto.xlsx
2014-06-20 16:30 - 2014-06-20 16:30 - 00014499 _____ () C:\Users\Götzendorf\Documents\2013 03.23. Glückspirale Quotenx.xlsx
2014-06-20 16:11 - 2013-06-15 12:06 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-20 10:42 - 2014-06-20 10:42 - 00108032 _____ () C:\Users\Götzendorf\Documents\Computerwissen -  1. Excel Diagramm-Designer.msg
2014-06-20 09:27 - 2014-03-19 19:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-20 09:21 - 2014-06-20 09:21 - 00014228 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Keno Gewinnzahlen.xlsx
2014-06-20 09:19 - 2014-06-20 09:19 - 00014513 _____ () C:\Users\Götzendorf\Documents\2013 03.23 Eurolotto Zahlen.xlsx

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-572801753-308004176-650481581-1000\$b4f2f6f89b47cbfb7cfa77e5272b6660

Files to move or delete:
====================
C:\Users\Götzendorf\AppData\Roaming\AltShell.ini
C:\Users\Götzendorf\AppData\Roaming\skype.ini
C:\Users\Götzendorf\AppData\Roaming\cache.ini


Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\avgnt.exe
C:\Users\Götzendorf\AppData\Local\Temp\avgnt.exe
C:\Users\Götzendorf\AppData\Local\Temp\chutil.dll
C:\Users\Götzendorf\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\Götzendorf\AppData\Local\Temp\iMesh_setup.exe
C:\Users\Götzendorf\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\Götzendorf\AppData\Local\Temp\Installhelper.dll
C:\Users\Götzendorf\AppData\Local\Temp\InstallManager_GEN_GEN.exe
C:\Users\Götzendorf\AppData\Local\Temp\install_flashplayer11x32ax_gtbp_chrd_aih (1).exe
C:\Users\Götzendorf\AppData\Local\Temp\install_reader10_de_gtbp_chrd_aih.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Götzendorf\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Götzendorf\AppData\Local\Temp\NEW3F36.tmp.exe
C:\Users\Götzendorf\AppData\Local\Temp\ose00000.exe
C:\Users\Götzendorf\AppData\Local\Temp\ose00001.exe
C:\Users\Götzendorf\AppData\Local\Temp\pcspeedmaxsetup.exe
C:\Users\Götzendorf\AppData\Local\Temp\PDHRKNTS.exe
C:\Users\Götzendorf\AppData\Local\Temp\ResetDevice.exe
C:\Users\Götzendorf\AppData\Local\Temp\rnupdate0.exe
C:\Users\Götzendorf\AppData\Local\Temp\RstApp.exe
C:\Users\Götzendorf\AppData\Local\Temp\setup.exe
C:\Users\Götzendorf\AppData\Local\Temp\SHSetup.exe
C:\Users\Götzendorf\AppData\Local\Temp\sqlite3.dll
C:\Users\Götzendorf\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Götzendorf\AppData\Local\Temp\stubhelper.dll
C:\Users\Götzendorf\AppData\Local\Temp\tbAsha.dll
C:\Users\Götzendorf\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\Götzendorf\AppData\Local\Temp\{1941433F-FF52-4EF2-A5D1-D0CD5B798E5C}-28.0.1500.71_27.0.1453.116_chrome_updater.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 19:54

==================== End Of Log ============================
         

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:20-07-2014
Ran by Götzendorf at 2014-07-20 22:20:15
Running from C:\Users\Götzendorf\Downloads\Download
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Kaspersky Anti-Virus (Enabled - Out of date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Microsoft Security Essentials (Enabled - Up to date) {3F839487-C7A2-C958-E30C-E2825BA31FB5}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: BullGuard Antivirus (Disabled - Out of date) {504FFF66-3028-EB7E-2E60-62B19ADD791C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: BullGuard Antispyware (Disabled - Out of date) {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {84E27563-E198-C6D6-D9BC-D9F020245508}
FW: BullGuard Firewall (Disabled) {68747E43-7A47-EA26-053F-CB84640E3E67}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AOL Deutschland Toolbar (HKCU\...\AOL Deutschland Toolbar) (Version:  - )
AOL Deutschland Toolbar (HKLM\...\AOL Deutschland Toolbar) (Version:  - AOL Inc.)
AOL Toolbar (HKLM\...\AOL Toolbar) (Version:  - AOL Inc.)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft MediaImpression 2 (HKLM\...\{210E8562-74DA-4D97-945B-88B2ED9C8028}) (Version: 2.0.15.965 - ArcSoft)
Artweaver 1.0 (HKLM\...\{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1) (Version: 1.0 - Boris Eyrich Software)
Ashampoo WinOptimizer 2012 v.8.1.4 (HKLM\...\Ashampoo WinOptimizer 2012_is1) (Version: 8.1.4 - Ashampoo GmbH & Co. KG)
Ask Toolbar (HKLM\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.26.0 - Ask.com) <==== ATTENTION
Atheros Client Utility (HKLM\...\{16E8BF9A-B419-4A44-A020-30F8CFB84B9D}) (Version: 7.7 - Atheros)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 7.7 - Atheros)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.6.45268 - Ask.com) <==== ATTENTION
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 7 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Bing Bar (HKLM\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.3.2348.0 - Microsoft Corporation)
Bing Bar Platform (Version: 6.3.2348.0 - Microsoft Corporation) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.02(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BullGuard 8.7 (HKLM\...\BullGuard) (Version: 8.7 - BullGuard Ltd.)
Cisco EAP-FAST Module (HKLM\...\{9BFD5911-93E3-42BB-BFCD-50E4BA5B8D67}) (Version: 2.2.10 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{99A4344A-C723-4661-A507-D9D939480358}) (Version: 1.0.16 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{CD344FA5-6657-47CD-940F-8727EED35595}) (Version: 1.1.3 - Cisco Systems, Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Download Updater (AOL Inc.) (HKLM\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION
Dresdner Bank Kalenderuhr Screen Saver (HKLM\...\Dresdner Bank Kalenderuhr) (Version:  - )
Dresdner Bank Tanzschirm Screen Saver (HKLM\...\Dresdner Bank Tanzschirm) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
FreeDoko 0.7.9 (HKLM\...\FreeDoko) (Version: 0.7.9 - Borg Enders und Diether Knof)
FuturixImager 6.0 (HKLM\...\FuturixImager6) (Version: 6.0 - )
Gameo Updater (HKCU\...\Gameo Updater) (Version:  - Gameo Updater)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Haufe iDesk-Browser (HKLM\...\{56FDB311-6511-11DE-832F-0050560400B1}) (Version: 9.06.30.7144 - Haufe)
Haufe iDesk-Service (HKLM\...\{EB5AE940-8E5D-11DE-992A-005056B12123}) (Version: 9.08.21.7460 - Haufe)
HUAWEI DataCard Driver 4.20.12.00 (HKLM\...\HUAWEI DataCard Driver) (Version: 4.20.12.00 - Huawei technologies Co., Ltd.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexware Info Service (HKLM\...\{59624372-3B85-47f4-9B04-4911E551DF1E}) (Version: 2.61.00.0033 - Lexware GmbH & Co. KG)
Mall Tycoon 3 (HKLM\...\{8F259DC2-51CA-4EBE-8320-E22B9C34AD01}) (Version: 1.0.0 - Cat Daddy Games)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Default Manager (Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connection Manager (HKLM\...\o2DE) (Version:  - Mobile Connection Manager)
Monopoly Tycoon (HKLM\...\{B975F4A1-63B6-11D4-BFEC-005004AF2D32}) (Version:  - )
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mp3tag v2.53 (HKLM\...\Mp3tag) (Version: v2.53 - Florian Heidenreich)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPaint 0.8.2 (HKLM\...\MyPaint) (Version: 0.8.2 - Martin Renold & MyPaint Development Team)
PixiePack Codec Pack (HKLM\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
Pointofix (HKLM\...\Pointofix_is1) (Version:  - Amerigomedia)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Quisple 1.5.0.0 (HKLM\...\{47ECBB7E-3310-4DB8-BC3B-5B8F31B7C869}_is1) (Version:  - Quick and Simple way of Music)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version:  - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Servicepack Datumsaktualisierung (Version: 1.00.00.0005 - Haufe-Lexware) Hidden
SopCast 3.5.0 (HKLM\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
Steuer 2009 (HKLM\...\{410AB9BC-B057-4D39-9260-660EE1B4BED2}) (Version: 16.12.00.0001 - Haufe-Lexware GmbH & Co. KG)
Steuer-Hilfesammlung 2009 (HKLM\...\{C3542652-4C59-4A96-982A-06EBB3F47819}) (Version: 16.0.1.0 - Haufe Mediengruppe)
Strip Poker Red Light Edition (HKLM\...\{5074B11E-5DB6-43EA-BF65-6C6656FE8EE2}) (Version: 1.00.0000 - AIM Productions)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
TagScanner 5.1.630 (HKLM\...\TagScanner_is1) (Version:  - Sergey Serkov)
Tunebite (HKLM\...\{AAF42F9E-8900-4FC1-8087-000B12A91AE2}) (Version: 7.2.12800.0 - RapidSolution Software AG)
TuneUp Utilities 2012 (HKLM\...\TuneUp Utilities 2012) (Version: 12.0.3600.73 - TuneUp Software)
TuneUp Utilities 2012 (Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.73 - TuneUp Software) Hidden
TV-Browser 3.2.1 (HKLM\...\tvbrowser) (Version: 3.2.1 - TV-Browser Team)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB2.0 PC Camera (SN9C201&202) (HKLM\...\{75438C0E-9925-412E-AD85-D0E71C6CE2ED}) (Version: 5.7.15.001 - Sonix)
Video Converter Packages (HKCU\...\Video Converter Packages) (Version:  - ) <==== ATTENTION
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.8.7 - Shark007)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
wellwasser® bluescreen 1.7.1 (HKLM\...\wellwasser® bluescreen_is1) (Version:  - wellwasser®)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9-Reihe (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9-Reihe (Version: 9.00.3374 - Microsoft Corporation) Hidden
WinX Free VOB to MP4 Converter 2.0.8 (HKLM\...\WinX Free VOB to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )

==================== Restore Points  =========================


==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0A9AB979-4566-481E-9163-1A290493CFEF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-30] (Google Inc.)
Task: {0FF75100-F431-452C-AA00-637E11C85459} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-13] (Adobe Systems Incorporated)
Task: {14FC35F0-4FDC-4194-A282-C0849D7AD174} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-30] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {330018FA-6766-4A15-9264-001467BFB01F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-572801753-308004176-650481581-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3E7E63AB-898B-4F7F-AA93-742561420DD3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {54E413D7-C948-43BF-9D7E-85AD1B8E05A9} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {A787E58C-961E-4527-994C-5F86EEAB1150} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C15D92C8-3BB2-434A-B8FB-A998312005C7} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {C842F1A6-B518-4E28-867D-81F5182442E9} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-572801753-308004176-650481581-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D12DFD04-B1F7-4F6E-A42E-E7CEA03DC6CB} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-572801753-308004176-650481581-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {DDF16846-AAEC-43A2-A2CD-2101346AA5CD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-572801753-308004176-650481581-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E336E3F0-F871-4947-85E4-B921CDB0FCB8} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-04-30] () <==== ATTENTION
Task: {E437DCB5-2E32-4066-8766-6E99EBBBF1FF} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-572801753-308004176-650481581-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2011-01-25] ()
Task: {F56581E1-3F15-4641-94C7-626FA0EE7C64} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-572801753-308004176-650481581-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F6E4A2E9-7158-49F4-9BC4-C2F34B5522B7} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-572801753-308004176-650481581-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf9231945bab4.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Microsoft_Hardware_Launch_LcBuddy_exe.job => C:\Program Files\Microsoft LifeCam\LcBuddy.exe
Task: C:\Windows\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-572801753-308004176-650481581-1000.job => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
Task: C:\Windows\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-572801753-308004176-650481581-1000.job => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe
Task: C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-572801753-308004176-650481581-1000.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012.job => C:\Program Files\TuneUp Utilities 2012\OneClick.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-19 19:01 - 2014-06-20 09:27 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00144896 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 02376192 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00282112 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00084992 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00086528 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00114688 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00071680 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00224768 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00134656 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00293888 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00081408 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00079360 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00469504 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00693760 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00074240 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00120320 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00071168 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00143360 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 01405440 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00335872 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 01285120 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00087552 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00072704 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 11387392 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00325632 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00122368 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00077312 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00074240 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00071680 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00229888 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00221696 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00074240 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 01338880 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00086016 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 01759232 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00076288 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00393728 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00070656 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_attachment_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00218112 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00107520 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00164864 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 01551872 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00072192 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00070144 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00073216 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00071680 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00071680 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00070656 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00082432 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2013-04-14 18:59 - 2013-04-14 18:59 - 00069632 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll
2013-04-14 18:58 - 2013-04-14 18:58 - 00076288 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-07-13 17:57 - 2014-07-13 17:57 - 17029808 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-08-20 23:17 - 2014-06-29 10:34 - 00020480 _____ () c:\program files\real\realplayer\lang\pdgenxfer_de.dll
2013-08-20 23:17 - 2014-06-29 10:33 - 00102400 _____ () C:\Program Files\Real\RealPlayer\Visualizations\albumart.rpv

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Götzendorf\Documents\Amtliche_Bekanntmachungen 1.eml:OECustomProperty
AlternateDataStreams: C:\Users\Götzendorf\Documents\Amtliche_Bekanntmachungen.eml:OECustomProperty
AlternateDataStreams: C:\Users\Götzendorf\Documents\Amtliche_Bekanntmachungen_04_10_2010.eml:OECustomProperty
AlternateDataStreams: C:\Users\Götzendorf\Documents\Amtliche_Bekanntmachungen_06_09_2010.eml:OECustomProperty
AlternateDataStreams: C:\Users\Götzendorf\Documents\Amtliche_Bekanntmachungen_08_02_10.eml:OECustomProperty
AlternateDataStreams: C:\Users\Götzendorf\Documents\Amtliche_Bekanntmachungen_13_09_2010.eml:OECustomProperty
AlternateDataStreams: C:\Users\Götzendorf\Documents\Amtliche_Bekanntmachungen_15_02_10.eml:OECustomProperty
AlternateDataStreams: C:\Users\Götzendorf\Documents\Amtliche_Bekanntmachungen_20_09_2010.eml:OECustomProperty
AlternateDataStreams: C:\Users\Götzendorf\Documents\Verbandstagungen_2010.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BgMainSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BgLiveSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BgMainSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AeLookupSvc => 2
MSCONFIG\Services: ALG => 3
MSCONFIG\Services: AntiVirMailService => 2
MSCONFIG\Services: AntiVirSchedulerService => 2
MSCONFIG\Services: AntiVirService => 2
MSCONFIG\Services: AntiVirWebService => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: AudioEndpointBuilder => 2
MSCONFIG\Services: Audiosrv => 2
MSCONFIG\Services: avast! Antivirus => 2
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: BgLiveSvc => 2
MSCONFIG\Services: BgMainSvc => 2
MSCONFIG\Services: BITS => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Browser => 2
MSCONFIG\Services: BsFileScan => 2
MSCONFIG\Services: BsFire => 2
MSCONFIG\Services: BsMailProxy => 2
MSCONFIG\Services: CertPropSvc => 3
MSCONFIG\Services: clr_optimization_v4.0.30319_32 => 2
MSCONFIG\Services: COMSysApp => 3
MSCONFIG\Services: CryptSvc => 3
MSCONFIG\Services: DFSR => 3
MSCONFIG\Services: Dhcp => 2
MSCONFIG\Services: Dnscache => 2
MSCONFIG\Services: dot3svc => 3
MSCONFIG\Services: DPS => 2
MSCONFIG\Services: EapHost => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: ehstart => 2
MSCONFIG\Services: EMDMgmt => 2
MSCONFIG\Services: Eventlog => 2
MSCONFIG\Services: EventSystem => 2
MSCONFIG\Services: fdPHost => 3
MSCONFIG\Services: FDResPub => 2
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: FontCache3.0.0.0 => 3
MSCONFIG\Services: fsssvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: hidserv => 2
MSCONFIG\Services: hkmsvc => 3
MSCONFIG\Services: IDriverT => 2
MSCONFIG\Services: idsvc => 3
MSCONFIG\Services: IKEEXT => 2
MSCONFIG\Services: IPBusEnum => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: KeyIso => 3
MSCONFIG\Services: KtmRm => 2
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: LanmanWorkstation => 2
MSCONFIG\Services: lltdsvc => 3
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: Microsoft SharePoint Workspace Audit Service => 3
MSCONFIG\Services: MMCSS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: MSCamSvc => 2
MSCONFIG\Services: MSDTC => 3
MSCONFIG\Services: MSiSCSI => 3
MSCONFIG\Services: msiserver => 2
MSCONFIG\Services: napagent => 3
MSCONFIG\Services: Netlogon => 3
MSCONFIG\Services: Netman => 3
MSCONFIG\Services: netprofm => 2
MSCONFIG\Services: NlaSvc => 2
MSCONFIG\Services: nsi => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: p2pimsvc => 3
MSCONFIG\Services: p2psvc => 3
MSCONFIG\Services: PcaSvc => 2
MSCONFIG\Services: PDHRKNTS => 3
MSCONFIG\Services: pla => 3
MSCONFIG\Services: PNRPAutoReg => 3
MSCONFIG\Services: PNRPsvc => 3
MSCONFIG\Services: PolicyAgent => 2
MSCONFIG\Services: ProtectedStorage => 3
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: RasAuto => 3
MSCONFIG\Services: RasMan => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: RpcLocator => 3
MSCONFIG\Services: SamSs => 2
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: seclogon => 2
MSCONFIG\Services: SENS => 2
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: ShellHWDetection => 2
MSCONFIG\Services: SLUINotify => 3
MSCONFIG\Services: SNMPTRAP => 3
MSCONFIG\Services: Spooler => 2
MSCONFIG\Services: SSDPSRV => 3
MSCONFIG\Services: SstpSvc => 3
MSCONFIG\Services: stisvc => 2
MSCONFIG\Services: swprv => 3
MSCONFIG\Services: SysMain => 2
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TBS => 2
MSCONFIG\Services: TermService => 2
MSCONFIG\Services: TGCM_ImportWiFiSvc => 2
MSCONFIG\Services: Themes => 2
MSCONFIG\Services: THREADORDER => 3
MSCONFIG\Services: TOSHIBA Bluetooth Service => 2
MSCONFIG\Services: TrkWks => 2
MSCONFIG\Services: TrustedInstaller => 3
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: UI0Detect => 3
MSCONFIG\Services: upnphost => 3
MSCONFIG\Services: UxSms => 2
MSCONFIG\Services: vds => 3
MSCONFIG\Services: VSS => 3
MSCONFIG\Services: W32Time => 2
MSCONFIG\Services: wcncsvc => 3
MSCONFIG\Services: WcsPlugInService => 3
MSCONFIG\Services: WdiServiceHost => 3
MSCONFIG\Services: WdiSystemHost => 2
MSCONFIG\Services: WebClient => 2
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: wercplsupport => 3
MSCONFIG\Services: WerSvc => 2
MSCONFIG\Services: WinHttpAutoProxySvc => 3
MSCONFIG\Services: Winmgmt => 2
MSCONFIG\Services: WinRM => 3
MSCONFIG\Services: Wlansvc => 2
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: wmiApSrv => 3
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 2
MSCONFIG\Services: WPFFontCache_v0400 => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: wudfsvc => 2
MSCONFIG\startupfolder: C:^Users^Götzendorf^AppData^Roaming^microsoft^windows^start menu^programs^altAutostart^_uninst_30677713.lnk => C:\Windows\pss\_uninst_30677713.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Götzendorf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Netzmanager.lnk => C:\Windows\pss\Netzmanager.lnk.Startup
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~1\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: qcgce2mrvjq91kk1e7pnbb19m52fx => C:\Users\GTZEND~1\AppData\Local\Temp\kyclskqbqdelxucmn.exe
MSCONFIG\startupreg: RegistryBooster => "F:\Gndorf\Vista\Program Files\Uniblue\RegistryBooster\launcher.exe" delay 20000 
MSCONFIG\startupreg: SweetIM => C:\Program Files\SweetIM\Messenger\SweetIM.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter #6
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Mobile Intel(R) 4 Series Express Chipset Family
Description: Mobile Intel(R) 4 Series Express Chipset Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/08/2014 05:49:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/08/2014 05:49:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/08/2014 05:48:43 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/08/2014 05:26:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/08/2014 05:26:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/08/2014 05:26:22 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/08/2014 05:02:36 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: Die indizierten Daten des Windows-Suchdiensts für den Benutzer 'Götzendorf-PC\Gast' können im Zuge der Löschung des Benutzerprofils nicht entfernt werden. Fehlercode 0x8007043C.

Der Dienst kann nicht im abgesicherten Modus gestartet werden.
.

Error: (07/08/2014 04:42:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/08/2014 04:42:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/08/2014 04:42:37 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


System errors:
=============
Error: (07/14/2014 07:05:48 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: Götzendorf-PC)
Description: 0x800f0a03

Error: (07/14/2014 07:02:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070643Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.177.2448.0){EC826958-0EA7-4CC6-804F-602D0E6F43D6}201

Error: (07/12/2014 09:18:01 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: 0x80070643Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.177.2330.0){62F6FB04-5384-4F28-8A2B-9AF4C3E84C6D}201

Error: (07/08/2014 05:49:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (07/08/2014 05:49:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (07/08/2014 05:49:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (07/08/2014 05:49:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (07/08/2014 05:49:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: AFD
afw
AswRdr
aswRvrt
aswSnx
aswSP
aswTdi
aswVmm
avipbb
avkmgr
DfsC
emqa
MpFilter
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
Smb
spldr
tdx
Wanarpv6

Error: (07/08/2014 05:49:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (07/08/2014 05:49:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: NLA (Network Location Awareness)Netzwerkspeicher-Schnittstellendienst%%1068


Microsoft Office Sessions:
=========================
Error: (07/08/2014 05:49:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (07/08/2014 05:49:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (07/08/2014 05:48:43 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/08/2014 05:26:54 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (07/08/2014 05:26:53 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (07/08/2014 05:26:22 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/08/2014 05:02:36 PM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )
Description: Götzendorf-PC\Gast0x8007043CDer Dienst kann nicht im abgesicherten Modus gestartet werden.

Error: (07/08/2014 04:42:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (07/08/2014 04:42:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (07/08/2014 04:42:37 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c


CodeIntegrity Errors:
===================================
  Date: 2014-07-13 14:54:12.284
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-13 14:54:11.444
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 15:15:32.607
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 15:15:32.133
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 09:26:23.437
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-14 09:26:22.847
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-24 12:31:21.017
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-24 12:31:20.555
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 15:48:31.477
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-05-06 15:48:30.683
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Hook\rndlchrome10browserrecordhelper.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 56%
Total physical RAM: 2939.06 MB
Available physical RAM: 1271.54 MB
Total Pagefile: 6090.37 MB
Available Pagefile: 4580.26 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.17 MB

==================== Drives ================================

Drive c: (Vista) (Fixed) (Total:148.9 GB) (Free:4.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:147.73 GB) (Free:0.99 GB) NTFS
Drive f: (Volume) (Fixed) (Total:1863.01 GB) (Free:1344.05 GB) NTFS
Drive i: () (Removable) (Total:14.83 GB) (Free:13.67 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 13DE484C)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=149 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=148 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E2B647AC)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================
         

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
GroupPolicyUsers\C:\Windows\system32\GroupPolicyUsers\Registry.pol: Group Policy restriction detected <======= ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Adware & Co. deinstallieren

• Lade Dir bitte von hier Revo Uninstaller herunter.
• Installiere und starte das Programm.
• Suche im Uninstallerfeld nach den Programmen, die unter:
  
  diesen Zusatz haben:
  
• Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

FRSt bringt immer den selben Fehlerhinweis:
No fixlist.txt found.
The fixlist.txt should be in the same folder/directory the tool is located.
Ich habe die Dateien im selben Ordner und dann nochmals auf den Desktop abgespeichert

Du hast entgegen der Anleitung FRST im Download Ordner, nicht auf dem Desktop. Also muss die fixlist auch in den Download Ordner

Code: Alles auswählenAufklappen

ATTFilter

Entschuldige. Ich hatte sie im richtigen Ordner aber unter Fixlog abgespeichert. Nun bekomme ich nach dem Anklicken von FRST die Meldung Update complete und nachdem ich auf fix-button gedrückt habe folgenden Fehlerhinweis:
Warning:
Looks you don`t know what to do. To prevent damage to the system the tool will exit.
 Das Pogramm schließt  und bildet eine neue Datei im Ordner First-OlderVersion ohne fixlist.Dies gibt dann eine Schleife
Fixlist wird somit nicht angezeigt.
FRST.exe. Fixlist.txt
Dokument: FRST-OlderVersion- Inhalt: FRST.exe, FRST-OlderVersion

Kann ich Vorfeld schon den Revo Uninstaller und Combofix .exe einsetzen?


Gruß
Daddy999
         

FRST bitte löschen und neu laden, auf den Desktop.
fixlist.txt wie oben beschrieben erstellen mit dem Text und auf dem Desktop speichern.
FRST öffnen und Fix drücken.

Das muss gehen

Code: Alles auswählenAufklappen

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:24-07-2014 01
Ran by Götzendorf at 2014-07-25 18:09:51 Run:2
Running from C:\Users\Götzendorf\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
GroupPolicyUsers\C:\Windows\system32\GroupPolicyUsers\Registry.pol: Group Policy restriction detected <======= ATTENTION
         
*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
"C:\Windows\system32\GroupPolicyUsers\C:\Windows\system32\GroupPolicyUsers\Registry.pol" => File/Directory not found.

==== End of Fixlog ====
         

guck an, geht doch

Dann jetzt den Rest von oben

Ich habe Rvo uninstaller durchgeführt. Im Additionstxt waren nur die Dateien ask.com Toolbar und Avira toolbar, sowie Video Converter Package mit Attentions ausgewiesen. Ist dies korrekt, da in der Fixlist alle Virenprogramme damit ausgewiesen waren? Kann ich dann Combofix laufen lassen?